martshopsave.comという表示のホームぺージになってしまう
初めて相談させていただきます。
相談の内容は先日より急にホームページがsmartshopsave.comという表示になってしまいました。
このような件は初めてのため相談させていただきました。よろしくお願いします。
ユニブルーなるソフトが最近急に出るようになりアンインストール項目もないため削除ができません
お忙しいとは思いますが対応お願いします
「HJT」
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:57:55, on 2016/02/09
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Baidu\IME\3.5.2.51\BaiduIME.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Baidu\IME\3.5.2.51\BaiduPlatform.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\78a595fd-df95-40de-93ec-d80a00f25811\plugins\7\plugin.exe
C:\ProgramData\78a595fd-df95-40de-93ec-d80a00f25811\plugins\3\plugin.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\輝\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Search My Window - {4e31961d-e8c3-4ab0-9829-8e0f08f8dd01} - C:\Program Files (x86)\Search My Window\Extensions\4e31961d-e8c3-4ab0-9829-8e0f08f8dd01.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX for UNITCOM Backup Service (AOSBOXforUNITCOM Backup Service) - Unknown owner - C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Baidu Japanese IME Service_3.5.2.51 (BaiduJP_IME_Service_3.5.2.51) - Baidu Inc. - C:\Program Files (x86)\Baidu\IME\3.5.2.51\BaiduJPServ.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service Mgr SearchMyWindow - Unknown owner - C:\ProgramData\78a595fd-df95-40de-93ec-d80a00f25811\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UCManSvc - Paltiosoft Inc. - C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr SearchMyWindow - Unknown owner - C:\Program Files (x86)\Common Files\78a595fd-df95-40de-93ec-d80a00f25811\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10467 bytes
「CC」

3D Builder Microsoft Corporation 2016/01/26 10.10.38.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2016/02/09 214 MB 15.010.20056
Adobe AIR Adobe Systems Incorporated 2016/02/03 23.6 MB 20.0.0.233
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2016/01/26 4.29 MB 20.0.0.286
AOSBOX for UNITCOM AOSBOX for UNITCOM 2016/02/08 16.2 MB 2.1
Apple Application Support(32 ビット) Apple Inc. 2015/12/25 148 MB 4.1.2
Apple Application Support(64 ビット) Apple Inc. 2015/12/25 166 MB 4.1.2
Apple Mobile Device Support Apple Inc. 2015/10/23 42.7 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/09/22 4.63 MB 2.1.4.131
Avast Internet Security AVAST Software 2016/02/08 1.31 GB 11.1.2253
Baidu IME 3.5 Baidu Japan Inc. 2016/01/26 3.5
Bonjour Apple Inc. 2015/09/22 3.28 MB 3.1.0.1
Candy Crush Soda Saga king.com 2016/02/03 1.58.400.0
CCleaner Piriform 2016/02/09 5.14
CopyTrans Control Center削除専用 WindSolutions 2016/01/26 4.004
CyberLink Media Suite 10 CyberLink Corp. 2016/02/03 88.6 MB 10.0
DAEMON Tools Lite Disc Soft Ltd 2016/01/26 4.49.1.0356
DVD Decrypter (Remove Only) 2016/01/26
DVD Shrink 3.2 DVD Shrink 2016/02/03 948 KB
Freemake Video Downloader Ellora Assets Corporation 2016/02/07 46.7 MB 3.8.0
GOM Player Gretech Corporation 2016/02/09 77.2 MB 2.2.76.5239
Google Chrome Google Inc. 2015/01/15 490 MB 48.0.2564.103
Groove ミュージック Microsoft Corporation 2016/01/26 3.6.15131.0
Handbrake日本語版 0.9.4 2016/01/26 0.9.4
iCloud Apple Inc. 2015/12/11 146 MB 5.1.0.34
Intel(R) Management Engine Components Intel Corporation 2014/12/24 9.5.15.1730
Intel(R) Rapid Storage Technology Intel Corporation 2014/12/24 12.8.3.1000
iTunes Apple Inc. 2015/12/25 281 MB 12.3.2.35
Java 8 Update 71 Oracle Corporation 2016/01/27 41.6 MB 8.0.710.15
Java 8 Update 74 Oracle Corporation 2016/02/09 21.3 MB 8.0.740.2
Kingsoft Office 2013 (9.1.0.4059) Kingsoft Corp. 2016/01/26 9.1.0.4059
LINE LINE Corporation 2016/01/29 2.1.0.0
LoiLoScope 2 LoiLo inc 2014/12/24 165 MB 2.5.1.2
McAfee Security Scan Plus McAfee, Inc. 2016/01/26 10.2 MB 3.11.266.3
Microsoft Solitaire Collection Microsoft Studios 2016/01/26 3.7.1041.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/12/24 3.85 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/12/24 3.04 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/12/24 1.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/01/18 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/12/24 639 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/12/24 1.25 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/01/18 634 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 14.7 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/01/26 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/01/26 17.3 MB 11.0.61030.0
Microsoft Wi-Fi Microsoft Corporation 2016/01/26 1.1511.2.0
NAVITIME for mouse computer NAVITIME JAPAN 2016/01/26 2.0.3.0
NVIDIA 3D Vision コントローラー ドライバー 344.46 NVIDIA Corporation 2014/12/24 8.29 MB 344.46
NVIDIA 3D Vision ドライバー 344.48 NVIDIA Corporation 2014/12/24 35.6 MB 344.48
NVIDIA GeForce Experience 2.1.3 NVIDIA Corporation 2014/12/24 22.8 MB 2.1.3
NVIDIA HD オーディオ ドライバー 1.3.32.1 NVIDIA Corporation 2014/12/24 8.22 MB 1.3.32.1
NVIDIA Miracast 仮想オーディオ 344.48 NVIDIA Corporation 2014/12/24 5.55 MB 344.48
NVIDIA PhysX システム ソフトウェア 9.14.0702 NVIDIA Corporation 2014/12/24 81.1 MB 9.14.0702
NVIDIA グラフィックス ドライバー 344.48 NVIDIA Corporation 2014/12/24 441 MB 344.48
OneNote Microsoft Corporation 2016/02/04 17.6568.15721.0
PC Mechanic Uniblue Systems Limited 2016/02/07 62.5 MB 1.0.15.0
People Microsoft Corporation 2016/02/04 10.0.10220.0
PowerDirector CyberLink Corp. 2014/12/24 470 MB 9.0.0.5113
Realtek Ethernet Controller Driver Realtek 2014/12/24 3.08 MB 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/02/03 16.0 MB 6.0.1.7058
RGSS-RTP Standard Enterbrain 2015/12/27 21.0 MB 1.03
RPGツクールVX Ace RTP Enterbrain 2015/01/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/21 42.2 MB 1.02
sdrt(5.0, 64bit) パルティオソフト株式会社 2015/01/27 6.74 MB 5.0.3.0
Search My Window Search My Window 2016/02/07 1.01 MB 2.0.5881.4168
Skype を手に入れよう Skype 2016/01/26 3.2.1.0
Sway Microsoft Corporation 2016/02/02 17.6629.20261.0
Twitter Twitter Inc. 2016/01/26 4.3.3.0
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/01/18 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/05/17 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/05/28 18.0 KB 16.0.1515.1
Windows Live Essentials Microsoft Corporation 2014/12/24 16.4.3528.0331
Windows スキャン Microsoft Corporation 2016/01/26 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/01/26 6.3.9654.20947
WinRAR 5.01 (32ビット) win.rar GmbH 2016/02/03 5.22 MB 5.01.0
Xbox Microsoft Corporation 2016/01/26 11.13.6008.0
Yahoo!天気・災害 Yahoo Japan Corporation 2016/01/26 2.0.4.0
あっぱれ!天下御免[祭] 株式会社ネクストン 2015/06/16 7.60 GB 1.00.0000
つよきすFESTIVAL INTERHEART 2016/02/06 4.88 GB 2.3
はじめに Microsoft Corporation 2016/01/26 2.6.12.0
アプリ コネクター Microsoft Corporation 2016/01/26 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/01/26 10.1512.58020.0
カメラ Microsoft Corporation 2016/02/04 2016.128.10.0
ストア Microsoft Corporation 2016/01/28 2015.25.24.0
スポーツ Microsoft Corporation 2016/01/26 4.8.239.0
ドラゴンクエストX オンライン SQUARE ENIX CO., LTD. 2015/11/19 6.81 GB 1.0.1.0
ニュース Microsoft Corporation 2016/01/26 4.8.239.0
フォト Microsoft Corporation 2016/02/05 16.201.11370.0
ボイス レコーダー Microsoft Corporation 2016/01/26 10.1512.21110.0
マップ Microsoft Corporation 2016/01/26 4.1601.10150.0
マネー Microsoft Corporation 2016/01/27 4.8.239.0
メッセージング & Skype Microsoft Corporation 2016/01/26 2.13.20000.0
メール/カレンダー Microsoft Corporation 2016/02/04 17.6568.16731.0
モバイル コンパニオン Microsoft Corporation 2016/02/05 10.1602.3010.0
圧縮解凍ソフト Noah 2016/01/26
天気 Microsoft Corporation 2016/01/26 4.8.239.0
新しい Office を始めよう Microsoft Corporation 2016/02/02 17.6628.23511.0
映画 & テレビ Microsoft Corporation 2016/01/29 3.6.16941.0
真・恋姫†英雄譚3 2016/01/26
電卓 Microsoft Corporation 2016/01/26 10.1601.49020.0
電話 Microsoft Corporation 2016/01/26 2.12.14001.0


  • 風信子
  • 2016/02/09 (Tue) 20:16:49
返信フォームへ 
かなり問題あり。危機感もって本気で対処を
こんばんは。
「このサイトで最弱の小物」「伏魔殿の面汚し」の悪代官です。
説明とログを見せていただきました。
あなたもmartshopsave.com、通称「sss」のトラブルですか。
現在これの相談が毎日当掲示板に絶えませんが、それだけネット上で多数の方が困っているということですね。

見たところ本題以外にもかなり色々食らってますね。
その中のいくつかは「感染」ではなく、ご自身で入れてしまったものです。
FreemakeやDVD Decrypter、DVD Shrink等がどういう評価のものかまったく知らなかったわけではないはずですね。
特に後述の2つは悪評高いだけでは済まないものです。

最初の2つのログだけでもかなりの問題点が見えてますが、このあと解析作業を重ねていくと更に多数の感染等が見つかるのも確実です。

ご自身で本気で解決を目指す意思をお持ちなら、手間を覚悟で作業して原因と経緯を直視したうえで、以後の再被害を防ぐための自衛もしっかり取り組んでください。
楽に片付く近道はありません。
その手間かけての作業に自信ないとか、下手に時間かけている余裕ないなら必要なデータのバックアップを取ったうえでリカバリするのがもっとも簡単かつ安全確実です。
もっともリカバリ選択しても、以後の自衛を理解していなければ再被害もすぐに襲ってくるおそれが大ですから、どんな形で解決してもこれまでと同じようなPCの使い方では通用しないことも認識してください。

ここに投稿する前の「規約」ページの説明も熟読されたうえで、手間を覚悟で作業に挑むなら自分もできるかぎり協力します。
その意思をお持ちなら以下の説明に沿って作業に入ってください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

まずWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

GUを使って下記をアンインストールしてください。
>Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2016/02/09 214 MB 15.010.20056

>Java 8 Update 71 Oracle Corporation 2016/01/27 41.6 MB 8.0.710.15

>Java 8 Update 74 Oracle Corporation 2016/02/09 21.3 MB 8.0.740.2

>Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/12/24 3.85 MB 3.1.0000

>sdrt(5.0, 64bit) パルティオソフト株式会社 2015/01/27 6.74 MB 5.0.3.0

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードで再度GUを使って、下記をアンインストールしてください。
>Baidu IME 3.5 Baidu Japan Inc. 2016/01/26 3.5

>DAEMON Tools Lite Disc Soft Ltd 2016/01/26 4.49.1.0356

>DVD Decrypter (Remove Only) 2016/01/26

>DVD Shrink 3.2 DVD Shrink 2016/02/03 948 KB

>Freemake Video Downloader Ellora Assets Corporation 2016/02/07 46.7 MB 3.8.0

>GOM Player Gretech Corporation 2016/02/09 77.2 MB 2.2.76.5239

>McAfee Security Scan Plus McAfee, Inc. 2016/01/26 10.2 MB 3.11.266.3

>PC Mechanic Uniblue Systems Limited 2016/02/07 62.5 MB 1.0.15.0

>Search My Window Search My Window 2016/02/07 1.01 MB 2.0.5881.4168

>WinRAR 5.01 (32ビット) win.rar GmbH 2016/02/03 5.22 MB 5.01.0

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
O2 - BHO: Search My Window - {4e31961d-e8c3-4ab0-9829-8e0f08f8dd01} - C:\Program Files (x86)\Search My Window\Extensions\4e31961d-e8c3-4ab0-9829-8e0f08f8dd01.dll

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe

O23 - Service: Baidu Japanese IME Service_3.5.2.51 (BaiduJP_IME_Service_3.5.2.51) - Baidu Inc. - C:\Program Files (x86)\Baidu\IME\3.5.2.51\BaiduJPServ.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe

O23 - Service: Service Mgr SearchMyWindow - Unknown owner - C:\ProgramData\78a595fd-df95-40de-93ec-d80a00f25811\plugincontainer.exe

O23 - Service: UCManSvc - Paltiosoft Inc. - C:\Program Files (x86)\SoftDenchi\UCManSvc.exe

O23 - Service: Update Mgr SearchMyWindow - Unknown owner - C:\Program Files (x86)\Common Files\78a595fd-df95-40de-93ec-d80a00f25811\updater.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。
  • 悪代官
  • 2016/02/09 (Tue) 20:55:41
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/12/24 3.85 MB 3.1.0000
についてはこれを直接消すのではなく、

Windows Live Essentials Microsoft Corporation 2014/12/24 16.4.3528.0331
を削除してください
  • 掃除屋
  • 2016/02/09 (Tue) 23:38:43
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
ご丁寧な対応ありがとうございます。
今まで自衛やソフトについてなどの学習や対策をいかに怠ってきたのかを悪代官さんの文章で、自分のひどい現状を理解する事が出来ました。
私も本気で今後を変えて行きたい為、ご指導お願いします。

悪代官さんの指示内容はすべて終了しました。
HJTのチェックを入れる項目は
O2 - BHO: Search My Window - {4e31961d-e8c3-4ab0-9829-8e0f08f8dd01} - C:\Program Files (x86)\Search My Window\Extensions\4e31961d-e8c3-4ab0-9829-8e0f08f8dd01.dll
しか該当するものがありませんでした。
掃除屋さんの内容
はMicrosoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/12/24 3.85 MB 3.1.0000削除後に目を通した為、行っていません
現状ではクロームのトップsmartshopsave.comhaは表示されませんが、IEはまだ表示されます。

下記が現状のログですご確認ください
[windows]
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe" "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOM.exe" "-Delay"

[スケジュールされたタスク]
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-500
有効 Task PC-Mechanic Maintenance C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe -m
有効 Task PC-Mechanic Startup C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe -ul -l -n
有効 Task SafeZone scheduled Autoupdate 1454864357 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task WpsUpdateTask_Administrator Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task WpsUpdateTask_輝 Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task {4B3E6F75-87CC-4616-8E5D-4ADEC449AA83} Microsoft Corporation C:\Windows\system32\pcalua.exe -a H:\保存\noahinst.exe -d H:\保存
有効 Task {CE53D9AB-3971-425A-AE33-E7BF5A841429} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\輝\Downloads\noahinst.exe -d C:\Users\輝\Downloads

[コンテキストメニュー]
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File 00avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 Folder avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll

[intenetexplorer]
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

[googlechrome]

有効 App Gmail 8.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
無効 Extension Avast Online Security 11.1.0.210 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0
無効 Extension Avast SafePrice 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0
無効 Extension PicTwitterFull 2.1.3 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0
無効 Extension アイドルマスター シンデレラガールズ[ChromeApps版] 1.0.4 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0
無効 Extension グランブルーファンタジー[ChromeApps版] 1.3.2 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0

[HJT]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:26:25, on 2016/02/10
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\輝\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX for UNITCOM Backup Service (AOSBOXforUNITCOM Backup Service) - Unknown owner - C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8194 bytes

[CC]
3D Builder Microsoft Corporation 2016/01/26 10.10.38.0
Adobe AIR Adobe Systems Incorporated 2016/02/03 23.6 MB 20.0.0.233
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2016/02/10 8.40 MB 20.0.0.306
AOSBOX for UNITCOM AOSBOX for UNITCOM 2016/02/08 16.2 MB 2.1
Apple Application Support(32 ビット) Apple Inc. 2015/12/25 148 MB 4.1.2
Apple Application Support(64 ビット) Apple Inc. 2015/12/25 166 MB 4.1.2
Apple Mobile Device Support Apple Inc. 2015/10/23 42.7 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/09/22 4.63 MB 2.1.4.131
Avast Internet Security AVAST Software 2016/02/08 1.31 GB 11.1.2253
Bonjour Apple Inc. 2015/09/22 3.28 MB 3.1.0.1
Candy Crush Soda Saga king.com 2016/02/03 1.58.400.0
CCleaner Piriform 2016/02/09 5.14
CopyTrans Control Center削除専用 WindSolutions 2016/01/26 4.004
CyberLink Media Suite 10 CyberLink Corp. 2016/02/03 88.6 MB 10.0
Google Chrome Google Inc. 2015/01/15 490 MB 48.0.2564.103
Groove ミュージック Microsoft Corporation 2016/01/26 3.6.15131.0
Handbrake日本語版 0.9.4 2016/01/26 0.9.4
iCloud Apple Inc. 2015/12/11 146 MB 5.1.0.34
Intel(R) Management Engine Components Intel Corporation 2014/12/24 9.5.15.1730
Intel(R) Rapid Storage Technology Intel Corporation 2014/12/24 12.8.3.1000
iTunes Apple Inc. 2015/12/25 281 MB 12.3.2.35
Kingsoft Office 2013 (9.1.0.4059) Kingsoft Corp. 2016/01/26 9.1.0.4059
LINE LINE Corporation 2016/01/29 2.1.0.0
LoiLoScope 2 LoiLo inc 2014/12/24 165 MB 2.5.1.2
Microsoft Solitaire Collection Microsoft Studios 2016/01/26 3.7.1041.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/12/24 3.04 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/12/24 1.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/01/18 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/12/24 639 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/12/24 1.25 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/01/18 634 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 14.7 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/01/26 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/01/26 17.3 MB 11.0.61030.0
Microsoft Wi-Fi Microsoft Corporation 2016/01/26 1.1511.2.0
NAVITIME for mouse computer NAVITIME JAPAN 2016/01/26 2.0.3.0
NVIDIA 3D Vision コントローラー ドライバー 344.46 NVIDIA Corporation 2014/12/24 8.29 MB 344.46
NVIDIA 3D Vision ドライバー 344.48 NVIDIA Corporation 2014/12/24 35.6 MB 344.48
NVIDIA GeForce Experience 2.1.3 NVIDIA Corporation 2014/12/24 22.8 MB 2.1.3
NVIDIA HD オーディオ ドライバー 1.3.32.1 NVIDIA Corporation 2014/12/24 8.22 MB 1.3.32.1
NVIDIA Miracast 仮想オーディオ 344.48 NVIDIA Corporation 2014/12/24 5.55 MB 344.48
NVIDIA PhysX システム ソフトウェア 9.14.0702 NVIDIA Corporation 2014/12/24 81.1 MB 9.14.0702
NVIDIA グラフィックス ドライバー 344.48 NVIDIA Corporation 2014/12/24 441 MB 344.48
OneNote Microsoft Corporation 2016/02/04 17.6568.15721.0
People Microsoft Corporation 2016/02/04 10.0.10220.0
PowerDirector CyberLink Corp. 2014/12/24 470 MB 9.0.0.5113
Realtek Ethernet Controller Driver Realtek 2014/12/24 3.08 MB 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/02/03 16.0 MB 6.0.1.7058
RGSS-RTP Standard Enterbrain 2015/12/27 21.0 MB 1.03
RPGツクールVX Ace RTP Enterbrain 2015/01/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/21 42.2 MB 1.02
Skype を手に入れよう Skype 2016/01/26 3.2.1.0
Sway Microsoft Corporation 2016/02/02 17.6629.20261.0
Twitter Twitter Inc. 2016/01/26 4.3.3.0
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/01/18 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/05/17 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/05/28 18.0 KB 16.0.1515.1
Windows Live Essentials Microsoft Corporation 2014/12/24 16.4.3528.0331
Windows スキャン Microsoft Corporation 2016/01/26 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/01/26 6.3.9654.20947
Xbox Microsoft Corporation 2016/01/26 11.13.6008.0
Yahoo!天気・災害 Yahoo Japan Corporation 2016/01/26 2.0.4.0
あっぱれ!天下御免[祭] 株式会社ネクストン 2015/06/16 7.60 GB 1.00.0000
つよきすFESTIVAL INTERHEART 2016/02/06 4.88 GB 2.3
はじめに Microsoft Corporation 2016/01/26 2.6.12.0
アプリ コネクター Microsoft Corporation 2016/01/26 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/01/26 10.1512.58020.0
カメラ Microsoft Corporation 2016/02/04 2016.128.10.0
ストア Microsoft Corporation 2016/01/28 2015.25.24.0
スポーツ Microsoft Corporation 2016/01/26 4.8.239.0
ドラゴンクエストX オンライン SQUARE ENIX CO., LTD. 2015/11/19 6.81 GB 1.0.1.0
ニュース Microsoft Corporation 2016/01/26 4.8.239.0
フォト Microsoft Corporation 2016/02/05 16.201.11370.0
ボイス レコーダー Microsoft Corporation 2016/01/26 10.1512.21110.0
マップ Microsoft Corporation 2016/01/26 4.1601.10150.0
マネー Microsoft Corporation 2016/01/27 4.8.239.0
メッセージング & Skype Microsoft Corporation 2016/01/26 2.13.20000.0
メール/カレンダー Microsoft Corporation 2016/02/10 17.6568.16901.0
モバイル コンパニオン Microsoft Corporation 2016/02/05 10.1602.3010.0
圧縮解凍ソフト Noah 2016/01/26
天気 Microsoft Corporation 2016/01/26 4.8.239.0
新しい Office を始めよう Microsoft Corporation 2016/02/02 17.6628.23511.0
映画 & テレビ Microsoft Corporation 2016/01/29 3.6.16941.0
真・恋姫†英雄譚3 2016/01/26
電卓 Microsoft Corporation 2016/01/26 10.1601.49020.0
電話 Microsoft Corporation 2016/01/26 2.12.14001.0

よろしくお願いします。
  • 風信子
  • 2016/02/10 (Wed) 22:53:42
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
>はMicrosoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/12/24 3.85 MB 3.1.0000削除後に目を通した為、行っていません
SQL消したのであればWindows Live Essentials を残す必要もありませんし、
現在は使うべきじゃないものなので削除してください。
  • 掃除屋
  • 2016/02/10 (Wed) 23:00:06
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
追加でGUによるWindows Live Essentials の削除を行いました。
掃除屋さんありがとうございます。
  • 風信子
  • 2016/02/10 (Wed) 23:50:07
返信フォームへ 
次はCCでスケジュールの処置から
作業と報告、ご苦労様です。
掃除屋さん、また自分の指示ミスのフォローありがとうございます。

HJTで対象のエントリが見えないならそこは飛ばして進めていいです。
異常もまだ続いているようですね。

続きのログも見せてもらってまたわかりました。やはりスケジュールに食い込まれてますね。
ではまた説明に沿って続きの作業です。

先の要領でまたCCを起動して「スケジュールされたタスク」内の下記を右クリックから「無効」にしたあと続けて「エントリの削除」してください。無効化できないときはそのまま削除でもいいです。
>有効 Task PC-Mechanic Maintenance C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe -m

>有効 Task PC-Mechanic Startup C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe -ul -l -n

CCを終了したら次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2016/02/11 (Thu) 07:21:11
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
丁寧なご指導ありがとうございます。
上記作業すべて行えました、現状クローム、IE共にsmartshopsave.com
の表示が消えました

[AC]
# AdwCleaner v5.033 - ログファイルの作成日 11/02/2016 作成時間 21:14:39
# 更新日 07/02/2016 作成元 Xplode
# データベース : 2016-02-07.2 [サーバー]
# オペレーティングシステム : Windows 10 Home (x64)
# ユーザー名 : 輝 - でろりあん
# 実行場所 : C:\Users\輝\Downloads\AdwCleaner.exe
# オプション : 削除
# サポート : http://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****

[-] フォルダ 削除済み項目 : C:\ProgramData\Babylon
[-] フォルダ 削除済み項目 : C:\Users\輝\AppData\Local\Babylon
[-] フォルダ 削除済み項目 : C:\Users\輝\AppData\Roaming\Babylon
[-] フォルダ 削除済み項目 : C:\Users\輝\AppData\Roaming\RPEng

***** [ ファイル ] *****


***** [ DLLs ] *****


***** [ ショートカット ] *****


***** [ スケジュールタスク ] *****


***** [ レジストリ ] *****

[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Uniblue
[-] データ 復元済み項目 : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] データ 復元済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] 値 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FE3F722A-7BBC-4ae5-B9C7-CA93F1A19EB2}
[-] データ 復元済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] 値 削除済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] キー 削除済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}
[-] データ 復元済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Webブラウザ ] *****

[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 削除済み項目 : searchinterneat-a.akamaihd.net
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399037140&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399040407&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399040604&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399041428&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399042048&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399043133&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://istart.webssearches.com/?type=hppp&ts=1399043841&from=tugs&uid=SAMSUNGXHD103SJ_S26MJ90B600251
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScw8BBAtCFxgTJgkJTA1HQFYOIVwOAxRFGQxCJloLBAgQQgYFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE8WGJKLl1XFg==
[-] [C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] 削除済み項目 : hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgLVwAUEwYVbQleUQhcFQNCIxRZBA8TDAEbeVheAgoUEFRAcx9aFQQTQkcFME0FBloEURNNfWpdAEsSSXhaF1BWBVYG&q={searchTerms}

*************************

:: "Tracing"キーは削除します
:: Winsock設定を初期化しました

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4407 バイト] ##########

[MBAM]
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2016.02.11.02

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.63.10586.0
輝 :: でろりあん [管理者]

2016/02/11 21:21:16
mbam-log-2016-02-11 (21-21-16).txt

スキャンタイプ: フルスキャン (C:\|D:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 791498
経過時間: 1 時間, 30 分, 15 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 2
HKCR\AppID\{e53a86d5-6dfa-4f48-b516-6c4bec64ef59} (PUP.Optional.Yontoo) -> 正常に隔離され削除されました。
HKCR\AppID\{ea2c41fe-e042-4eae-b522-336eddd8a43e} (PUP.Optional.Yontoo) -> 正常に隔離され削除されました。

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 4
C:\Windows.old\Users\輝\AppData\Local\Temp\DeltaTB.exe (PUP.Optional.Delta.ShrtCln) -> 正常に隔離され削除されました。
C:\Windows.old\Users\輝\AppData\Local\Temp\6CC43BAE-BAB0-7891-9820-D19E8B25CBCE\Latest\BExternal.dll (PUP.Optional.Babylon) -> 正常に隔離され削除されました。
C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_searchmywindow-a.akamaihd.net_0.localstorage (PUP.Optional.Yontoo) -> 正常に隔離され削除されました。
C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_searchmywindow-a.akamaihd.net_0.localstorage-journal (PUP.Optional.Yontoo) -> 正常に隔離され削除されました。

(終)
ご確認お願いします。
  • 風信子
  • 2016/02/12 (Fri) 00:18:56
返信フォームへ 
次はOTLで調べます
レスが遅くなってすみません。

>上記作業すべて行えました、現状クローム、IE共にsmartshopsave.com
>の表示が消えました

はい、両ログも見せてもらいましたが、yontooやbabylonなどがぞろぞろ検出処置されましたね。

では異常が沈静化したところで、更に掘り下げて調べましょう。
その時点ではまだ解決にはなりません。
まだ隠れているものを別のツールで別角度からあぶり出します。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2016/02/12 (Fri) 20:13:11
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
OTLでスキャンを行いました確認お願いします。

[Extras]
OTL Extras logfile created on: 2016/02/12 21:12:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\輝\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 63.06% Memory free
9.20 Gb Paging File | 6.41 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 915.75 Gb Total Space | 463.70 Gb Free Space | 50.64% Space Free | Partition Type: NTFS

Computer Name: でろりあん | User Name: 輝 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- [2016/02/11 20:15:47 | 000,000,000 | ---D | M]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C0 5A 89 C1 F4 57 D1 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1 -- [2016/02/11 20:15:47 | 000,000,000 | ---D | M]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2016/02/11 20:15:47 | 000,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2016/02/11 20:15:47 | 000,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2016/02/11 20:15:47 | 000,000,000 | ---D | M]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE810CE-4AA0-428F-86F8-66F82F0DC9D2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{41148AA8-763F-4D67-B035-F4042C72B7AA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{56AE0053-A222-4447-9BD4-8A2F551B9EBC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AF340213-82FD-4A71-94B4-1BBE5F60BEB7}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D3C7740C-F0C9-42E0-A8EB-65B39FC172B9}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{ED358D3B-15E8-49A1-97AD-88D09C6D1998}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{FBA15612-6C8D-4EC7-AFE8-63B005BDD55C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0056D6FC-88FF-4D94-ADF4-C831FD665FA3}" = dir=in | name=xbox |
"{04854398-D695-48A1-992E-BFE9C077589B}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0625084D-F996-419D-AA67-E8D1E7C7CBE8}" = dir=in | name=@{microsoft.bingfinance_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{06F6BC81-CDE9-4147-9710-E9BED5F989DA}" = dir=out | name=@{microsoft.windows.photos_16.201.11370.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{0DDF07E6-2D2E-49CA-9112-CBC62EEA6734}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0F005645-C7C8-41C8-8A07-91C4EAE321EB}" = dir=out | name=microsoft solitaire collection |
"{13DD27E2-0579-4C46-AFE9-FA0F9CD052DA}" = dir=out | name=ホットペッパー グルメ |
"{145168B4-451B-4502-B6BC-D02DCC3B1831}" = dir=out | name=navitime for mouse computer |
"{164277D3-BAAD-4F75-847C-B6F40C092A82}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{1BABDB1B-1C73-4B42-8BA8-A95C1F8D3921}" = dir=out | name=@{microsoft.bingweather_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{1C0AFD3B-EAC1-41FA-B04D-3EB6F960D1C4}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{1E3B7882-68D5-4B7B-826A-C5111E7B6824}" = dir=out | name=xbox |
"{1F3267FC-FD2C-4E40-BAB5-F70301A8BB4B}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{1FDF1A8A-CC0E-4A1B-8521-BAA87B580496}" = dir=out | name=@{microsoft.people_10.0.10220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{2058F3BB-93D5-4A56-8E9C-0E0175679575}" = dir=out | name=windows_ie_ac_001 |
"{217E349A-C576-4BC0-818B-6EEBB83227EE}" = dir=out | name=@{microsoft.bingsports_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{260013EB-BC07-4EA9-B13D-1ED717FFBF3A}" = dir=in | name=skype |
"{26484E15-25DD-4E28-B93A-517C30F4E911}" = dir=out | name=navitime for mouse computer |
"{27CF5A26-5E9B-4641-9A41-2A6076833BCF}" = dir=out | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{295CB0E4-C394-4907-BB11-B60BE5761C3C}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2994755A-4591-404A-B369-13D9D6E5306E}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{2BB5381F-6C76-42FB-874F-FA6CE1B0CEEF}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{2ED2601F-4DCF-4BE3-B84C-86E48003C151}" = dir=in | name=@{microsoft.zunevideo_3.6.16941.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{329442F7-3E35-4BCF-9548-E0A66996C0C2}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{34A4D027-9282-4224-8FD6-67A2FFFF0D25}" = dir=in | name=@{microsoft.bingweather_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{34F12FDF-A1D4-497E-B1A0-9136E3A962A8}" = dir=in | name=onenote |
"{35C22B4E-485F-4C46-873A-684D3D1554ED}" = dir=out | name=@{microsoft.3dbuilder_10.10.38.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{3CCABD85-F6D9-4940-B02E-9B39B10E178A}" = dir=in | name=@{microsoft.bingnews_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{3DAD548B-89C5-4F40-B577-409DC06B1EE7}" = dir=out | name=windows_ie_ac_001 |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{450E3B9F-9943-4B23-BBC9-73572F619CCB}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{47635B01-E7B7-4591-A078-05FADA504953}" = dir=out | name=r25 for windows8 |
"{476C4C0B-CF32-478C-B3D5-6B0BC13C400E}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{480052B9-E775-43A0-B136-F97E2C75A754}" = dir=in | name=@{microsoft.microsoftofficehub_17.6628.23511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{4865DACC-5FBD-412C-96BC-73E227CF2501}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{48E7BC39-8AB7-466E-9C26-7E62C2D38351}" = dir=out | name=microsoft mahjong |
"{48FD1F12-A7DB-4439-ACA2-011E61FEDCBD}" = dir=in | name=microsoft mahjong |
"{4B473113-6987-4CFB-A754-F209C2D9D21F}" = dir=out | name=yahoo!天気・災害 |
"{4E22B446-C43F-40FE-A286-5EF8B2FB1E26}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxoffline.exe |
"{4EEA81F6-AA46-4A05-BD0D-6D580F01617D}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{500C2316-30B8-442C-AD24-EC56236F23AA}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{52F0806E-621A-42BB-A65B-6523A8DA38FF}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxboot.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58217C23-DE3E-48F3-ABFA-B62E50E284D2}" = dir=out | name=@{microsoft.zunevideo_3.6.16941.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5A8A15C5-BE86-421F-A18B-AE018468A99E}" = dir=in | name=@{microsoft.bingsports_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{5DB917C3-0367-48EB-B04D-72746F7F363E}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{62CB8438-7F83-46E4-9A24-A331CC3F5B75}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{64823DA4-4772-4814-A627-0AA1B8EACE20}" = dir=out | name=hulu |
"{64EB41C5-DCD9-490A-953E-1BCA09100F83}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxconfig.exe |
"{659288AE-B462-48CD-A961-F430074A6CBA}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{65DD9731-F9AA-49FC-9AF1-622630D514DE}" = protocol=58 | dir=in | app=system |
"{683473A0-7FB3-44D0-AC77-B6B250B30C01}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6A64AE69-9C7E-4029-AC49-1C402C073D62}" = dir=out | name=skype |
"{6C2556D2-B87F-4F98-A144-262A165F5989}" = dir=in | name=line |
"{6C7AE441-A14B-418D-BDAB-08FA86F4D2AD}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{6CF4615F-6C8A-43C0-ADA7-DCA7A6E50335}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{6F8F121E-9B43-440F-9C36-F79D5AE6066E}" = dir=in | name=@{microsoft.windowsstore_2016.27.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{75240EB0-6BED-49D7-B37D-41E25C73EEE4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{783C12AE-35BD-4742-AD8B-0B11C02BC34D}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{793E879C-6E9F-4D54-8879-53422CDF6F13}" = dir=out | name=@{microsoft.windowsphone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{7A1CD301-8B68-4968-9E07-9725A0E65B8B}" = dir=in | name=@{microsoft.windows.photos_16.201.11370.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{7A773E0C-83B9-4C55-A36E-0C9756874862}" = dir=in | name=onenote |
"{7BCBC937-F56E-47F9-8BB3-EF3C0FA10A21}" = dir=out | name=windows_ie_ac_001 |
"{7E04E550-E533-4CDD-A986-7E85EC27874C}" = dir=out | name=twitter |
"{8115A4B4-E8E4-4700-8C62-2C6F18592767}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{86F02F76-FB1C-469A-A328-BA6FE331FB41}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{872CF4E0-C9FA-42C6-82FA-196643A2A269}" = dir=out | name=@{microsoft.zunemusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{89159E4B-115C-4A64-9BDB-CA437C577A45}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxconfig.exe |
"{89987CDB-F8CB-458E-9F30-5FF9D0C6FAFF}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{8B897D0B-4A29-47FF-B841-BDC6B7B94D81}" = dir=out | name=@{microsoft.windowsmaps_4.1601.10150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{8B9DF541-FC40-4EC2-8ADA-A725E26CF864}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{8ED63645-25F6-4166-A41A-8AADF3D0C8E6}" = dir=out | name=@{microsoft.getstarted_2.6.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{8EF71DDC-2F7E-45BB-8649-720EB88BCDEE}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{93D64602-54BF-434D-915B-7A98A7E16651}" = dir=out | name=yahoo!天気・災害 |
"{97751F90-CC87-4337-8E33-715298ABBC8F}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{97AFD2E2-3A0B-4EF3-8374-08ADD22C33CD}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{97F3FC6B-3441-4350-9A89-902FF0A07A46}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{98C7E05A-0B8B-4BC3-A7F5-20541836651D}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxupdater.exe |
"{9AB590C4-F681-467A-9792-33CD8B6CF7CD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B5B7844-B957-43A3-AD6F-3CD7726D0AC2}" = dir=out | name=sway |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A33F6142-E6B8-4C41-8EDD-721030D513E8}" = dir=out | name=じゃらん |
"{A56ED81F-0AC8-4E57-A6F6-208BD2065896}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6731846-51D8-4C2B-83DA-0A360C492BDF}" = dir=out | name=@{microsoft.connectivitystore_1.1511.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{AA3092A8-B1E8-47FC-B67C-AD8A2D6B9484}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxtitle.exe |
"{B097EC58-5855-4D17-ADEA-BE8249A38AA1}" = dir=out | name=candy crush soda saga |
"{B58226D7-BBCB-4CC6-B306-F1B4FCDD4312}" = dir=in | name=microsoft minesweeper |
"{B60C21C2-DD64-4892-B16E-4BC53F271F3C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{B886063D-6642-428F-92E5-5A1DBC586260}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{B88C98CB-5161-49F7-8665-53CDD570341C}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{B8A4E464-D720-417A-920F-60F92FFD13B6}" = dir=out | name=@{microsoft.bingfinance_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{BA487D20-D9D9-4967-B263-32B67A819690}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr9.exe |
"{BA660468-134C-4F49-A3EA-C0117A5ED960}" = dir=out | name=fresh paint |
"{BC35C49B-DF6B-463E-AEF1-CD075262484C}" = dir=out | name=@{microsoft.zunevideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{BCBEC968-8A77-4CED-BAD0-EEF8F25E3193}" = dir=out | name=@{microsoft.microsoftofficehub_17.6628.23511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{BE93097E-F9F0-4664-9A19-9C14330D4F30}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C0380645-5CC2-4EA9-9B7B-DA56DA03A245}" = dir=out | name=microsoft minesweeper |
"{C1A67443-FDF1-4915-A3B3-03DEE747F4EE}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{C4EFB928-E81C-4618-A437-00E052C7A5DA}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxoffline.exe |
"{C6BD3C05-6D7C-444A-BA88-7E8E98B5417E}" = dir=in | name=@{microsoft.messaging_2.13.20000.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{C762F17F-1BFD-4BED-895F-30A4B66D27EC}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C7E098EF-123A-45D1-887B-94ED25C78E54}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C8540585-5C0A-494C-9B5B-65DF66C25CEF}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxgame.exe |
"{C895CB83-F639-45BF-9934-588F85E5983B}" = dir=in | name=sway |
"{C8AC633B-4EC6-41ED-B864-3F4CE6AAAEC2}" = dir=out | name=onenote |
"{CB550DDD-2A5B-4F55-87CB-CF63FF4AE95E}" = dir=out | name=onenote |
"{CF7995B3-4807-4020-A526-48385F09A692}" = dir=in | name=microsoft solitaire collection |
"{D3C95105-3B7C-4F27-8DFD-782834E3E384}" = dir=out | name=microsoft solitaire collection |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D8E8990D-2C11-4CF9-84FC-03494C2EB017}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6568.16901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC390C71-F180-400F-8CA5-E1064C7A5496}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxupdater.exe |
"{DD2D0420-9779-4C6C-9876-EEEC8BFF1F93}" = dir=in | name=microsoft solitaire collection |
"{DDBC29F3-F487-403E-B3B1-D070A3E30D7C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{DE383C61-A410-4ABC-8F8F-6FD80B0ADB9D}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxtitle.exe |
"{DFA1915D-0903-4B70-AD8E-78FBA57A9562}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxboot.exe |
"{E3262330-B0BF-4B14-B192-8353BD995CD7}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{E36020AA-C076-4035-9CC8-AEEF67DB8F1A}" = dir=out | name=@{microsoft.bingnews_4.8.239.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{E46DAF74-E073-4E8C-9666-0772C28FD48F}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6568.16901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{E63A101F-7F57-40F6-83A2-F7CAD83B1479}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{E9FA9B5C-0B13-45F3-AC34-3CD074A6AF2D}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\game\dqxgame.exe |
"{EB99EB89-B1DC-4052-BB68-8A7DB12CA328}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECB01701-F298-4859-9D1E-CBDA28878BE9}" = dir=out | name=line |
"{ECEE0AC1-7DFF-4D02-AD4A-F379362BA1B0}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{ED3AAA31-1207-452C-AB81-2238A411DBDB}" = dir=in | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{EE9266D2-0F8A-4B60-ABE9-1F1D0F383014}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{EF446750-0FC6-485B-A6E4-6DCF4C8AE36F}" = dir=out | name=ムビチケ |
"{F35C2B59-FE9E-468E-AE90-260B6FFE4171}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F6314411-FC08-479D-A423-92FE494DA663}" = dir=out | name=@{microsoft.windowsstore_2016.27.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F9000FD4-828B-44F9-A26B-56C4F6337398}" = dir=out | name=@{microsoft.messaging_2.13.20000.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{FC9015F8-FBF6-440E-913F-D88333EC2035}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FD6B2627-78A9-4E39-AB19-6740BDD10DE9}" = dir=out | name=line |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3540181E-340A-4E7A-B409-31663472B2F7}" = Apple Mobile Device Support
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}" = iCloud
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{691F30EB-9009-475A-B8A9-E1BF39598FD5}" = Apple Application Support(64 ビット)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A62E4687-9151-4162-AED5-022162CCACAB}" = Intel(R) Rapid Storage Technology
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 353.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 344.46
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 16.13.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Miracast 仮想オーディオ 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.13.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}" = iTunes
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{300DCC8E-BE61-4FB5-B9D8-FDA19E3AAA38}" = ドラゴンクエストX オンライン
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{44510C84-AE2A-4079-A75B-D44E68D73B9A}" = CyberLink PhotoDirector 4
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78DFDC88-FA40-408F-8397-1D7908A6DA21}" = Adobe AIR
"{7CB7F8D8-618E-4130-BB88-32034EF62AF9}" = あっぱれ!天下御免[祭]
"{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}" = Apple Application Support(32 ビット)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1" = LoiLoScope 2
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}" = Apple Software Update
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Avast" = Avast Internet Security
"Google Chrome" = Google Chrome
"Handbrake日本語版" = Handbrake日本語版 0.9.4
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite 10
"Kingsoft Office" = Kingsoft Office 2013 (9.1.0.4059)
"KoihimeEiyuutan03" = 真・恋姫†英雄譚3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Noah" = 圧縮解凍ソフト Noah
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"RPGツクールVX RTP_is1" = RPGツクールVX RTP
"SafeZone 1.48.2066.44" = SafeZone Stable 1.48.2066.44
"Zoolz2" = AOSBOX for UNITCOM
"つよきすFESTIVAL" = つよきすFESTIVAL

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Control Center削除専用

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2016/02/10 6:45:24 | Computer Name = でろりあん | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システム ライター オブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。 。

Error - 2016/02/10 6:58:48 | Computer Name = でろりあん | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/02/10 7:39:12 | Computer Name = でろりあん | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SkypeHost.exe、バージョン: 10.1.2123.10、タイム スタンプ: 0x569054dc
障害が発生しているモジュール名:
SkyWrap.dll、バージョン: 10.1.2123.10、タイム スタンプ: 0x569054c9 例外コード: 0xc0000005 障害オフセット: 0x00ac6197
障害が発生しているプロセス
ID: 0x11d4 障害が発生しているアプリケーションの開始時刻: 0x01d163f490fe38bc 障害が発生しているアプリケーション パス: C:\Program
Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
障害が発生しているモジュール
パス: C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
レポート
ID: eaf59a9a-51c0-4d74-b0c7-83ec99701e48 障害が発生しているパッケージの完全な名前: Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 2016/02/11 7:59:43 | Computer Name = でろりあん | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/02/11 8:20:31 | Computer Name = でろりあん | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/02/11 10:04:33 | Computer Name = でろりあん | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = 暗号化サービスは VSS バックアップ "System Writer" オブジェクトを初期化できませんでした。 Details: Could
not query the status of the EventSystem service. System Error: システム シャットダウンが実行中です。


Error - 2016/02/11 10:32:40 | Computer Name = でろりあん | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SkypeHost.exe、バージョン: 10.1.2123.10、タイム スタンプ: 0x569054dc
障害が発生しているモジュール名:
SkyWrap.dll、バージョン: 10.1.2123.10、タイム スタンプ: 0x569054c9 例外コード: 0xc0000005 障害オフセット: 0x00ac6197
障害が発生しているプロセス
ID: 0x1128 障害が発生しているアプリケーションの開始時刻: 0x01d164d54d02f2f8 障害が発生しているアプリケーション パス: C:\Program
Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
障害が発生しているモジュール
パス: C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
レポート
ID: 6a6df78c-691a-4740-9f00-4531b725ec54 障害が発生しているパッケージの完全な名前: Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 2016/02/12 7:48:17 | Computer Name = でろりあん | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システム ライター オブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。 。

Error - 2016/02/12 8:15:14 | Computer Name = でろりあん | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2144927141。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/02/12 8:21:31 | Computer Name = でろりあん | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2144927141。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

[ System Events ]
Error - 2016/02/11 10:04:11 | Computer Name = でろりあん | Source = DCOM | ID = 10005
Description =

Error - 2016/02/11 10:04:14 | Computer Name = でろりあん | Source = DCOM | ID = 10005
Description =

Error - 2016/02/11 10:04:23 | Computer Name = でろりあん | Source = DCOM | ID = 10005
Description =

Error - 2016/02/11 10:04:24 | Computer Name = でろりあん | Source = DCOM | ID = 10005
Description =

Error - 2016/02/11 10:04:26 | Computer Name = でろりあん | Source = DCOM | ID = 10016
Description =

Error - 2016/02/11 10:06:52 | Computer Name = でろりあん | Source = DCOM | ID = 10016
Description =

Error - 2016/02/12 7:36:33 | Computer Name = でろりあん | Source = EventLog | ID = 6008
Description = 以前のシステム シャットダウン ( ?2016/?02/?12 1:05:04) は予期されていませんでした。

Error - 2016/02/12 7:36:15 | Computer Name = でろりあん | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

Error - 2016/02/12 8:15:14 | Computer Name = でろりあん | Source = DCOM | ID = 10010
Description =

Error - 2016/02/12 8:21:31 | Computer Name = でろりあん | Source = DCOM | ID = 10010
Description =


< End of report >

OLT分けて投稿します。
  • 風信子
  • 2016/02/12 (Fri) 21:28:46
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
[OTL1]
OTL logfile created on: 2016/02/12 21:12:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\輝\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 63.06% Memory free
9.20 Gb Paging File | 6.41 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 915.75 Gb Total Space | 463.70 Gb Free Space | 50.64% Space Free | Partition Type: NTFS

Computer Name: でろりあん | User Name: 輝 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/02/12 20:44:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\輝\Downloads\OTL.exe
PRC - [2016/02/11 19:02:38 | 000,551,112 | ---- | M] (Microsoft Corporation) -- C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/02/09 20:58:39 | 000,748,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/02/08 01:57:17 | 007,139,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2016/02/03 19:01:19 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2014/10/17 01:54:03 | 002,462,536 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/09/09 09:23:04 | 000,286,056 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/05 16:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/03/08 15:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/02/09 20:58:36 | 016,810,824 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll
MOD - [2016/02/09 20:58:31 | 001,632,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
MOD - [2016/02/09 20:58:28 | 000,087,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
MOD - [2016/02/08 01:56:42 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/02/08 01:56:40 | 000,480,760 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/02/08 01:56:40 | 000,113,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/02/08 01:56:39 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/01/26 14:40:58 | 022,330,368 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/01/26 14:40:54 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2013/08/05 16:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 005,570,120 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:35 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,607,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 001,223,168 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/01/16 14:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,491,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,130,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 001,090,048 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,846,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,361,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 002,156,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,164,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2014/08/05 09:53:42 | 000,465,528 | ---- | M] () [Auto | Running] -- C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe -- (AOSBOXforUNITCOM Backup Service)
SRV:[b]64bit:[/b] - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2010/08/19 18:43:24 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2016/02/10 19:45:07 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/26 13:21:31 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 16:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 16:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 16:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 16:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 16:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/02/10 19:03:37 | 000,287,016 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/02/09 00:51:41 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,165,344 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 001,065,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:29 | 000,154,024 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 000,310,904 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,552,368 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/01/16 14:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:33 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:26 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/10/30 16:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,254,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:40 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/08/29 00:31:12 | 000,206,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2013/09/16 12:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/09/09 09:22:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/03/05 12:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2011/02/12 06:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV - [2014/12/24 14:24:02 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {03F15F83-38EA-4E78-96CC-7F2588ADA1D1}
IE - HKLM\..\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem.msn.com/?pc=NMJB
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes\OldSearch: "URL" = http://www.google.co.jp/hws/search?hl=ja&q={searchTerms}&client=fenrir-sub&channel=installer_pictbear&adsafe=off&safe=off&lr=lang_ja
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016/02/10 20:03:53 | 000,000,832 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Zoolz Tray] C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [OneDrive] C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4a0c6cd8-9597-43af-aa7b-237611d67ffa}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/02/09 00:52:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {583AC46A-4A6F-39BC-AEFD-1BC2759FFA51} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {600AC0DF-B614-36F9-9E10-
  • 風信子
  • 2016/02/12 (Fri) 21:31:19
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
[OTL1]
OTL logfile created on: 2016/02/12 21:12:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\輝\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 63.06% Memory free
9.20 Gb Paging File | 6.41 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 915.75 Gb Total Space | 463.70 Gb Free Space | 50.64% Space Free | Partition Type: NTFS

Computer Name: でろりあん | User Name: 輝 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/02/12 20:44:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\輝\Downloads\OTL.exe
PRC - [2016/02/11 19:02:38 | 000,551,112 | ---- | M] (Microsoft Corporation) -- C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/02/09 20:58:39 | 000,748,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/02/08 01:57:17 | 007,139,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2016/02/03 19:01:19 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2014/10/17 01:54:03 | 002,462,536 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/09/09 09:23:04 | 000,286,056 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/05 16:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/03/08 15:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/02/09 20:58:36 | 016,810,824 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll
MOD - [2016/02/09 20:58:31 | 001,632,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
MOD - [2016/02/09 20:58:28 | 000,087,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
MOD - [2016/02/08 01:56:42 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/02/08 01:56:40 | 000,480,760 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/02/08 01:56:40 | 000,113,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/02/08 01:56:39 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/01/26 14:40:58 | 022,330,368 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/01/26 14:40:54 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2013/08/05 16:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 005,570,120 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:35 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,607,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 001,223,168 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/01/16 14:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,491,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,130,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 001,090,048 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,846,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,361,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 002,156,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,164,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2014/08/05 09:53:42 | 000,465,528 | ---- | M] () [Auto | Running] -- C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe -- (AOSBOXforUNITCOM Backup Service)
SRV:[b]64bit:[/b] - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2010/08/19 18:43:24 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2016/02/10 19:45:07 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/26 13:21:31 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 16:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 16:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 16:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 16:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 16:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/02/10 19:03:37 | 000,287,016 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/02/09 00:51:41 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,165,344 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 001,065,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:29 | 000,154,024 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 000,310,904 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,552,368 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/01/16 14:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:33 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:26 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/10/30 16:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,254,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:40 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/08/29 00:31:12 | 000,206,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2013/09/16 12:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/09/09 09:22:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/03/05 12:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2011/02/12 06:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV - [2014/12/24 14:24:02 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {03F15F83-38EA-4E78-96CC-7F2588ADA1D1}
IE - HKLM\..\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem.msn.com/?pc=NMJB
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes\OldSearch: "URL" = http://www.google.co.jp/hws/search?hl=ja&q={searchTerms}&client=fenrir-sub&channel=installer_pictbear&adsafe=off&safe=off&lr=lang_ja
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016/02/10 20:03:53 | 000,000,832 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Zoolz Tray] C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [OneDrive] C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4a0c6cd8-9597-43af-aa7b-237611d67ffa}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/02/09 00:52:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {583AC46A-4A6F-39BC-AEFD-1BC2759FFA51} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {600AC0DF-B614-36F9-9E10-
  • 風信子
  • 2016/02/12 (Fri) 21:31:20
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
[OTL1]
OTL logfile created on: 2016/02/12 21:12:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\輝\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 63.06% Memory free
9.20 Gb Paging File | 6.41 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 915.75 Gb Total Space | 463.70 Gb Free Space | 50.64% Space Free | Partition Type: NTFS

Computer Name: でろりあん | User Name: 輝 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/02/12 20:44:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\輝\Downloads\OTL.exe
PRC - [2016/02/11 19:02:38 | 000,551,112 | ---- | M] (Microsoft Corporation) -- C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/02/09 20:58:39 | 000,748,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/02/08 01:57:17 | 007,139,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2016/02/03 19:01:19 | 000,252,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
PRC - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2014/10/17 01:54:03 | 002,462,536 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/09/09 09:23:04 | 000,286,056 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/05 16:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/03/08 15:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/02/09 20:58:36 | 016,810,824 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll
MOD - [2016/02/09 20:58:31 | 001,632,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
MOD - [2016/02/09 20:58:28 | 000,087,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
MOD - [2016/02/08 01:56:42 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/02/08 01:56:40 | 000,480,760 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/02/08 01:56:40 | 000,113,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/02/08 01:56:39 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/01/26 14:40:58 | 022,330,368 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/01/26 14:40:55 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/01/26 14:40:54 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2013/08/05 16:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/02/08 01:56:39 | 000,237,096 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 005,570,120 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,119,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:35 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:32 | 000,607,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 001,223,168 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/01/16 14:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,491,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 001,130,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 001,090,048 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,846,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,361,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_9f3433d)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_42f97)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3d853)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 002,156,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,164,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2014/08/05 09:53:42 | 000,465,528 | ---- | M] () [Auto | Running] -- C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe -- (AOSBOXforUNITCOM Backup Service)
SRV:[b]64bit:[/b] - [2013/09/09 09:23:04 | 000,014,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2010/08/19 18:43:24 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2016/02/10 19:45:07 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/26 13:21:31 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 16:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 16:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 16:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 16:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 16:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 16:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/17 01:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/10/16 21:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/02/10 19:03:37 | 000,287,016 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/02/09 00:51:41 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,165,344 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:43 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 001,065,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:30 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:29 | 000,154,024 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:27 | 000,310,904 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2016/02/08 01:56:26 | 000,552,368 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/01/26 13:21:27 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/01/16 14:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:33 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:26 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/10/30 16:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,254,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:40 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/08/29 00:31:12 | 000,206,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/10/17 01:54:03 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2013/09/16 12:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/09/09 09:22:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/03/05 12:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2011/02/12 06:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV - [2014/12/24 14:24:02 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {03F15F83-38EA-4E78-96CC-7F2588ADA1D1}
IE - HKLM\..\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://oem.msn.com/?pc=NMJB
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\..\SearchScopes\OldSearch: "URL" = http://www.google.co.jp/hws/search?hl=ja&q={searchTerms}&client=fenrir-sub&channel=installer_pictbear&adsafe=off&safe=off&lr=lang_ja
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-705012142-2807547796-874617321-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/08 01:58:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/02/08 01:56:45 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.210_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016/02/10 20:03:53 | 000,000,832 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Zoolz Tray] C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-705012142-2807547796-874617321-1001..\Run: [OneDrive] C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2016/02/12 21:03:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2016/02/11 20:15:47 | 000,000,000 | ---D | M]
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4a0c6cd8-9597-43af-aa7b-237611d67ffa}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/02/09 00:52:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {583AC46A-4A6F-39BC-AEFD-1BC2759FFA51} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {600AC0DF-B614-36F9-9E10-
  • 風信子
  • 2016/02/12 (Fri) 21:31:22
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
[OTL2]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/02/12 21:08:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job
[2016/02/12 21:06:27 | 000,000,710 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/02/12 21:01:00 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_輝.job
[2016/02/12 20:45:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/02/12 20:43:34 | 001,535,090 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/02/12 20:43:34 | 000,735,334 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/02/12 20:43:34 | 000,517,504 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2016/02/12 20:43:34 | 000,139,436 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2016/02/12 20:43:34 | 000,139,372 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/02/12 20:38:39 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/02/12 20:38:30 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/02/12 20:36:28 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/02/12 20:36:26 | 3415,982,080 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/11 21:20:19 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/02/11 20:21:31 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/02/10 20:20:27 | 000,002,131 | ---- | M] () -- C:\Users\輝\Desktop\Internet Explorer.lnk
[2016/02/10 20:03:53 | 000,000,832 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/02/10 19:03:37 | 000,287,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys
[2016/02/09 00:52:27 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2016/02/09 00:51:41 | 000,022,704 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\EsgScanner.sys
[2016/02/08 01:56:43 | 000,463,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2016/02/08 01:56:43 | 000,398,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2016/02/08 01:56:43 | 000,165,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2016/02/08 01:56:43 | 000,107,792 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2016/02/08 01:56:43 | 000,103,064 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2016/02/08 01:56:43 | 000,074,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2016/02/08 01:56:43 | 000,037,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2016/02/08 01:56:40 | 000,052,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/02/08 01:56:30 | 001,065,720 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2016/02/08 01:56:30 | 000,037,144 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2016/02/08 01:56:29 | 000,154,024 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\ngvss.sys
[2016/02/08 01:56:26 | 000,552,368 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys
[2016/02/06 00:55:41 | 000,002,060 | ---- | M] () -- C:\Users\輝\Desktop\つよきすFESTIVAL.lnk
[2016/01/26 13:51:37 | 000,002,342 | ---- | M] () -- C:\Users\輝\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/01/26 13:51:37 | 000,002,318 | ---- | M] () -- C:\Users\輝\Desktop\Google Chrome.lnk
[2016/01/26 13:48:09 | 000,009,528 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/01/26 13:48:09 | 000,009,528 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/01/26 13:46:33 | 000,023,208 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/01/26 13:42:40 | 001,531,668 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/01/26 13:38:20 | 000,232,760 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/01/26 13:28:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2016/01/26 13:21:44 | 002,796,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/01/26 13:21:44 | 002,180,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/01/26 13:21:44 | 002,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/01/26 13:21:44 | 001,070,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2016/01/26 13:21:44 | 000,983,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2016/01/26 13:21:44 | 000,925,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016/01/26 13:21:44 | 000,898,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2016/01/26 13:21:44 | 000,890,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2016/01/26 13:21:44 | 000,871,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2016/01/26 13:21:44 | 000,786,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2016/01/26 13:21:44 | 000,695,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2016/01/26 13:21:44 | 000,671,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2016/01/26 13:21:44 | 000,670,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016/01/26 13:21:44 | 000,569,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2016/01/26 13:21:44 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016/01/26 13:21:44 | 000,450,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2016/01/26 13:21:44 | 000,387,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2016/01/26 13:21:44 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/01/26 13:21:44 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2016/01/26 13:21:44 | 000,340,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2016/01/26 13:21:44 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016/01/26 13:21:44 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll
[2016/01/26 13:21:44 | 000,305,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2016/01/26 13:21:44 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
[2016/01/26 13:21:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2016/01/26 13:21:44 | 000,208,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2016/01/26 13:21:44 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016/01/26 13:21:44 | 000,119,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2016/01/26 13:21:44 | 000,116,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2016/01/26 13:21:44 | 000,100,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2016/01/26 13:21:44 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016/01/26 13:21:44 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.proxy.dll
[2016/01/26 13:21:35 | 007,826,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/01/26 13:21:35 | 005,660,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/01/26 13:21:35 | 004,894,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/01/26 13:21:35 | 003,428,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/01/26 13:21:35 | 002,582,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/01/26 13:21:35 | 002,544,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/01/26 13:21:35 | 001,817,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/01/26 13:21:35 | 001,299,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2016/01/26 13:21:35 | 001,255,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2016/01/26 13:21:35 | 001,155,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2016/01/26 13:21:35 | 001,131,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2016/01/26 13:21:35 | 001,118,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2016/01/26 13:21:35 | 001,105,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2016/01/26 13:21:35 | 001,092,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016/01/26 13:21:35 | 001,065,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/01/26 13:21:35 | 001,020,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2016/01/26 13:21:35 | 000,931,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2016/01/26 13:21:35 | 000,884,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/01/26 13:21:35 | 000,870,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016/01/26 13:21:35 | 000,858,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2016/01/26 13:21:35 | 000,824,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2016/01/26 13:21:35 | 000,823,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2016/01/26 13:21:35 | 000,803,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016/01/26 13:21:35 | 000,794,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016/01/26 13:21:35 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/01/26 13:21:35 | 000,716,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2016/01/26 13:21:35 | 000,701,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2016/01/26 13:21:35 | 000,696,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/01/26 13:21:35 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2016/01/26 13:21:35 | 000,526,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2016/01/26 13:21:35 | 000,516,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016/01/26 13:21:35 | 000,502,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/01/26 13:21:35 | 000,498,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2016/01/26 13:21:35 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/01/26 13:21:35 | 000,462,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2016/01/26 13:21:35 | 000,337,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016/01/26 13:21:35 | 000,289,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016/01/26 13:21:35 | 000,245,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2016/01/26 13:21:35 | 000,234,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2016/01/26 13:21:35 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/01/26 13:21:35 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\flvprophandler.dll
[2016/01/26 13:21:35 | 000,115,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/01/26 13:21:35 | 000,110,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2016/01/26 13:21:35 | 000,088,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2016/01/26 13:21:35 | 000,084,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/01/26 13:21:35 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMSRoamingSecurity.dll
[2016/01/26 13:21:35 | 000,073,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2016/01/26 13:21:35 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2016/01/26 13:21:35 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2016/01/26 13:21:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\readingviewresources.dll
[2016/01/26 13:21:32 | 007,477,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/01/26 13:21:32 | 006,572,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2016/01/26 13:21:32 | 003,993,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/01/26 13:21:32 | 002,352,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2016/01/26 13:21:32 | 002,155,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2016/01/26 13:21:32 | 001,995,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2016/01/26 13:21:32 | 001,814,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2016/01/26 13:21:32 | 001,717,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2016/01/26 13:21:32 | 001,713,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/01/26 13:21:32 | 001,706,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/01/26 13:21:32 | 001,648,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2016/01/26 13:21:32 | 001,582,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016/01/26 13:21:32 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2016/01/26 13:21:32 | 001,317,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/01/26 13:21:32 | 001,309,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/01/26 13:21:32 | 001,141,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/01/26 13:21:32 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XboxNetApiSvc.dll
[2016/01/26 13:21:32 | 001,009,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2016/01/26 13:21:32 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/01/26 13:21:32 | 000,912,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2016/01/26 13:21:32 | 000,900,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2016/01/26 13:21:32 | 000,796,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016/01/26 13:21:32 | 000,749,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2016/01/26 13:21:32 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CellularAPI.dll
[2016/01/26 13:21:32 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2016/01/26 13:21:32 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2016/01/26 13:21:32 | 000,674,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2016/01/26 13:21:32 | 000,644,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2016/01/26 13:21:32 | 000,630,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/01/26 13:21:32 | 000,623,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/01/26 13:21:32 | 000,607,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2016/01/26 13:21:32 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016/01/26 13:21:32 | 000,586,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2016/01/26 13:21:32 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016/01/26 13:21:32 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2016/01/26 13:21:32 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvut.dll
[2016/01/26 13:21:32 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2016/01/26 13:21:32 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016/01/26 13:21:32 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2016/01/26 13:21:32 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016/01/26 13:21:32 | 000,416,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/01/26 13:21:32 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2016/01/26 13:21:32 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/01/26 13:21:32 | 000,412,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2016/01/26 13:21:32 | 000,365,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/01/26 13:21:32 | 000,334,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/01/26 13:21:32 | 000,296,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/01/26 13:21:32 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2016/01/26 13:21:32 | 000,264,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016/01/26 13:21:32 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2016/01/26 13:21:32 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2016/01/26 13:21:32 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2016/01/26 13:21:32 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2016/01/26 13:21:32 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/01/26 13:21:32 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2016/01/26 13:21:32 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/01/26 13:21:32 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/01/26 13:21:32 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2016/01/26 13:21:32 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2016/01/26 13:21:32 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2016/01/26 13:21:32 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2016/01/26 13:21:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/01/26 13:21:32 | 000,092,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/01/26 13:21:32 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/01/26 13:21:32 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/01/26 13:21:32 | 000,080,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwapi.dll
[2016/01/26 13:21:32 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.XboxLive.ProxyStub.dll
[2016/01/26 13:21:32 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2016/01/26 13:21:32 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssign32.dll
[2016/01/26 13:21:32 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwancfg.dll
[2016/01/26 13:21:32 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/01/26 13:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ihvrilproxy.dll
[2016/01/26 13:21:32 | 000,063,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wwapi.dll
[2016/01/26 13:21:32 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssign32.dll
[2016/01/26 13:21:32 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rilproxy.dll
[2016/01/26 13:21:32 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanpref.dll
[2016/01/26 13:21:32 | 000,045,568 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/01/26 13:21:32 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsplib.dll
[2016/01/26 13:21:32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgrcli.dll
[2016/01/26 13:21:32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.proxy.dll
[2016/01/26 13:21:32 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/01/26 13:21:32 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usermgrcli.dll
[2016/01/26 13:21:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2016/01/26 13:21:32 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/01/26 13:21:32 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshrm.dll
[2016/01/26 13:21:32 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2016/01/26 13:21:32 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2016/01/26 13:21:31 | 001,281,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/01/26 13:21:31 | 001,223,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2016/01/26 13:21:31 | 000,973,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/01/26 13:21:31 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2016/01/26 13:21:31 | 000,808,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2016/01/26 13:21:31 | 000,698,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2016/01/26 13:21:31 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/01/26 13:21:31 | 000,523,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2016/01/26 13:21:31 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCore.dll
[2016/01/26 13:21:31 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/01/26 13:21:31 | 000,342,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/01/26 13:21:31 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016/01/26 13:21:31 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2016/01/26 13:21:31 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016/01/26 13:21:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2016/01/26 13:21:31 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/01/26 13:21:31 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/01/26 13:21:31 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2016/01/26 13:21:31 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2016/01/26 13:21:31 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2016/01/26 13:21:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2016/01/26 13:21:31 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/01/26 13:21:31 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\SensorsCx.dll
[2016/01/26 13:21:31 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2016/01/26 13:21:31 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/01/26 13:21:31 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2016/01/26 13:21:31 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2016/01/26 13:21:31 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2016/01/26 13:21:31 | 000,058,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/01/26 13:21:31 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2016/01/26 13:21:31 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringclient.dll
[2016/01/26 13:21:31 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2016/01/26 13:21:31 | 000,051,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsUtilsV2.dll
[2016/01/26 13:21:31 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2016/01/26 13:21:31 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringconfigsp.dll
[2016/01/26 13:21:31 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2016/01/26 13:21:31 | 000,026,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2016/01/26 13:21:31 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IcsEntitlementHost.exe
[2016/01/26 13:21:27 | 003,355,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2016/01/26 13:21:27 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/01/26 13:21:27 | 002,772,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/01/26 13:21:27 | 002,680,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2016/01/26 13:21:27 | 002,653,816 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/01/26 13:21:27 | 002,444,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2016/01/26 13:21:27 | 002,185,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/01/26 13:21:27 | 002,001,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2016/01/26 13:21:27 | 001,860,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/01/26 13:21:27 | 001,859,448 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/01/26 13:21:27 | 001,804,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2016/01/26 13:21:27 | 001,594,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016/01/26 13:21:27 | 001,467,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2016/01/26 13:21:27 | 001,443,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/01/26 13:21:27 | 001,399,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016/01/26 13:21:27 | 001,395,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/01/26 13:21:27 | 001,393,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/01/26 13:21:27 | 001,387,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/01/26 13:21:27 | 001,268,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016/01/26 13:21:27 | 001,268,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016/01/26 13:21:27 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/01/26 13:21:27 | 001,056,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/01/26 13:21:27 | 001,042,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2016/01/26 13:21:27 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/01/26 13:21:27 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/01/26 13:21:27 | 000,938,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/01/26 13:21:27 | 000,911,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2016/01/26 13:21:27 | 000,870,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/01/26 13:21:27 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/01/26 13:21:27 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/01/26 13:21:27 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/01/26 13:21:27 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/01/26 13:21:27 | 000,711,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/01/26 13:21:27 | 000,709,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2016/01/26 13:21:27 | 000,703,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/01/26 13:21:27 | 000,697,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016/01/26 13:21:27 | 000,675,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2016/01/26 13:21:27 | 000,647,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016/01/26 13:21:27 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/01/26 13:21:27 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApi.dll
[2016/01/26 13:21:27 | 000,586,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2016/01/26 13:21:27 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2016/01/26 13:21:27 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll
[2016/01/26 13:21:27 | 000,540,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/01/26 13:21:27 | 000,511,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2016/01/26 13:21:27 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/01/26 13:21:27 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2016/01/26 13:21:27 | 000,470,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApi.dll
[2016/01/26 13:21:27 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/01/26 13:21:27 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2016/01/26 13:21:27 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2016/01/26 13:21:27 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/01/26 13:21:27 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2016/01/26 13:21:27 | 000,303,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/01/26 13:21:27 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2016/01/26 13:21:27 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/01/26 13:21:27 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/01/26 13:21:27 | 000,264,192 | ---- | M] (Nokia) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2016/01/26 13:21:27 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2016/01/26 13:21:27 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/01/26 13:21:27 | 000,205,824 | ---- | M] (Nokia) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2016/01/26 13:21:27 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-AppModelExecEvents.dll
[2016/01/26 13:21:27 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityCommon.dll
[2016/01/26 13:21:27 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2016/01/26 13:21:27 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ETWCoreUIComponentsResources.dll
[2016/01/26 13:21:27 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ETWCoreUIComponentsResources.dll
[2016/01/26 13:21:27 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshom.ocx
[2016/01/26 13:21:27 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2016/01/26 13:21:27 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\capimg.sys
[2016/01/26 13:21:27 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2016/01/26 13:21:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MapControls.dll
[2016/01/26 13:21:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MapControls.dll
[2016/01/26 13:21:27 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/01/26 13:21:27 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinelsa.dll
[2016/01/26 13:21:27 | 000,095,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2016/01/26 13:21:27 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/01/26 13:21:27 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/01/26 13:21:27 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/01/26 13:21:27 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/01/26 13:21:27 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016/01/26 13:21:27 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/01/26 13:21:27 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManagerProxy.dll
[2016/01/26 13:21:27 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/01/26 13:21:27 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/01/26 13:21:27 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2016/01/26 13:21:27 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2016/01/26 13:21:27 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016/01/26 13:21:27 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/01/26 13:21:27 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosResource.dll
[2016/01/26 13:21:27 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosResource.dll
[2016/01/26 13:21:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2016/01/26 13:21:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll
[2016/01/26 13:21:27 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2016/01/26 13:21:27 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthManagerProxy.dll
[2016/01/26 13:21:27 | 000,037,376 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/01/26 13:21:27 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BackgroundTransferHost.exe
[2016/01/26 13:21:27 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCoreRes.dll
[2016/01/26 13:21:27 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCoreRes.dll
[2016/01/26 13:21:27 | 000,035,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2016/01/26 13:21:27 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
[2016/01/26 13:21:27 | 000,032,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfpmp.exe
[2016/01/26 13:21:27 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016/01/26 13:21:27 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/01/26 13:21:27 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2016/01/26 13:21:27 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016/01/26 13:21:27 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2016/01/26 13:21:27 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosTrace.dll
[2016/01/26 13:21:27 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosTrace.dll
[2016/01/26 13:21:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosHost.dll
[2016/01/26 13:21:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosHost.dll
[2016/01/26 13:21:27 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlStringsRes.dll
[2016/01/26 13:21:27 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlStringsRes.dll
[2016/01/16 15:37:05 | 000,202,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016/01/16 15:36:40 | 000,713,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/01/16 15:36:31 | 001,173,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/01/16 15:34:51 | 000,513,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/01/16 15:24:34 | 000,538,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2016/01/16 15:23:47 | 008,728,920 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/01/16 15:23:44 | 000,369,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/01/16 15:23:37 | 000,536,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/01/16 15:23:36 | 000,848,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/01/16 15:23:35 | 000,785,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2016/01/16 15:23:33 | 000,408,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/01/16 15:21:33 | 001,750,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2016/01/16 15:20:58 | 006,600,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/01/16 15:20:56 | 000,431,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2016/01/16 15:20:12 | 006,971,752 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/01/16 15:20:01 | 000,652,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2016/01/16 15:20:00 | 000,366,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016/01/16 15:19:59 | 000,709,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/01/16 15:16:49 | 005,238,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/01/16 15:13:24 | 000,576,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/01/16 15:12:49 | 001,415,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016/01/16 15:08:56 | 000,440,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016/01/16 14:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbser.sys
[2016/01/16 14:45:13 | 016,986,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/01/16 14:44:38 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll
[2016/01/16 14:44:28 | 022,394,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/01/16 14:44:25 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2016/01/16 14:44:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasadhlp.dll
[2016/01/16 14:43:19 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winhttpcom.dll
[2016/01/16 14:42:37 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscoreext.dll
[2016/01/16 14:42:18 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/01/16 14:41:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2016/01/16 14:40:46 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2016/01/16 14:40:11 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasautou.exe
[2016/01/16 14:40:05 | 011,545,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/01/16 14:39:18 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2016/01/16 14:38:42 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2016/01/16 14:38:26 | 007,979,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/01/16 14:38:22 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimCfg.dll
[2016/01/16 14:38:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbio.dll
[2016/01/16 14:37:47 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2016/01/16 14:37:00 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/01/16 14:36:57 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2016/01/16 14:36:46 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimAuth.dll
[2016/01/16 14:36:41 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2016/01/16 14:36:17 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/01/16 14:36:06 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll
[2016/01/16 14:35:03 | 013,018,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/01/16 14:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2016/01/16 14:34:55 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winhttpcom.dll
[2016/01/16 14:34:38 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2016/01/16 14:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/01/16 14:34:25 | 000,610,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2016/01/16 14:33:53 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/01/16 14:33:08 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2016/01/16 14:33:08 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2016/01/16 14:32:30 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2016/01/16 14:31:58 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2016/01/16 14:31:54 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasautou.exe
[2016/01/16 14:31:36 | 000,851,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/01/16 14:31:28 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/01/16 14:30:35 | 002,127,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2016/01/16 14:30:19 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimCfg.dll
[2016/01/16 14:30:18 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbio.dll
[2016/01/16 14:30:01 | 000,784,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2016/01/16 14:29:56 | 001,500,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2016/01/16 14:29:06 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/01/16 14:28:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimAuth.dll
[2016/01/16 14:28:14 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2016/01/16 14:28:03 | 002,624,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/01/16 14:28:02 | 009,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/01/16 14:28:02 | 001,318,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2016/01/16 14:26:52 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2016/01/16 14:26:14 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/01/16 14:26:11 | 000,260,608 | ---- | M] () -- C:\WINDOWS\SysNative\MTFServer.dll
[2016/01/16 14:26:09 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/01/16 14:25:59 | 000,235,008 | ---- | M] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/01/16 14:25:39 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2016/01/16 14:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016/01/16 14:24:44 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2016/01/16 14:24:29 | 018,678,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/01/16 14:24:13 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/01/16 14:23:07 | 002,050,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2016/01/16 14:21:51 | 006,297,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/01/16 14:20:40 | 001,944,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/01/16 14:20:38 | 002,597,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/01/16 14:20:22 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2016/01/16 14:20:18 | 007,199,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/01/16 14:19:33 | 000,733,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016/01/16 14:19:08 | 000,162,816 | ---- | M] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/01/16 14:19:08 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/01/16 14:19:05 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/01/16 14:18:21 | 001,674,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2016/01/16 14:18:18 | 003,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/01/16 14:17:08 | 005,503,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2016/01/16 14:16:59 | 001,542,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2016/01/16 14:16:05 | 005,202,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/01/16 14:14:51 | 001,626,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/01/16 14:14:43 | 001,946,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/01/16 14:09:47 | 001,087,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/02/11 20:21:31 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/02/10 20:20:27 | 000,002,131 | ---- | C] () -- C:\Users\輝\Desktop\Internet Explorer.lnk
[2016/02/10 19:58:35 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/02/09 00:52:27 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2016/02/09 00:51:41 | 000,022,704 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\EsgScanner.sys
[2016/02/08 01:59:21 | 000,001,082 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[2016/02/08 01:57:18 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
[2016/02/06 00:55:41 | 000,002,060 | ---- | C] () -- C:\Users\輝\Desktop\つよきすFESTIVAL.lnk
[2016/01/28 19:14:16 | 000,260,608 | ---- | C] () -- C:\WINDOWS\SysNative\MTFServer.dll
[2016/01/28 19:14:15 | 000,235,008 | ---- | C] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/01/28 19:14:15 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/01/26 13:55:10 | 000,002,330 | ---- | C] () -- C:\Users\輝\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2016/01/26 13:46:33 | 000,023,208 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/01/26 13:42:40 | 001,535,090 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/01/26 13:38:07 | 3415,982,080 | -HS- | C] () -- C:\hiberfil.sys
[2016/01/26 13:36:09 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2016/01/26 13:31:42 | 000,000,352 | ---- | C] () -- C:\Users\輝\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/01/26 13:31:42 | 000,000,334 | ---- | C] () -- C:\Users\輝\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/01/26 13:29:08 | 005,133,709 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2016/01/26 13:28:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2016/01/26 13:26:37 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/01/26 13:25:23 | 000,232,760 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/01/26 13:24:34 | 000,151,043 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2016/01/26 13:24:34 | 000,151,043 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2016/01/26 13:21:27 | 002,653,816 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/01/26 13:21:27 | 001,859,448 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/01/26 13:05:51 | 000,009,528 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2016/01/26 13:05:51 | 000,009,528 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2015/12/27 02:21:21 | 000,781,312 | ---- | C] () -- C:\WINDOWS\SysWow64\RGSS102J.dll
[2015/12/27 02:21:21 | 000,778,752 | ---- | C] () -- C:\WINDOWS\SysWow64\RGSS102E.dll
[2015/12/27 02:21:21 | 000,771,584 | ---- | C] () -- C:\WINDOWS\SysWow64\RGSS100J.dll
[2015/12/27 02:21:21 | 000,685,056 | ---- | C] () -- C:\WINDOWS\SysWow64\RGSS103J.dll
[2015/10/30 16:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 16:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 16:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 16:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 16:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 16:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 16:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 16:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 16:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 16:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 16:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 16:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 16:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 16:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/08/29 00:31:10 | 037,759,272 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2015/01/19 23:10:46 | 000,000,066 | ---- | C] () -- C:\WINDOWS\.ini
[2015/01/15 22:04:07 | 000,640,512 | ---- | C] () -- C:\WINDOWS\SysWow64\7-zip32.dll
[2015/01/15 22:04:06 | 000,090,624 | ---- | C] () -- C:\WINDOWS\SysWow64\ISH32.DLL
[2015/01/15 22:04:06 | 000,082,432 | ---- | C] () -- C:\WINDOWS\SysWow64\AISH32.DLL
[2015/01/15 22:04:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\SysWow64\Aishmv32.dll
[2015/01/15 22:04:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\yzdec.exe
[2015/01/15 22:04:04 | 000,217,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2015/01/15 22:04:03 | 000,487,424 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\tar32.dll
[2015/01/15 22:04:01 | 000,351,232 | ---- | C] () -- C:\WINDOWS\SysWow64\UNLHA32.DLL
[2014/12/24 12:21:04 | 001,531,668 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/01/16 15:20:58 | 006,600,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/01/16 15:16:49 | 005,238,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 16:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 16:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 16:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2016/02/12 20:38:58 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp
[2016/02/11 21:14:39 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2016/02/12 20:38:58 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp\S-1-5-21-705012142-2807547796-874617321-1001
[2015/11/19 21:07:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/12/24 12:20:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2016/02/12 20:44:08 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2015/12/25 18:59:59 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2015/11/08 19:33:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\OLRSubmission.exe
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2015/01/16 18:55:57 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\Power2Go\8.0
[2015/01/27 20:17:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerStarter\10.0
[2015/01/15 20:36:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\LABELPRINT\2.5
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\MEDIASHOW\6.0
[2015/01/15 20:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PhotoDirector\4.0
[2015/01/15 20:37:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PhotoDirector\4.0\UNO
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\POWER2GO\8.0
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\POWERBACKUP\2.50
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\POWERDIRECTOR\9.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerStarter\10.0
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2016/01/26 13:38:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/31 03:23:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2016/01/26 13:48:49 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2015/12/25 18:59:59 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2015/11/08 19:33:10 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\OLRSubmission.exe
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2015/01/16 18:55:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\Power2Go\8.0
[2015/01/27 20:17:22 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerStarter\10.0
[2015/01/15 20:36:40 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\LABELPRINT\2.5
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\MEDIASHOW\6.0
[2015/01/15 20:37:11 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PhotoDirector\4.0
[2015/01/15 20:37:25 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PhotoDirector\4.0\UNO
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\POWER2GO\8.0
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\POWERBACKUP\2.50
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\POWERDIRECTOR\9.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerStarter\10.0
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2016/01/26 13:38:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/31 03:23:42 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2016/01/30 10:53:11 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2016/02/11 20:21:31 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2016/01/26 13:43:44 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{0E664C43-955A-44a4-9262-599F535207E1}\Version\9.0
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{29964B14-C117-46b6-B108-11F211ED9388}\Version\6.0
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{397A21FB-EADF-4116-9027-32B8FA04C3E2}\Version\8.0
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{4230527D-88E1-4fb5-9EDD-606F3AD2B389}\Version\2.5
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{63E98B26-4583-4418-958D-B6BD95DFE5C9}\Version\2.50
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{6F7425F3-EB34-46b0-9B63-430203611455}\Version\10.0
[2015/01/27 20:59:04 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{748DB920-B5DD-4cdb-9EC4-5A3B61A21936}\Version\10.0
[2014/12/24 14:38:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{A2540FA5-4E6F-4a42-A327-D947EC8F2323}\Version\4.0
[2016/01/26 13:32:25 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData
[2015/01/15 20:33:20 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2016/01/27 22:42:55 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2016/01/26 13:54:32 | 000,000,000 | RH-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Windows\Burn\Burn
[2016/01/26
  • 風信子
  • 2016/02/12 (Fri) 21:32:52
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
OLTがすべてはれていなかったようなので追加ではります
[OTL]
[2016/01/26 13:54:35 | 000,000,000 | RH-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Windows\Burn\Burn1
[2016/02/09 19:45:28 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2016/01/26 13:51:39 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2016/01/26 13:51:39 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2015/01/15 20:23:47 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Local\NVIDIA Corporation\Shield Apps\StreamingAssets
[2016/01/26 13:42:23 | 000,000,000 | -H-D | M] -- C:\Users\輝\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/01/26 13:37:35 | 000,000,000 | -H-D | M] -- C:\Windows.old\ProgramData
[2016/01/26 13:43:48 | 000,000,000 | -H-D | M] -- C:\Windows.old\Program Files\WindowsApps
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Windows.old\ProgramData\Microsoft\WwanSvc
[2015/03/26 22:53:06 | 000,000,000 | -H-D | M] -- C:\Windows.old\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2014/03/18 18:42:33 | 000,000,000 | RH-D | M] -- C:\Windows.old\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Windows.old\ProgramData\Microsoft\WwanSvc\Profiles
[2014/12/24 18:54:43 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\Default
[2015/12/25 18:59:59 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\Apple Computer\iTunes\SC Info
[2015/11/08 19:33:10 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\OLRSubmission.exe
[2015/01/15 20:37:05 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2015/01/16 18:55:57 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\CLUpdater\Power2Go\8.0
[2015/01/27 20:17:22 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\CLUpdater\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\CLUpdater\PowerStarter\10.0
[2015/01/15 20:36:40 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\LABELPRINT\2.5
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\MEDIASHOW\6.0
[2015/01/15 20:37:11 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\PhotoDirector\4.0
[2015/01/15 20:37:25 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\PhotoDirector\4.0\UNO
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\POWER2GO\8.0
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\POWERBACKUP\2.50
[2015/01/15 20:36:39 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\POWERDIRECTOR\9.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\PowerDVD\10.0
[2015/01/15 20:36:38 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\CyberLink\EvoParser\PowerStarter\10.0
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\Microsoft\WwanSvc
[2016/01/26 13:38:48 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/31 03:23:42 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\All Users\Microsoft\WwanSvc\Profiles
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\Default\AppData
[2016/01/26 13:46:58 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\Public\Desktop
[2013/08/23 00:36:32 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\Public\Libraries
[2016/01/26 13:32:25 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData
[2015/01/19 23:38:54 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2015/01/15 20:23:59 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\PrivacIE
[2015/01/15 20:24:37 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\Burn\Burn
[2015/01/21 22:32:07 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\Burn\Burn1
[2015/03/26 19:31:01 | 000,000,000 | RH-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\Burn\Burn2
[2015/01/15 20:33:40 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/01/15 20:23:59 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData\Local\Microsoft\Windows\PrivacIE\Low
[2016/01/26 13:42:23 | 000,000,000 | -H-D | M] -- C:\Windows.old\Users\輝\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/09/07 19:31:44 | 000,000,000 | -H-D | M] -- C:\Windows.old\Windows\ELAMBKUP
[2016/01/26 13:33:23 | 000,000,000 | -H-D | M] -- C:\Windows.old\Windows\ServiceProfiles\LocalService\AppData
[2016/01/26 13:33:23 | 000,000,000 | -H-D | M] -- C:\Windows.old\Windows\ServiceProfiles\NetworkService\AppData
[2015/10/30 16:24:29 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2015/06/05 01:38:24 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2016/01/26 13:33:23 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2016/01/26 13:33:23 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2016/02/12 20:45:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/02/11 21:20:19 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/02/12 20:38:39 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/02/12 21:06:27 | 000,000,710 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/02/12 21:08:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job
[2016/02/12 21:01:00 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_輝.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10EZEX-00BN5A0
Partitions: 5
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 916.00GB
Starting Offset: 722468864
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 450.00MB
Starting Offset: 984003641344
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 15.00GB
Starting Offset: 984475500544
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 001,144,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,794,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2015/10/30 16:18:26 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2015/10/30 16:18:25 | 000,345,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:43 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,904,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,355,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2015/10/30 16:18:31 | 000,293,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2015/10/30 16:18:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2016/01/16 14:25:21 | 000,457,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,390,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:25 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,755,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2016/01/16 14:40:12 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:40 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,904,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,057,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2016/01/16 14:37:43 | 000,190,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,283,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:16 | 000,608,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2015/10/30 16:18:38 | 000,559,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 001,012,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:10 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2015/10/30 16:18:36 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 001,465,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/01/16 14:30:06 | 001,053,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2016/01/16 14:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:25 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 001,743,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,870,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,643,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/10/30 16:18:21 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2016/01/26 13:21:31 | 002,280,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,264,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 002,295,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,274,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\輝\OneDrive:ms-properties

< End of report >
  • 風信子
  • 2016/02/13 (Sat) 17:16:47
返信フォームへ 
OTLでIEの掃除を
今日もレスが遅くなってすみません。
OTLスキャンログを見せてもらいました。
では今度はOTLで見えた物をOTLから掃除にかかります。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {03F15F83-38EA-4E78-96CC-7F2588ADA1D1}
IE - HKLM\..\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=NMJB
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install

:Files

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2016/02/13 (Sat) 21:12:19
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
現状は変わらずクローム、IE共にsmartshopsave.comの表示は出なくなりました。

[OLT]
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F15F83-38EA-4E78-96CC-7F2588ADA1D1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
========== FILES ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313840 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: 輝
->Temp folder emptied: 127942982 bytes
->Temporary Internet Files folder emptied: 8210738 bytes
->Java cache emptied: 26925 bytes
->Google Chrome cache emptied: 372912151 bytes
->Flash cache emptied: 323245 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4937641 bytes
RecycleBin emptied: 4668062347 bytes

Total Files Cleaned = 4,943.00 mb

Unable to start System Restore Service. Error code 1084
Error: Unable to interpret <[rebo> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 02132016_225547

Files\Folders moved on Reboot...
C:\Users\輝\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
ご確認お願いします。
  • 風信子
  • 2016/02/13 (Sat) 23:47:18
返信フォームへ 
OTLの結果はそれでいいです
おはようございます。

>現状は変わらずクローム、IE共にsmartshopsave.comの表示は出なくなりました。

はい、OTLでの掃除もできてますね。
ではここで一度全体の状態を各ログから再確認します。

お手数ですがまたCCで各タブとインストール情報とHJTログも取り直して、それらをレスで見せてください。

何か取りこぼしがないかを含めて全体を洗い直します
  • 悪代官
  • 2016/02/14 (Sun) 06:33:40
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
ご対応いつもありがとうございます。
ログを張らせていただきますご確認ください。
[インスト]
3D Builder Microsoft Corporation 2016/01/26 10.10.38.0
Adobe AIR Adobe Systems Incorporated 2016/02/12 23.6 MB 20.0.0.233
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2016/02/12 8.40 MB 20.0.0.306
AOSBOX for UNITCOM AOSBOX for UNITCOM 2016/02/12 16.2 MB 2.1
Apple Application Support(32 ビット) Apple Inc. 2015/12/25 148 MB 4.1.2
Apple Application Support(64 ビット) Apple Inc. 2015/12/25 166 MB 4.1.2
Apple Mobile Device Support Apple Inc. 2015/10/23 42.7 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/09/22 4.63 MB 2.1.4.131
Avast Internet Security AVAST Software 2016/02/12 1.31 GB 11.1.2253
Bonjour Apple Inc. 2015/09/22 3.28 MB 3.1.0.1
Candy Crush Soda Saga king.com 2016/02/03 1.58.400.0
CCleaner Piriform 2016/02/09 5.14
CopyTrans Control Center削除専用 WindSolutions 2016/01/26 4.004
CyberLink Media Suite 10 CyberLink Corp. 2016/02/12 88.6 MB 10.0
Google Chrome Google Inc. 2015/01/15 490 MB 48.0.2564.109
Groove ミュージック Microsoft Corporation 2016/01/26 3.6.15131.0
Handbrake日本語版 0.9.4 2016/02/12 0.9.4
iCloud Apple Inc. 2015/12/11 146 MB 5.1.0.34
Intel(R) Management Engine Components Intel Corporation 2014/12/24 9.5.15.1730
Intel(R) Rapid Storage Technology Intel Corporation 2014/12/24 12.8.3.1000
iTunes Apple Inc. 2015/12/25 281 MB 12.3.2.35
Kingsoft Office 2013 (9.1.0.4059) Kingsoft Corp. 2016/02/12 9.1.0.4059
LINE LINE Corporation 2016/01/29 2.1.0.0
LoiLoScope 2 LoiLo inc 2014/12/24 165 MB 2.5.1.2
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2016/02/11 19.3 MB 1.75.0.1300
Microsoft Solitaire Collection Microsoft Studios 2016/01/26 3.7.1041.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/12/24 3.04 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/12/24 1.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/01/18 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/12/24 639 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/12/24 1.25 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/01/18 634 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 14.7 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/02/12 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/02/12 17.3 MB 11.0.61030.0
Microsoft Wi-Fi Microsoft Corporation 2016/01/26 1.1511.2.0
NAVITIME for mouse computer NAVITIME JAPAN 2016/01/26 2.0.3.0
NVIDIA 3D Vision コントローラー ドライバー 344.46 NVIDIA Corporation 2014/12/24 8.29 MB 344.46
NVIDIA 3D Vision ドライバー 344.48 NVIDIA Corporation 2014/12/24 35.6 MB 344.48
NVIDIA GeForce Experience 2.1.3 NVIDIA Corporation 2014/12/24 22.8 MB 2.1.3
NVIDIA HD オーディオ ドライバー 1.3.32.1 NVIDIA Corporation 2014/12/24 8.22 MB 1.3.32.1
NVIDIA Miracast 仮想オーディオ 344.48 NVIDIA Corporation 2014/12/24 5.55 MB 344.48
NVIDIA PhysX システム ソフトウェア 9.14.0702 NVIDIA Corporation 2014/12/24 81.1 MB 9.14.0702
NVIDIA グラフィックス ドライバー 344.48 NVIDIA Corporation 2014/12/24 441 MB 344.48
OneNote Microsoft Corporation 2016/02/04 17.6568.15721.0
People Microsoft Corporation 2016/02/04 10.0.10220.0
PowerDirector CyberLink Corp. 2014/12/24 470 MB 9.0.0.5113
Realtek Ethernet Controller Driver Realtek 2014/12/24 3.08 MB 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/02/12 16.0 MB 6.0.1.7058
RGSS-RTP Standard Enterbrain 2015/12/27 21.0 MB 1.03
RPGツクールVX Ace RTP Enterbrain 2015/01/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/21 42.2 MB 1.02
Skype を手に入れよう Skype 2016/01/26 3.2.1.0
Sway Microsoft Corporation 2016/02/02 17.6629.20261.0
Twitter Twitter Inc. 2016/01/26 4.3.3.0
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/01/18 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/05/17 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/05/28 18.0 KB 16.0.1515.1
Windows スキャン Microsoft Corporation 2016/01/26 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/01/26 6.3.9654.20947
Xbox Microsoft Corporation 2016/01/26 11.13.6008.0
Yahoo!天気・災害 Yahoo Japan Corporation 2016/01/26 2.0.4.0
つよきすFESTIVAL INTERHEART 2016/02/12 4.88 GB 2.3
はじめに Microsoft Corporation 2016/01/26 2.6.12.0
アプリ コネクター Microsoft Corporation 2016/01/26 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/01/26 10.1512.58020.0
カメラ Microsoft Corporation 2016/02/04 2016.128.10.0
ストア Microsoft Corporation 2016/02/12 2016.27.2.0
スポーツ Microsoft Corporation 2016/01/26 4.8.239.0
ドラゴンクエストX オンライン SQUARE ENIX CO., LTD. 2015/11/19 6.81 GB 1.0.1.0
ニュース Microsoft Corporation 2016/01/26 4.8.239.0
フォト Microsoft Corporation 2016/02/05 16.201.11370.0
ボイス レコーダー Microsoft Corporation 2016/01/26 10.1512.21110.0
マップ Microsoft Corporation 2016/01/26 4.1601.10150.0
マネー Microsoft Corporation 2016/01/27 4.8.239.0
メッセージング & Skype Microsoft Corporation 2016/01/26 2.13.20000.0
メール/カレンダー Microsoft Corporation 2016/02/10 17.6568.16901.0
モバイル コンパニオン Microsoft Corporation 2016/02/05 10.1602.3010.0
圧縮解凍ソフト Noah 2016/02/12
天気 Microsoft Corporation 2016/01/26 4.8.239.0
新しい Office を始めよう Microsoft Corporation 2016/02/02 17.6628.23511.0
映画 & テレビ Microsoft Corporation 2016/01/29 3.6.16941.0
真・恋姫†英雄譚3 2016/02/12
電卓 Microsoft Corporation 2016/01/26 10.1601.49020.0
電話 Microsoft Corporation 2016/01/26 2.12.14001.0


[windows]
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe" "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOM.exe" "-Delay"


[スケジュールされたタスク]
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-500
有効 Task SafeZone scheduled Autoupdate 1454864357 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task WpsUpdateTask_Administrator Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task WpsUpdateTask_輝 Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task {4B3E6F75-87CC-4616-8E5D-4ADEC449AA83} Microsoft Corporation C:\Windows\system32\pcalua.exe -a H:\保存\noahinst.exe -d H:\保存
有効 Task {CE53D9AB-3971-425A-AE33-E7BF5A841429} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\輝\Downloads\noahinst.exe -d C:\Users\輝\Downloads


[コンテキストメニュー]
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File 00avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 Folder avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll


[IE]
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll


[クローム]
有効 App Gmail 8.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
無効 Extension Avast Online Security 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0
無効 Extension Avast SafePrice 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0
無効 Extension PicTwitterFull 2.1.3 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0
有効 Extension アイドルマスター シンデレラガールズ[ChromeApps版] 1.0.4 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.3.2 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0


[HJT]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:54:48, on 2016/02/14
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\輝\Downloads\HijackThis.exe

O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX for UNITCOM Backup Service (AOSBOXforUNITCOM Backup Service) - Unknown owner - C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8407 bytes
  • 風信子
  • 2016/02/14 (Sun) 16:04:12
返信フォームへ 
Kingsoftの使用継続について確認です
作業と報告、ご苦労様です。
状態の洗い直しにきた「あらいぐま悪代官」です(←悪代官なら悪事から足を洗え

ログも見せてもらいましたが、現在はおかしなところはなさそうですね。

ではここで下記のOfficeソフトについて確認です。
>Kingsoft Office 2013 (9.1.0.4059) Kingsoft Corp. 2016/02/12 9.1.0.4059

これは今後も継続使用されますか?
よければ削除の上、以後は非使用を検討ください。

これはMicrosoftの純正Officeで作成編集したファイルとの高い互換性と低価格が最大のウリですが、それ以外の面ではとにかく悪評ばかりが絶えないものです。
少しでもPCに明るい人の間ではKing系アプリはとことん避けられるほどで、しかもKing系アプリは普通にアンインストールしても実際はきれいには消えず、PC内に多くの残骸を残してそれも「生きて動いている」状態になっていることが知られています。
アプリ削除後もPC内の奥深くに隠れて何をやっているのかわかりませんが、不要になって削除したアプリの残骸を飼っておく必要もないでしょうから、アンインストールするならその安全な作業手順も案内します。

削除するならPCをセーフモード状態でGUを使って、Kingをアンインストールしてください。

削除後にPC再起動後、そこでCCでの各タブのログを取り直して、それをレスで見せてください。
そこから続きの残骸掃除も案内します。

今後もKingを使うならその判断はお任せするので、そのことだけレスください
  • あらいぐま悪代官
  • 2016/02/14 (Sun) 20:30:54
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
Kingsoft Office 2013がそのようなソフトだとは少しも知りませんでした。
現状使っていませんので削除対応でお願いします。
先駆けてGUでの削除とログ出しを行いましたので確認をお願いします。

[windows]
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe" "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOM.exe" "-Delay"


[スケジュールされたタスク]
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-500
有効 Task SafeZone scheduled Autoupdate 1454864357 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task WpsUpdateTask_Administrator C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task WpsUpdateTask_輝 C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task {4B3E6F75-87CC-4616-8E5D-4ADEC449AA83} Microsoft Corporation C:\Windows\system32\pcalua.exe -a H:\保存\noahinst.exe -d H:\保存
有効 Task {CE53D9AB-3971-425A-AE33-E7BF5A841429} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\輝\Downloads\noahinst.exe -d C:\Users\輝\Downloads


[コンテキストメニュー]
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File 00avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 Folder avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll


[IE]
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll


[クローム]
有効 App Gmail 8.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
無効 Extension Avast Online Security 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0
無効 Extension Avast SafePrice 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0
無効 Extension PicTwitterFull 2.1.3 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0
有効 Extension アイドルマスター シンデレラガールズ[ChromeApps版] 1.0.4 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.3.2 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0

  • 風信子
  • 2016/02/15 (Mon) 03:06:41
返信フォームへ 
CCで残骸の掃除します
作業と報告、ご苦労様です。

>現状使っていませんので削除対応でお願いします。

はい、Kingは削除でいいとのことですね。
アプリ自体はアンインストールされたようですが、案の定まだ生きて動いてますね。
CCの「スケジュール」タブにある下記を見てください。
>有効 Task WpsUpdateTask_Administrator C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
>有効 Task WpsUpdateTask_輝 C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task

見てのとおりKingの残骸ですが、「有効」となっているようにまだ生きています。
King系はこうやってアプリ削除後もPC内に残って動くことが多いので完全に削除するにはもうひと手間かける必要あるのです。

では続きの掃除しましょう。

またCCを起動して「スケジュール」タブ内の下記を「無効」「エントリの削除」してください。
>有効 Task WpsUpdateTask_Administrator C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
>有効 Task WpsUpdateTask_輝 C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task

削除したら目視でCドライブを開いて、下記フォルダを探して、見つかれば手動で削除です。
C:\Program Files (x86)\Kingsoft

探しても見つからないときはスルーでいいですが、見つかったのに削除できないときは次回レスでそれを教えてください。

該当フォルダが消えているor削除できたならなら掃除成功になるはずですが、このあとまた作業の結果報告をレスください
  • 悪代官
  • 2016/02/15 (Mon) 20:24:02
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
ご対応ありがとうございます。

>有効 Task WpsUpdateTask_Administrator C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
>有効 Task WpsUpdateTask_輝 C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
両方とも「無効」はできませんでしたので「エントリの削除」を行いました。

C:\Program Files (x86)\Kingsoft
は見つかりましたので削除を行いました。
  • 風信子
  • 2016/02/15 (Mon) 20:57:00
返信フォームへ 
Kingの掃除できましたね
作業と報告、ご苦労様です。

>C:\Program Files (x86)\Kingsoft
>は見つかりましたので削除を行いました。

はい、CCで見つかったエントリも削除できたようですね。
Kingの掃除も成功です。
削除後も手間かけないときれいには消えないこれの仕様を理解されましたか?

では他にまだ何か異常出ていれば教えてください。

特に異常出てなければ、ここからは様子見をお願いします。
普通にPCを使いながらでいいので1週間様子見です。

1週間後にまたCCで各タブとインストール情報のログ、それにHJTログも取り直して、それらを様子見中の状態報告とともにレスください。

この時点でのログと状態がどうなっているかがおそらく最後のヤマになりそうです
  • 悪代官
  • 2016/02/16 (Tue) 20:48:56
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
ご対応何度もありがとうございました。
1週間後にまたよろしくお願いします。
  • 風信子
  • 2016/02/16 (Tue) 23:52:40
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
お久しぶりです

1週間経過しましたのでログを張らせていただきます。
現在異常はウィンドウズボタンと音声のボリューム変更のアイコンが左クリックで
反応しないため右クリックで再起動、音声ミキサーの立ち上げをしています。
それ以外は特にありませんご確認お願いします。

[インスト]
3D Builder Microsoft Corporation 2016/01/26 10.10.38.0
Adobe AIR Adobe Systems Incorporated 2016/02/12 23.6 MB 20.0.0.233
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2016/02/12 8.40 MB 20.0.0.306
AOSBOX for UNITCOM AOSBOX for UNITCOM 2016/02/16 16.3 MB 2.1
Apple Application Support(32 ビット) Apple Inc. 2015/12/25 148 MB 4.1.2
Apple Application Support(64 ビット) Apple Inc. 2015/12/25 166 MB 4.1.2
Apple Mobile Device Support Apple Inc. 2015/10/23 42.7 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/09/22 4.63 MB 2.1.4.131
Avast Internet Security AVAST Software 2016/02/16 1.54 GB 11.1.2253
Bonjour Apple Inc. 2015/09/22 3.28 MB 3.1.0.1
Candy Crush Soda Saga king.com 2016/02/15 1.59.300.0
CCleaner Piriform 2016/02/16 17.5 MB 5.14
CopyTrans Control Center削除専用 WindSolutions 2016/01/26 4.004
CyberLink Media Suite 10 CyberLink Corp. 2016/02/12 88.6 MB 10.0
Google Chrome Google Inc. 2015/01/15 473 MB 48.0.2564.116
Groove ミュージック Microsoft Corporation 2016/01/26 3.6.15131.0
Handbrake日本語版 0.9.4 2016/02/12 0.9.4
iCloud Apple Inc. 2015/12/11 146 MB 5.1.0.34
Intel(R) Management Engine Components Intel Corporation 2014/12/24 9.5.15.1730
Intel(R) Rapid Storage Technology Intel Corporation 2014/12/24 12.8.3.1000
iTunes Apple Inc. 2015/12/25 281 MB 12.3.2.35
LINE LINE Corporation 2016/01/29 2.1.0.0
LoiLoScope 2 LoiLo inc 2014/12/24 165 MB 2.5.1.2
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2016/02/11 13.3 MB 1.75.0.1300
Microsoft Solitaire Collection Microsoft Studios 2016/01/26 3.7.1041.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/12/24 3.04 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/12/24 1.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/01/18 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/12/24 639 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/12/24 1.25 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/01/18 634 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/01/18 14.7 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/02/12 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/02/12 17.3 MB 11.0.61030.0
Microsoft Wi-Fi Microsoft Corporation 2016/01/26 1.1511.2.0
NAVITIME for mouse computer NAVITIME JAPAN 2016/01/26 2.0.3.0
NVIDIA 3D Vision コントローラー ドライバー 344.46 NVIDIA Corporation 2014/12/24 8.29 MB 344.46
NVIDIA 3D Vision ドライバー 344.48 NVIDIA Corporation 2014/12/24 35.6 MB 344.48
NVIDIA GeForce Experience 2.1.3 NVIDIA Corporation 2014/12/24 22.8 MB 2.1.3
NVIDIA HD オーディオ ドライバー 1.3.32.1 NVIDIA Corporation 2014/12/24 8.22 MB 1.3.32.1
NVIDIA Miracast 仮想オーディオ 344.48 NVIDIA Corporation 2014/12/24 5.55 MB 344.48
NVIDIA PhysX システム ソフトウェア 9.14.0702 NVIDIA Corporation 2014/12/24 81.1 MB 9.14.0702
NVIDIA グラフィックス ドライバー 344.48 NVIDIA Corporation 2014/12/24 441 MB 344.48
OneNote Microsoft Corporation 2016/02/23 17.6741.18061.0
People Microsoft Corporation 2016/02/04 10.0.10220.0
PowerDirector CyberLink Corp. 2014/12/24 470 MB 9.0.0.5113
Realtek Ethernet Controller Driver Realtek 2014/12/24 3.08 MB 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/02/12 16.0 MB 6.0.1.7058
RGSS-RTP Standard Enterbrain 2015/12/27 21.0 MB 1.03
RPGツクールVX Ace RTP Enterbrain 2015/01/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/21 42.2 MB 1.02
Skype を手に入れよう Skype 2016/01/26 3.2.1.0
Sway Microsoft Corporation 2016/02/23 17.6741.45271.0
Twitter Twitter Inc. 2016/02/17 4.3.4.0
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/01/18 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/05/17 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/05/28 18.0 KB 16.0.1515.1
Windows スキャン Microsoft Corporation 2016/01/26 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/01/26 6.3.9654.20947
Xbox Microsoft Corporation 2016/02/19 14.14.16008.0
Yahoo!天気・災害 Yahoo Japan Corporation 2016/01/26 2.0.4.0
つよきすFESTIVAL INTERHEART 2016/02/12 4.88 GB 2.3
はじめに Microsoft Corporation 2016/01/26 2.6.12.0
アプリ コネクター Microsoft Corporation 2016/01/26 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/01/26 10.1512.58020.0
カメラ Microsoft Corporation 2016/02/04 2016.128.10.0
ストア Microsoft Corporation 2016/02/12 2016.27.2.0
スポーツ Microsoft Corporation 2016/01/26 4.8.239.0
ドラゴンクエストX オンライン SQUARE ENIX CO., LTD. 2015/11/19 6.81 GB 1.0.1.0
ニュース Microsoft Corporation 2016/01/26 4.8.239.0
フォト Microsoft Corporation 2016/02/05 16.201.11370.0
ボイス レコーダー Microsoft Corporation 2016/01/26 10.1512.21110.0
マップ Microsoft Corporation 2016/01/26 4.1601.10150.0
マネー Microsoft Corporation 2016/01/27 4.8.239.0
メッセージング & Skype Microsoft Corporation 2016/01/26 2.13.20000.0
メール/カレンダー Microsoft Corporation 2016/02/20 17.6568.46051.0
モバイル コンパニオン Microsoft Corporation 2016/02/05 10.1602.3010.0
圧縮解凍ソフト Noah 2016/02/12
天気 Microsoft Corporation 2016/01/26 4.8.239.0
新しい Office を始めよう Microsoft Corporation 2016/02/02 17.6628.23511.0
映画 & テレビ Microsoft Corporation 2016/01/29 3.6.16941.0
真・恋姫†英雄譚3 2016/02/12
電卓 Microsoft Corporation 2016/01/26 10.1601.49020.0
電話 Microsoft Corporation 2016/01/26 2.12.14001.0

[windows]
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMLauncher.exe" "C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOM.exe" "-Delay"

[スケジュールされたタスク]
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-705012142-2807547796-874617321-500
有効 Task SafeZone scheduled Autoupdate 1454864357 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task {4B3E6F75-87CC-4616-8E5D-4ADEC449AA83} Microsoft Corporation C:\Windows\system32\pcalua.exe -a H:\保存\noahinst.exe -d H:\保存
有効 Task {CE53D9AB-3971-425A-AE33-E7BF5A841429} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\輝\Downloads\noahinst.exe -d C:\Users\輝\Downloads

[コンテキストメニュー]
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File 00avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 Folder avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

[IE]
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
無効 Helper avast! Online Security AVAST Software C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

[クローム]
有効 App Gmail 8.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
無効 Extension Avast Online Security 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.221_0
無効 Extension Avast SafePrice 11.1.0.221 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\11.1.0.221_0
無効 Extension PicTwitterFull 2.1.3 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfpgnianlhodkfdhdofnmjhpjebaamf\2.1.3_0
有効 Extension アイドルマスター シンデレラガールズ[ChromeApps版] 1.0.4 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnacabmnfmejgfffmcehejcmiciinpej\1.0.4_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.3.2 最初のユーザー C:\Users\輝\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.3.2_0

[HJT]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:52:09, on 2016/02/23
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\輝\Downloads\backups\HijackThis.exe

O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\輝\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX for UNITCOM Backup Service (AOSBOXforUNITCOM Backup Service) - Unknown owner - C:\Program Files\AOSBOX for UNITCOM\AOSBOXforUNITCOMService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8232 bytes
  • 風信子
  • 2016/02/23 (Tue) 21:09:06
返信フォームへ 
何とか片付きましたか
レスが遅くなってすみません。
様子見後の報告ですね。

>現在異常はウィンドウズボタンと音声のボリューム変更のアイコンが左クリックで
>反応しないため右クリックで再起動、音声ミキサーの立ち上げをしています。

これに関しては自分のほうでははっきりしたことはわかりませんので、うかつな処置の指示はしないでおきます。

システム的な異常の相談なら下記サイトあたりが信頼できるかと思います。
http://pasokoma.jp/

>それ以外は特にありませんご確認お願いします。

本題の異常は消えているようで、これはいいです。
各ログも見せてもらいましたがおかしなところはなさそうですね。

では本題の処置については終了でいいでしょう。
異常は消えても以後の再被害を防ぐための自衛はここからが始まりということは理解しておいてください。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

おさらいですが、DVD DecrypterやDVD Shrinkを含む法的に問題あるアプリに手を出すならそれによるいかなトラブルもすべて自己責任になると思ってください。
この場合感染に留まらず著作権上での問題とその責任についても責任を問われてもおかしくありません。
言うまでもないですが市販やレンタルDVD等からリッピングしたようなファイルでもまだ持っていればそれらは速攻で全部完全破棄してください。
もしまだ持っていてそれによるトラブル等が発生しても逃げ道はありませんので。

PCセキュリティの第一歩は、ユーザー自身が怪しいサイトや信頼できないファイル等に手を出さないことです。
それを二の次にして趣味や利益優先で変なものに手を出したら、どんな感染受けても自業自得になります。

今回の作業ではかなり苦労したかと思いますが、その苦労を糧に替えて以後はひとつずつでもPC環境とセキュリティ意識の再構築に努めてください。

慣れない作業を長期間頑張ってくれてお疲れ様でした。
以後は安全で快適なPCライフを
  • 悪代官
  • 2016/02/24 (Wed) 21:17:18
返信フォームへ 
Re: martshopsave.comという表示のホームぺージになってしまう
これまで大変ありがとうございました。こちらで教えて頂いた事を正しく情報を精査し
これからもpCを使用していこうと思います、ありがとうございました。
  • 風信子
  • 2016/02/27 (Sat) 04:41:55
返信フォームへ 

返信フォーム※初心者、通りすがり等、重複しやすい名前の利用はご遠慮ください。
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック