MPC Cleanerのアンインストール
別ツリーに書き込みしてしまったので、新しく立て直させていただきました。


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:01:07, on 2015/12/11
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

FIREFOX: 42.0 (x86 ja)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
C:\WINDOWS\System32\svchost.exe
C:\Windows\System32\IME\SHARED\imebroker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\Users\さん\Downloads\HijackThis.exe

O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [RtkNGUI] "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BSMOW07] "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS HID Access Service (AsHidService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem54.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotCash Limited - C:\Program Files\MPC Cleaner\MPCProtectService.exe

--
End of file - 8555 bytes

2007 Microsoft Office プログラム用 Microsoft PDF/XPS 保存アドイン Microsoft Corporation 2015/05/09 124 KB 12.0.4518.1014
2007 Office system 互換機能パック Microsoft Corporation 2015/11/18 80.0 MB 12.0.6612.1000
3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/11/25 208 MB 15.009.20079
Adobe AIR Adobe Systems Incorporated 2015/09/15 18.0.0.144
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2015/12/10 9.05 MB 20.0.0.235
ASUS Live Update ASUS 2014/03/03 8.49 MB 3.2.6
ASUS PhotoDirector CyberLink Corp. 2015/09/15 2.1.3706.2
ASUS PowerDirector CyberLink Corp. 2015/09/15 1.0.3618.38952
ASUS Screen Saver ASUS 2014/03/03 32.0 KB 1.0.2
ASUS Smart Gesture ASUS 2015/09/15 102 MB 4.0.6
ASUS WebStorage ASUS Cloud Corporation 2015/09/15 1.0.24.190
ASUS Welcome ASUSTeK COMPUTER INC. 2015/09/15 1.0.1.0
ATK Package ASUS 2014/03/03 13.9 MB 1.0.0031
Avidemux 2.6 - 32 bits (32-bit) 2015/09/15 2.6.9.00
Broadcom 802.11 Network Adapter Broadcom Corporation 2015/09/15 5.93.99.187.1
BSMOW07 BUFFALO 2015/05/10 1.0.2
Candy Crush Saga king.com 2015/12/02 1.652.0.0
CCleaner Piriform 2015/12/11 5.12
DAEMON Tools Lite Disc Soft Ltd 2015/09/15 10.1.0.0074
ESET Smart Security ESET, spol s r. o. 2015/09/15 96.8 MB 8.0.304.7
GOM Player Gretech Corporation 2015/09/19 2.2.73.5235
Groove ミュージック Microsoft Corporation 2015/11/11 3.6.15131.0
HP AiO Printer Remote Hewlett-Packard Company 2015/09/29 58.1.78.0
HP FWUpdateEDO2 Hewlett-Packard 2015/05/23 1.53 MB 1.2.0.0
HP Photo Creations HP 2015/09/15 14.6 MB 1.0.0.7702
HP Photosmart 5520 series ベーシック デバイス ソフトウェア Hewlett-Packard Co. 2015/05/16 102 MB 28.0.1315.0
HP Update Hewlett-Packard 2015/05/16 4.04 MB 5.005.002.002
Intel(R) Dynamic Platform and Thermal Framework Intel Corporation 2015/09/15 7.1.0.479
Intel(R) Processor Graphics Intel Corporation 2015/06/24 10.18.10.3417
Intel(R) Trusted Execution Engine Intel Corporation 2014/03/03 1.0.0.1054
Jane Style Version 3.83 Jane, Inc. 2015/04/26 3.83
LINE LINE Corporation 2015/12/08 4.3.0.724
Microsoft Office Enterprise 2007 Microsoft Corporation 2015/09/15 12.0.6612.1000
Microsoft Office File Validation Add-In Microsoft Corporation 2015/05/08 10.9 MB 14.0.5130.5003
Microsoft Silverlight Microsoft Corporation 2015/08/17 67.0 MB 5.1.40728.0
Microsoft Solitaire Collection Microsoft Studios 2015/11/10 3.5.11021.0
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/07/02 5.15 MB 10.0.40219
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 Microsoft Corporation 2015/09/15 17.3 MB 12.0.20617.1
Mozilla Firefox 42.0 (x86 ja) Mozilla 2015/11/08 87.1 MB 42.0
Mozilla Maintenance Service Mozilla 2015/11/08 247 KB 42.0.0.5780
MSN トラベル Microsoft Corporation 2015/09/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/09/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/09/15 3.0.4.336
NAVITIME for ASUS NavitimeJapan. 2015/09/15 2.0.3.0
nyalu catproject 2015/09/15 1.8.0.40
OneNote Microsoft Corporation 2015/12/10 17.6366.15841.0
People Microsoft Corporation 2015/12/03 10.0.3350.0
Realtek I2S Audio Realtek Semiconductor Corp. 2014/03/03 6.2.9600.4055
RoboForm 7-9-13-5 (All Users) Siber Systems 2015/09/15 20.0 MB 7-9-13-5
Skype を手に入れよう Skype 2015/09/15 3.2.1.0
Sleipnir Version 6.1.6 Fenrir Inc. 2015/04/26 263 MB 6.1.6
Twitter Twitter Inc. 2015/12/11 4.3.1.0
VLC media player VideoLAN 2015/09/15 2.2.1
Windows スキャン Microsoft Corporation 2015/09/15 6.3.9654.17133
Windows ドライバ パッケージ - ASUS (AsusSGDrv) Mouse (07/07/2015 8.0.0.17) ASUS 2015/09/15 07/07/2015 8.0.0.17
Windows リーディング リスト Microsoft Corporation 2015/09/15 6.3.9654.20947
WinFlash ASUS 2014/03/03 889 KB 2.42.0
WinRAR 5.01 (32ビット) win.rar GmbH 2015/09/15 5.01.0
Xbox Microsoft Corporation 2015/12/10 11.12.9011.0
はじめに Microsoft Corporation 2015/11/10 2.5.6.0
アプリ コネクター Microsoft Corporation 2015/09/15 1.3.3.0
アラーム & クロック Microsoft Corporation 2015/11/18 10.1511.61020.0
カメラ Microsoft Corporation 2015/10/30 2015.1078.40.0
ストア Microsoft Corporation 2015/11/19 2015.23.23.0
スポーツ Microsoft Corporation 2015/11/24 4.7.130.0
ニュース Microsoft Corporation 2015/11/17 4.7.118.0
フォト Microsoft Corporation 2015/12/10 15.1208.10480.0
ボイス レコーダー Microsoft Corporation 2015/11/20 10.1511.17110.0
マップ Microsoft Corporation 2015/11/17 4.1511.3161.0
マネー Microsoft Corporation 2015/11/17 4.7.118.0
メール/カレンダー Microsoft Corporation 2015/11/17 17.6416.42001.0
モバイル コンパニオン Microsoft Corporation 2015/11/20 10.1511.18010.0
リモート デスクトップ Microsoft Corporation 2015/09/15 6.3.9600.16419
リーダー Microsoft Corporation 2015/09/15 6.4.9926.17994
天気 Microsoft Corporation 2015/11/17 4.7.118.0
新しい Office を始めよう Microsoft Corporation 2015/12/10 17.6508.23761.0
映画 & テレビ Microsoft Corporation 2015/12/10 3.6.15731.0
電卓 Microsoft Corporation 2015/12/09 10.1512.4020.0
  • ピーチ
  • 2015/12/12 (Sat) 20:27:13
返信フォームへ 
まだ主因は見えませんが
ピーチさん、こんばんは。
桃太郎侍様に退治されたくないので、某美少女戦隊のキュ○ピーチ様にお仕置きされてる悪代官です。
しあわせ、外道だよぅ!(違

説明とログを見せてもらいました。
問題点は見えてますが、主因らしいものはまだ見えませんね。
まずは慎重に調べていきましょうか。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/11/25 208 MB 15.009.20079

DAEMON Tools Lite Disc Soft Ltd 2015/09/15 10.1.0.0074

続いてセーフモードのままでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun

O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、今度はCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。
  • 悪代官
  • 2015/12/12 (Sat) 23:05:22
返信フォームへ 
Re: MPC Cleanerのアンインストール
お世話になっております。
すいませんが、質問なのですが。
セーフモードでGUを起動し、アンインストールを実行しようとしたところ、
DAEMONの方は問題なくできたのですが、Acrobatの方をアンインストールしようとすると、
添付の画像のような、「Windowsインストーラが正しくインストールされていません・・・」というメッセージが出て
先に進めませんでした。

一応、ここでストップしていますが、どうしたらいいでしょうか?
クリーンアップ以降は行っておりません。
  • ピーチ
  • 2015/12/13 (Sun) 11:38:44
返信フォームへ 
自分の指示がうっかりしてました
レスが遅くなってすみません。

セーフモードでAcrobaの削除できない件ですね。
これは自分が指示を間違えました、
今度はPCを通常モード状態でそれを削除し直してください。

これで削除できると思いますが、できないときはそこは飛ばして他の作業を先に進めていいです。

自分の指示がまずくて失礼しました。
こいつはうっかりだぁ!(←それポジション違う
  • 悪代官
  • 2015/12/13 (Sun) 21:22:21
返信フォームへ 
Re: MPC Cleanerのアンインストール
お世話になっております。
通常モードで起動したら、Acrobat削除できました。ありがとうございました。
続きですが、セーフモードでHJTスキャンしたところ、O4,O23共にかからなかったので、スルーしました。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:30:50, on 2015/12/13
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)

FIREFOX: 42.0 (x86 ja)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
C:\WINDOWS\system32\svchost.exe
C:\Users\さん\Downloads\HijackThis.exe

O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [RtkNGUI] "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BSMOW07] "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [OneDrive] "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS HID Access Service (AsHidService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem54.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotCash Limited - C:\Program Files\MPC Cleaner\MPCProtectService.exe

--
End of file - 7895 bytes

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run HP Photosmart 5520 series (NET) Hewlett-Packard Co. "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RoboForm Siber Systems "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
有効 HKLM:Run ASUSPRP ASUSTek Computer Inc. "C:\Program Files\ASUS\APRP\APRP.EXE"
有効 HKLM:Run BSMOW07 Buffalo "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
有効 HKLM:Run DptfPolicyLpmServiceHelper Intel Corporation C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
有効 HKLM:Run egui ESET "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
有効 HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
有効 HKLM:Run HP Software Update Hewlett-Packard C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
有効 HKLM:Run IgfxTray Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
有効 HKLM:Run RtkNGUI Realtek Semiconductor "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
有効 Startup User OneNote 2007 画面の領域の取り込みと起動.lnk Microsoft Corporation C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

有効 Extension OneNote に送る Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
有効 Extension Research Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
有効 Extension ツールバー表示 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension フォーム記入 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension 保存 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
無効 Helper Groove GFS Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
有効 Helper RoboForm Toolbar Helper Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Toolbar RoboForm Toolbar Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

有効 Extension Add to Amazon Wish List Button 1.10.1-signed Amazon.com default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\extensions\amznUWL2@amazon.com.xpi
有効 Extension RoboForm Toolbar for Firefox 7.9.13.5 Siber Systems Inc. default Firefox 42.0 C:\Program Files\Siber Systems\AI RoboForm\Firefox
有効 Extension RoboForm Toolbar for Firefox 7.9.13.5 Siber Systems Inc. default Firefox 42.0 C:\Program Files\Siber Systems\AI RoboForm\Firefox
有効 Extension Video DownloadHelper 5.4.2 mig@downloadhelper.net default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin OpenH264 Video Codec 1.3 default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\rybaozct.default\gmp-gmpopenh264\1.3\gmpopenh264.dll
有効 Plugin OpenH264 Video Codec 1.5.1 Mozilla Corporation default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\gmp-gmpopenh264\1.5.1\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 15 Adobe Systems Inc default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\gmp-eme-adobe\15\eme-adobe.dll
有効 Plugin Shockwave Flash 20.0.0.235 Adobe Systems Incorporated default Firefox 42.0 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll
有効 Plugin Silverlight Plug-In 5.1.41105.0 Microsoft Corporation default Firefox 42.0 C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll
有効 Plugin VLC Web Plugin 2.2.1.0 VideoLAN default Firefox 42.0 C:\Program Files\VideoLAN\VLC\npvlc.dll

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task ASUS Live Update1 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -critical
有効 Task ASUS Live Update2 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -check
有効 Task ASUS Patch for Touch Panel ASUSTek Computer INC. C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task LaunchPreSignup C:\Program Files\OLBPre\OLBPre.exe signup
有効 Task Open URL by RoboForm Microsoft Corporation C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMKJKMMMJMIMLJMJCNLJMMIMNJCNLMNMJMKJCNGMNMNJMJCNKJOJNMOJOMLJKJLMMMJJNMKMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMLMPMLMJNHICMEKMICNJJCKJNBJCMKKMGJNKJCMJNNICMJNDJCMFJPIJNMJCMPMFMOMGMJMFMNMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3451279271-2515706449-3442622051-1001
有効 Task Run RoboForm TaskBar Icon Siber Systems C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
有効 Task {1994A667-DE99-4D82-B3C1-19EBB008C86E} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\coreaacSetup.exe -d C:\Users\さん\Downloads
有効 Task {3FE3E668-0FC6-4D31-9A72-E3B4CA43FBB3} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\inst_essv8_efseps.exe -d C:\Users\さん\Downloads

有効 Directory 7-Zip
有効 Directory Offline Files
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File 7-Zip
有効 File ANotepad++64
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
有効 File {4A7C4306-57E0-4C0C-83A9-78C1528F618C}
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Folder Offline Files
有効 Folder WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll


数時間後
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run HP Photosmart 5520 series (NET) Hewlett-Packard Co. "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RoboForm Siber Systems "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
有効 HKLM:Run ASUSPRP ASUSTek Computer Inc. "C:\Program Files\ASUS\APRP\APRP.EXE"
有効 HKLM:Run BSMOW07 Buffalo "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
有効 HKLM:Run DptfPolicyLpmServiceHelper Intel Corporation C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
有効 HKLM:Run egui ESET "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
有効 HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
有効 HKLM:Run HP Software Update Hewlett-Packard C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
有効 HKLM:Run IgfxTray Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
有効 HKLM:Run RtkNGUI Realtek Semiconductor "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
有効 Startup User OneNote 2007 画面の領域の取り込みと起動.lnk Microsoft Corporation C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

有効 Extension OneNote に送る Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
有効 Extension Research Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
有効 Extension ツールバー表示 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension フォーム記入 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension 保存 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
無効 Helper Groove GFS Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
有効 Helper RoboForm Toolbar Helper Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Toolbar RoboForm Toolbar Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

有効 Extension Add to Amazon Wish List Button 1.10.1-signed Amazon.com default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\extensions\amznUWL2@amazon.com.xpi
有効 Extension RoboForm Toolbar for Firefox 7.9.13.5 Siber Systems Inc. default Firefox 42.0 C:\Program Files\Siber Systems\AI RoboForm\Firefox
有効 Extension RoboForm Toolbar for Firefox 7.9.13.5 Siber Systems Inc. default Firefox 42.0 C:\Program Files\Siber Systems\AI RoboForm\Firefox
有効 Extension Video DownloadHelper 5.4.2 mig@downloadhelper.net default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 42.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin OpenH264 Video Codec 1.3 default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\rybaozct.default\gmp-gmpopenh264\1.3\gmpopenh264.dll
有効 Plugin OpenH264 Video Codec 1.5.1 Mozilla Corporation default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\gmp-gmpopenh264\1.5.1\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 15 Adobe Systems Inc default Firefox 42.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\wxyg91z4.default\gmp-eme-adobe\15\eme-adobe.dll
有効 Plugin Shockwave Flash 20.0.0.235 Adobe Systems Incorporated default Firefox 42.0 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll
有効 Plugin Silverlight Plug-In 5.1.41105.0 Microsoft Corporation default Firefox 42.0 C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll
有効 Plugin VLC Web Plugin 2.2.1.0 VideoLAN default Firefox 42.0 C:\Program Files\VideoLAN\VLC\npvlc.dll

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task ASUS Live Update1 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -critical
有効 Task ASUS Live Update2 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -check
有効 Task ASUS Patch for Touch Panel ASUSTek Computer INC. C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task LaunchPreSignup C:\Program Files\OLBPre\OLBPre.exe signup
有効 Task Open URL by RoboForm Microsoft Corporation C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMKJKMMMJMIMLJMJCNLJMMIMNJCNLMNMJMKJCNGMNMNJMJCNKJOJNMOJOMLJKJLMMMJJNMKMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMLMPMLMJNHICMEKMICNJJCKJNBJCMKKMGJNKJCMJNNICMJNDJCMFJPIJNMJCMPMFMOMGMJMFMNMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3451279271-2515706449-3442622051-1001
有効 Task Run RoboForm TaskBar Icon Siber Systems C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
有効 Task {1994A667-DE99-4D82-B3C1-19EBB008C86E} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\coreaacSetup.exe -d C:\Users\さん\Downloads
有効 Task {3FE3E668-0FC6-4D31-9A72-E3B4CA43FBB3} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\inst_essv8_efseps.exe -d C:\Users\さん\Downloads

有効 Directory 7-Zip
有効 Directory Offline Files
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File 7-Zip
有効 File ANotepad++64
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
有効 File {4A7C4306-57E0-4C0C-83A9-78C1528F618C}
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Folder Offline Files
有効 Folder WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
  • ピーチ
  • 2015/12/13 (Sun) 23:40:56
返信フォームへ 
FFも掃除しておきましょう
またレスが遅くなってすみません。

>通常モードで起動したら、Acrobat削除できました

はい、今度は削除できましたね。

作業の上で見つからないものはスルーして進めていいです。

続きのログでやはり隠れていたものが見つかりました。
今度はそれを処置にかかります。

まず下記のページの説明を読んでから、
http://note.chiebukuro.yahoo.co.jp/detail/n367452

それに沿ってブラウザのFirefoxを一度削除後に入れなおしておいてください。

次にCCを起動して「コンテキストメニュー」タブ内の下記を「無効」にしたあと続けて「エントリの削除」してください。無効化できない時はそのまま削除でもいいです。
有効 File {4A7C4306-57E0-4C0C-83A9-78C1528F618C}

CCを終了したら次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2015/12/14 (Mon) 21:19:47
返信フォームへ 
Re: MPC Cleanerのアンインストール
お世話になっております。

FireFoxは指示通りに削除→再インストールしてみました。
{4A7C4306}も削除できました。

以下ログです。

# AdwCleaner v5.025 - ログファイルの作成日 14/12/2015 作成時間 23:13:46
# 更新日 13/12/2015 作成元 Xplode
# データベース : 2015-12-13.2 [サーバー]
# オペレーティングシステム : Windows 10 Home (x86)
# ユーザー名 : さん - ASUS-T100T
# 実行場所 : C:\Users\さん\Downloads\AdwCleaner.exe
# オプション : スキャン
# サポート : http://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****

フォルダ 検出済み項目 : C:\Users\さん\AppData\Roaming\ProgSense

***** [ ファイル ] *****


***** [ DLL ] *****


***** [ ショートカット ] *****


***** [ スケジュールタスク ] *****

タスク 検出済み項目 : LaunchPreSignup

***** [ レジストリ ] *****

キー 検出済み項目 : HKLM\SOFTWARE\Classes\driverscanner
キー 検出済み項目 : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
キー 検出済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
キー 検出済み項目 : HKCU\Software\ProgSense
キー 検出済み項目 : HKLM\SOFTWARE\Uniblue

***** [ Webブラウザ ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1272 バイト] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

スキャン日付: 2015/12/14
スキャン時刻: 23:28
ログファイル: MBAM.txt
管理者: はい

バージョン: 2.2.0.1024
マルウェアデータベース: v2015.12.14.03
ルートキットデータベース: v2015.12.07.01
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効

OS: Windows 8
CPU: x86
ファイルシステム: NTFS
ユーザー: さん

スキャン形式: カスタムスキャン
結果: 完了しました
スキャンされたオブジェクト数: 532895
経過時間: 1 時間, 18 分, 12 秒

メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 無効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効

プロセス: 0
(なし悪意のある項目を検出)

モジュール: 0
(なし悪意のある項目を検出)

レジストリキー: 5
PUP.Optional.BrowserWeb, HKLM\SOFTWARE\MICROSOFT\TRACING\BrowserWeb_RASAPI32, 隔離, [21dacbd9f5965adc8742a44fc04334cc],
PUP.Optional.BrowserWeb, HKLM\SOFTWARE\MICROSOFT\TRACING\BrowserWeb_RASMANCS, 隔離, [ce2d4262eba0cc6a75542bc817ecfd03],
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\MICROSOFT\TRACING\MixVideoPlayer_RASAPI32, 隔離, [cb30673da0eb63d37654c802ea1950b0],
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\MICROSOFT\TRACING\MixVideoPlayer_RASMANCS, 隔離, [2fcce2c255361521f6d429a16b98c23e],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchPreSignup, 隔離, [fcff584c3952d4622c41baec5ca7dd23],

レジストリ値: 1
PUP.Optional.BrowserWeb, HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|BrowserWeb.exe, 11001, 隔離, [7487f6ae8ffc73c39f41d23154b0fc04]

レジストリデータ: 0
(なし悪意のある項目を検出)

フォルダー: 0
(なし悪意のある項目を検出)

ファイル: 6
PUP.Optional.MixiVideoPlayer, C:\Users\さん\AppData\Local\Temp\0ac938f6-8862-45eb-8048-c65a8c48de19\mixvideoplayersetup.exe, 隔離, [a655cdd78cffd1655ecdedcafd04817f],
PUP.Optional.RinoReader, C:\Users\さん\AppData\Local\Temp\287e5822-af9f-4420-b525-2a964aadd7b4\setup.exe, 隔離, [6a912f756427fb3b9f5ac667f70924dc],
PUP.Optional.AnySend, D:\FileHistory\さん\ASUS-T100T\Data\C\Users\さん\Downloads\[Hidemaru]_Hustle!_Danchi_Duma_v02.rar (2015_09_11 12_43_54 UTC).exe, 隔離, [42b90d9708830531bfd94d026b960af6],
PUP.Optional.SofTonic, D:\FileHistory\さん\ASUS-T100T\Data\C\Users\さん\Downloads\SoftonicDownloader_for_bluestacks-app-player (2014_12_06 07_16_01 UTC).exe, 隔離, [7b808e168209be7885abdb50629ed52b],
PUP.Optional.SofTonic, D:\FileHistory\さん\ASUS-T100T\Data\C\Users\さん\Downloads\SoftonicDownloader_for_bluestacks-app-player (2014_12_10 12_16_21 UTC).exe, 隔離, [12e90c984d3e0630003077b414ec669a],
PUP.Optional.MyPCBackup, C:\Windows\System32\Tasks\LaunchPreSignup, 隔離, [75865e46fd8ecb6bd695980e986be11f],

物理セクタ: 0
(なし悪意のある項目を検出)


(end)
  • ピーチ
  • 2015/12/15 (Tue) 19:45:31
返信フォームへ 
今度はOTLでスキャンを
作業と報告、ご苦労様です。

>FireFoxは指示通りに削除→再インストールしてみました。
>{4A7C4306}も削除できました。

はい、2つのログも見せてもらいました。
やはり結構検出出てますが、それも全部隔離処置していればいいです。

現在どこまで異常が沈静化しているかわかりませんが、沈静化の有無にかかわらず次の解析にかかります。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2015/12/15 (Tue) 22:05:22
返信フォームへ 
OTLログ
OTL logfile created on: 2015/12/15 22:19:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\さん\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.89 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 54.07% Memory free
2.64 Gb Paging File | 1.56 Gb Available in Paging File | 59.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.15 Gb Total Space | 24.01 Gb Free Space | 48.85% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 406.08 Gb Free Space | 87.19% Space Free | Partition Type: NTFS

Computer Name: ASUS-T100T | User Name: さん | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/12/15 22:16:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\さん\Downloads\OTL.exe
PRC - [2015/12/14 20:26:50 | 000,551,112 | ---- | M] (Microsoft Corporation) -- C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015/12/11 20:12:37 | 000,270,304 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCProtectService.exe
PRC - [2015/12/11 20:12:37 | 000,166,368 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCTray.exe
PRC - [2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015/11/25 14:01:01 | 004,793,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2015/11/17 01:54:02 | 006,602,152 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/09/17 15:28:29 | 000,441,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
PRC - [2015/09/17 15:20:38 | 001,235,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
PRC - [2015/08/27 10:30:00 | 000,363,504 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
PRC - [2015/08/27 10:29:38 | 000,304,112 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
PRC - [2015/08/27 10:29:16 | 000,177,136 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
PRC - [2015/07/30 22:41:56 | 000,425,376 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxEM.exe
PRC - [2015/07/30 22:41:56 | 000,283,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxCUIService.exe
PRC - [2015/07/30 22:41:56 | 000,219,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxHK.exe
PRC - [2015/07/10 17:24:54 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sihost.exe
PRC - [2015/07/10 17:24:50 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/07/10 17:24:46 | 000,898,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
PRC - [2015/07/10 17:24:42 | 000,066,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2015/07/10 17:24:41 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2015/07/10 17:24:35 | 000,071,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostw.exe
PRC - [2015/04/26 20:42:02 | 000,110,160 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2014/10/01 14:40:14 | 005,088,456 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2014/01/22 07:04:04 | 000,081,360 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
PRC - [2014/01/22 07:04:02 | 000,096,720 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyCriticalService.exe
PRC - [2014/01/22 07:04:02 | 000,090,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyLpmService.exe
PRC - [2014/01/22 07:04:02 | 000,083,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfParticipantProcessorService.exe
PRC - [2013/10/30 14:23:28 | 002,904,064 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
PRC - [2013/09/23 15:59:24 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/09/09 11:36:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/09/09 10:05:10 | 000,103,224 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
PRC - [2013/09/09 10:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2013/08/28 13:23:22 | 003,202,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2013/08/25 03:21:46 | 000,168,216 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
PRC - [2013/07/01 20:00:54 | 000,586,752 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
PRC - [2013/05/30 14:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/01/09 17:11:08 | 000,144,512 | ---- | M] (ASUSTek Computer INC.) -- C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
PRC - [2012/10/17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
PRC - [2012/10/17 04:05:10 | 000,673,384 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/09/28 13:58:18 | 001,791,784 | ---- | M] (Buffalo) -- C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/25 13:01:51 | 004,317,696 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
MOD - [2015/11/25 12:59:12 | 001,183,232 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
MOD - [2015/11/25 12:58:42 | 000,377,856 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
MOD - [2015/11/17 01:55:44 | 000,030,720 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/09/17 15:27:29 | 001,766,952 | ---- | M] () -- C:\Windows\System32\CoreUIComponents.dll
MOD - [2015/09/17 14:26:12 | 001,425,920 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
MOD - [2015/09/15 21:35:33 | 000,025,088 | ---- | M] () -- C:\Windows\System32\LicenseManagerApi.dll
MOD - [2015/07/10 17:24:27 | 000,288,768 | ---- | M] () -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
MOD - [2013/04/27 10:24:12 | 000,071,680 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\checkmetro.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/12/11 20:12:37 | 000,270,304 | ---- | M] (DotCash Limited) [Auto | Running] -- C:\Program Files\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
SRV - [2015/12/10 20:39:16 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/25 13:07:42 | 001,918,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2015/11/07 16:10:28 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/11/05 12:32:33 | 000,738,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV - [2015/11/05 12:30:07 | 000,546,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\usermgr.dll -- (UserManager)
SRV - [2015/11/05 12:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/11/05 12:24:39 | 000,115,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dssvc.dll -- (DsSvc)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/09/25 11:34:48 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV - [2015/09/25 11:34:07 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV - [2015/09/25 11:34:00 | 000,928,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV - [2015/09/17 15:26:35 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/09/17 14:48:20 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV - [2015/09/17 14:45:35 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/09/17 14:42:00 | 000,388,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV - [2015/09/17 14:36:54 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2015/09/17 14:32:20 | 001,543,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2015/09/17 14:31:28 | 000,389,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV - [2015/09/17 14:28:20 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2015/09/17 14:27:58 | 001,380,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2015/09/17 14:27:28 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2015/09/15 21:35:59 | 000,239,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2015/09/15 21:35:58 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV - [2015/09/15 21:35:54 | 000,669,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV - [2015/09/15 21:35:34 | 000,872,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dosvc.dll -- (DoSvc)
SRV - [2015/09/15 21:35:34 | 000,251,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2015/09/15 21:35:34 | 000,236,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\usocore.dll -- (UsoSvc)
SRV - [2015/09/15 21:35:33 | 001,183,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/09/15 21:35:33 | 000,520,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV - [2015/09/15 21:35:33 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SensorService.dll -- (SensorService)
SRV - [2015/07/30 22:41:56 | 000,290,208 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/07/30 22:41:56 | 000,283,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV - [2015/07/10 23:00:01 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2015/07/10 17:25:49 | 000,473,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2015/07/10 17:25:49 | 000,430,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WalletService.dll -- (WalletService)
SRV - [2015/07/10 17:25:49 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2015/07/10 17:25:15 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2015/07/10 17:25:15 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2015/07/10 17:25:10 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/10 17:25:07 | 000,636,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2015/07/10 17:25:05 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2015/07/10 17:24:54 | 000,293,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2015/07/10 17:24:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpnservice.dll -- (WpnService)
SRV - [2015/07/10 17:24:54 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV - [2015/07/10 17:24:54 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV - [2015/07/10 17:24:54 | 000,016,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV - [2015/07/10 17:24:52 | 000,807,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV - [2015/07/10 17:24:52 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV - [2015/07/10 17:24:52 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV - [2015/07/10 17:24:52 | 000,048,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\moshost.dll -- (MapsBroker)
SRV - [2015/07/10 17:24:52 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV - [2015/07/10 17:24:50 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV - [2015/07/10 17:24:50 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV - [2015/07/10 17:24:48 | 002,903,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2015/07/10 17:24:46 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2015/07/10 17:24:45 | 000,520,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV - [2015/07/10 17:24:45 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2015/07/10 17:24:45 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2015/07/10 17:24:43 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2015/07/10 17:24:42 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2015/07/10 17:24:42 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV - [2015/07/10 17:24:41 | 000,322,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2015/07/10 17:24:39 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2015/07/10 17:24:38 | 000,229,376 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV - [2015/07/10 17:24:38 | 000,152,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV - [2015/07/10 17:24:38 | 000,104,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2015/07/10 17:24:38 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2015/07/10 17:24:36 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV - [2015/07/10 17:24:35 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV - [2015/07/10 17:24:33 | 000,401,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV - [2015/07/10 17:24:32 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2015/07/10 17:24:29 | 000,277,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2015/07/10 17:24:29 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2015/07/10 17:24:29 | 000,023,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2015/07/10 17:24:19 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV - [2014/10/29 12:06:52 | 002,472,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2014/03/03 10:20:44 | 001,677,016 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
SRV - [2014/01/22 07:04:02 | 000,096,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV - [2014/01/22 07:04:02 | 000,090,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV - [2014/01/22 07:04:02 | 000,083,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV - [2013/09/09 10:05:10 | 000,103,224 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe -- (AsHidService)
SRV - [2013/09/09 10:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2013/08/25 03:21:46 | 000,168,216 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/07/01 20:01:08 | 000,637,912 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV - [2013/07/01 20:00:54 | 000,586,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wfpcapture.sys -- (wfpcapture)
DRV - [2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) [File_System | System | Running] -- C:\Windows\System32\drivers\MPCKpt.sys -- (MPCKpt)
DRV - [2015/12/11 20:12:39 | 000,028,904 | ---- | M] (DotCash) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MPCBase.sys -- (MPCBase)
DRV - [2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV - [2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2015/10/05 09:50:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/10/05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/09/17 15:28:39 | 000,083,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV - [2015/09/17 14:34:20 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV - [2015/09/15 21:35:58 | 000,042,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2015/09/15 21:35:35 | 000,488,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV - [2015/09/15 21:35:34 | 000,054,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\dam.sys -- (dam)
DRV - [2015/09/15 21:35:33 | 000,284,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2015/09/15 21:35:33 | 000,173,408 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2015/09/15 21:35:33 | 000,066,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV - [2015/09/15 21:35:33 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2015/09/15 21:35:33 | 000,036,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2015/09/15 21:35:33 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV - [2015/09/14 00:09:32 | 000,025,016 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2015/08/27 10:29:34 | 000,116,032 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsusSGDrv.sys -- (AsusSGDrv)
DRV - [2015/07/10 23:00:05 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2015/07/10 23:00:03 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2015/07/10 17:25:56 | 000,024,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2015/07/10 17:25:00 | 000,276,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV - [2015/07/10 17:25:00 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV - [2015/07/10 17:24:56 | 000,086,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV - [2015/07/10 17:24:56 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV - [2015/07/10 17:24:55 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2015/07/10 17:24:55 | 000,052,736 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV - [2015/07/10 17:24:55 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV - [2015/07/10 17:24:55 | 000,023,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ioqos.sys -- (IoQos)
DRV - [2015/07/10 17:24:54 | 000,087,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2015/07/10 17:24:50 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mmcss.sys -- (MMCSS)
DRV - [2015/07/10 17:24:45 | 000,033,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2015/07/10 17:24:43 | 000,190,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV - [2015/07/10 17:24:43 | 000,127,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2015/07/10 17:24:43 | 000,121,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV - [2015/07/10 17:24:43 | 000,076,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2015/07/10 17:24:43 | 000,060,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV - [2015/07/10 17:24:43 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV - [2015/07/10 17:24:43 | 000,042,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV - [2015/07/10 17:24:43 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2015/07/10 17:24:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2015/07/10 17:24:33 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2015/07/10 17:24:32 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV - [2015/07/10 17:24:32 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV - [2015/07/10 17:24:31 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2015/07/10 17:24:29 | 000,245,600 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV - [2015/07/10 17:24:29 | 000,097,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2015/07/10 17:24:29 | 000,037,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV - [2015/07/10 17:24:28 | 000,173,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV - [2015/07/10 17:24:28 | 000,093,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV - [2015/07/10 17:24:28 | 000,074,240 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV - [2015/07/10 17:24:28 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2015/07/10 17:24:28 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV - [2015/07/10 17:24:28 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV - [2015/07/10 17:24:24 | 000,025,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV - [2015/07/10 17:24:24 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2015/07/10 17:24:24 | 000,015,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV - [2015/07/10 17:24:23 | 000,410,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV - [2015/07/10 17:24:23 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2015/07/10 17:24:23 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV - [2015/07/10 17:24:23 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV - [2015/07/10 17:24:23 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV - [2015/07/10 17:24:23 | 000,059,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uaspstor.sys -- (UASPStor)
DRV - [2015/07/10 17:24:23 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV - [2015/07/10 17:24:23 | 000,051,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV - [2015/07/10 17:24:23 | 000,051,040 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV - [2015/07/10 17:24:23 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2015/07/10 17:24:23 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storufs.sys -- (storufs)
DRV - [2015/07/10 17:24:23 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV - [2015/07/10 17:24:23 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uefi.sys -- (UEFI)
DRV - [2015/07/10 17:24:23 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\swenum.inf_x86_b6707c73599dd1b6\swenum.sys -- (swenum)
DRV - [2015/07/10 17:24:22 | 001,038,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV - [2015/07/10 17:24:22 | 000,524,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2015/07/10 17:24:22 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV - [2015/07/10 17:24:22 | 000,171,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2015/07/10 17:24:22 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV - [2015/07/10 17:24:22 | 000,088,928 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV - [2015/07/10 17:24:22 | 000,085,856 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV - [2015/07/10 17:24:22 | 000,083,296 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV - [2015/07/10 17:24:22 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2015/07/10 17:24:22 | 000,037,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV - [2015/07/10 17:24:22 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kdnic.sys -- (kdnic)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV - [2015/07/10 17:24:22 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV - [2015/07/10 17:24:21 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2015/07/10 17:24:19 | 000,193,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV - [2015/07/10 17:24:19 | 000,101,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2015/07/10 17:24:19 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2015/07/10 17:24:19 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netvsc.sys -- (netvsc)
DRV - [2015/07/10 17:24:19 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV - [2015/07/10 17:24:19 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2015/07/10 17:24:19 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2015/07/10 17:24:19 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2015/07/10 17:24:19 | 000,038,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelpep.sys -- (intelpep)
DRV - [2015/07/10 17:24:19 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV - [2015/07/10 17:24:19 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2015/07/10 17:24:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_a4832450a7024d49\CompositeBus.sys -- (CompositeBus)
DRV - [2015/07/10 17:24:19 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2015/07/10 17:24:19 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2015/07/10 17:24:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fcvsc.sys -- (fcvsc)
DRV - [2015/07/10 17:24:19 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthMini.SYS -- (BthMini)
DRV - [2015/07/10 17:24:19 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2015/07/10 17:24:19 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2015/07/10 17:24:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2015/07/10 17:24:19 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2015/07/10 17:24:19 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV - [2015/07/10 17:24:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2015/07/08 02:27:58 | 000,025,040 | ---- | M] (Capella Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPLMACPI.sys -- (CPLMACPI)
DRV - [2015/06/27 05:46:16 | 000,044,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV - [2015/06/27 05:46:16 | 000,035,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iwdbus.sys -- (iwdbus)
DRV - [2015/06/25 19:14:57 | 000,304,344 | ---- | M] (Broadcom Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmdhd63.sys -- (BCMSDH43XX)
DRV - [2015/06/25 19:14:57 | 000,016,088 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2015/05/21 00:04:02 | 000,263,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtii2sac.sys -- (rtii2sac)
DRV - [2015/05/13 05:44:24 | 000,017,416 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsHIDSwitch.sys -- (HIDSwitch)
DRV - [2015/04/09 10:37:54 | 000,139,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BtwSerialBus.sys -- (BtwSerialBus)
DRV - [2014/09/22 07:20:06 | 000,191,928 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2014/09/22 07:20:06 | 000,190,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\edevmon.sys -- (edevmon)
DRV - [2014/09/22 07:20:06 | 000,176,448 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2014/09/22 07:20:06 | 000,135,296 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2014/09/22 07:20:06 | 000,051,288 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2014/09/22 07:20:06 | 000,037,928 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2014/02/26 16:42:48 | 000,075,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TXEI.sys -- (TXEI)
DRV - [2014/01/22 07:04:02 | 000,181,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfManager.sys -- (DptfManager)
DRV - [2014/01/22 07:04:00 | 000,080,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV - [2014/01/22 07:04:00 | 000,044,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevAmbient.sys -- (DptfDevAmbient)
DRV - [2014/01/22 07:04:00 | 000,036,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevGen.sys -- (DptfDevGen)
DRV - [2014/01/22 07:04:00 | 000,028,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevDisplay.sys -- (DptfDevDisplay)
DRV - [2014/01/22 07:04:00 | 000,025,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevPower.sys -- (DptfDevDBPT)
DRV - [2013/12/30 21:27:46 | 000,254,464 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\isstrtc.sys -- (IntelSST)
DRV - [2013/12/30 21:27:46 | 000,087,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiouart.sys -- (iaiouart)
DRV - [2013/12/30 21:27:46 | 000,048,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PMIC.sys -- (PMIC)
DRV - [2013/12/30 21:27:46 | 000,023,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpioe.sys -- (GPIO)
DRV - [2013/12/30 21:27:46 | 000,021,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MBI.sys -- (MBI)
DRV - [2013/12/30 21:27:46 | 000,016,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpiovirtual.sys -- (GpioVirtual)
DRV - [2013/12/12 14:07:14 | 000,064,792 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AsusHID.sys -- (AsusHID)
DRV - [2013/12/02 19:42:42 | 000,345,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camera.sys -- (camera)
DRV - [2013/12/02 19:42:42 | 000,038,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mt9m114.sys -- (MT9M114)
DRV - [2013/11/15 10:19:20 | 000,058,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaioi2ce.sys -- (iaioi2c)
DRV - [2013/08/09 11:31:54 | 000,505,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013/07/02 16:45:50 | 000,017,720 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


  • ピーチ
  • 2015/12/15 (Tue) 23:00:45
返信フォームへ 
OTLログ2
[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
IE - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
IE - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]

[2015/05/04 18:18:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Extensions
[2015/12/14 22:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Firefox\Profiles\g3ubdbvo.default\extensions
[2015/12/14 22:29:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/12/14 22:29:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/08/22 15:13:55 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [BSMOW07] C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe (Buffalo)
O4 - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [RtkNGUI] C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001..\Run: [OneDrive] C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3451279271-2515706449-3442622051-1001..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O9 - Extra Button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c836c8dc-713c-44b9-9fe3-f6f201d65504}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d6ac41ee-4466-4acc-8c44-d8b1fe62318d}: DhcpNameServer = 169.254.125.80
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 17:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D3D70DDE-B3B4-33DE-A8CD-808A85D68682} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/12/14 23:00:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/12/14 22:51:27 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/14 22:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/12/14 22:50:43 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2015/12/14 22:50:43 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mwac.sys
[2015/12/14 22:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/12/14 22:48:41 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Malwarebytes
[2015/12/14 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/12/14 22:48:14 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbam.sys
[2015/12/14 22:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2015/12/14 22:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/12/12 21:14:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2015/12/11 21:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/12/11 21:06:37 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Geek Uninstaller
[2015/12/11 20:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[2015/12/11 20:12:49 | 000,049,384 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:48 | 000,028,904 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\MPC Cleaner
[2015/12/11 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Local\Programs
[2015/12/09 20:07:53 | 018,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2015/12/09 20:07:47 | 001,467,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2015/12/09 20:07:45 | 001,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2015/12/09 20:07:45 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2015/12/09 20:07:45 | 001,442,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2015/12/09 20:07:40 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/12/09 20:07:39 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2015/12/09 20:07:38 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/12/09 20:07:34 | 005,455,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/09 20:07:32 | 002,987,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2015/12/09 20:07:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ninput.dll
[2015/12/09 20:07:30 | 004,047,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/12/09 20:07:30 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2015/12/09 20:07:27 | 002,153,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2015/12/09 20:07:26 | 001,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2015/12/09 20:07:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2015/12/09 20:07:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/12/09 20:07:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/12/09 20:07:23 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/12/09 20:07:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3mm.dll
[2015/12/09 20:07:23 | 000,133,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/12/09 20:07:22 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/12/09 20:07:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/12/09 20:07:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMM.dll
[2015/12/09 20:07:20 | 000,414,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/12/09 20:07:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2015/12/09 20:07:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll
[2015/12/09 20:07:19 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdownux.dll
[2015/12/09 20:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeoqw.dll
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZST.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZEL.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZE.DLL
[2015/12/09 20:07:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profext.dll
[2015/12/09 20:07:12 | 003,580,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/12/15 21:39:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/12/15 19:32:28 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/15 19:29:18 | 000,732,880 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2015/12/15 19:29:18 | 000,515,934 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2015/12/15 19:29:18 | 000,139,084 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2015/12/15 19:29:18 | 000,139,012 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015/12/15 19:26:48 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/12/15 19:25:43 | 000,016,148 | ---- | M] () -- C:\WINDOWS\System32\ASUS-T100T_さん_HistoryPrediction.bin
[2015/12/15 19:25:43 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2015/12/15 19:24:45 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/12/15 19:24:42 | 810,827,776 | -HS- | M] () -- C:\hiberfil.sys
[2015/12/14 23:24:06 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2015/12/14 22:50:53 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/12/14 22:30:03 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/12/14 22:04:18 | 000,180,269 | ---- | M] () -- C:\Users\さん\Desktop\bookmarks-2015-12-14.json
[2015/12/12 22:57:05 | 000,399,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2015/12/11 21:52:19 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:39 | 000,028,904 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/01 14:02:29 | 003,580,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2015/12/01 13:59:46 | 005,455,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/01 09:32:22 | 000,826,872 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015/12/01 09:32:22 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/11/25 14:11:12 | 000,133,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/11/25 13:28:47 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/11/25 13:28:41 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/11/25 13:28:36 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/11/25 13:28:32 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/11/25 13:28:31 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/11/25 13:18:28 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/11/25 13:17:23 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/11/25 13:17:13 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2015/11/25 13:16:55 | 001,442,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2015/11/25 13:16:25 | 000,786,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2015/11/25 13:13:23 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2015/11/25 13:13:03 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3mm.dll
[2015/11/25 13:12:52 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2015/11/25 13:12:50 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMM.dll
[2015/11/25 13:11:39 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ninput.dll
[2015/11/25 13:10:48 | 018,801,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2015/11/25 13:08:14 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdownux.dll
[2015/11/25 13:07:42 | 001,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2015/11/25 13:07:05 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\profext.dll
[2015/11/25 13:04:46 | 002,987,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2015/11/25 13:04:42 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2015/11/25 13:04:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZEL.DLL
[2015/11/25 13:04:33 | 001,467,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2015/11/25 13:04:27 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeoqw.dll
[2015/11/25 13:04:24 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZE.DLL
[2015/11/25 13:04:21 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZST.DLL
[2015/11/25 13:04:18 | 001,134,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2015/11/25 13:01:47 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2015/11/25 13:01:44 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/12/15 19:25:43 | 000,016,148 | ---- | C] () -- C:\WINDOWS\System32\ASUS-T100T_さん_HistoryPrediction.bin
[2015/12/14 22:48:20 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/12/14 22:30:03 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/12/14 22:04:17 | 000,180,269 | ---- | C] () -- C:\Users\さん\Desktop\bookmarks-2015-12-14.json
[2015/12/11 21:52:19 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/12/11 20:57:56 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2015/12/11 20:18:06 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2015/10/01 12:18:21 | 001,766,952 | ---- | C] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[2015/09/15 22:19:59 | 000,053,352 | ---- | C] () -- C:\WINDOWS\System32\ASGCoInstaller_x86.dll
[2015/09/15 22:06:56 | 000,021,780 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2015/09/15 21:35:54 | 000,301,056 | ---- | C] () -- C:\WINDOWS\System32\diagtrack_wininternal.dll
[2015/09/15 21:35:33 | 001,823,232 | ---- | C] () -- C:\WINDOWS\System32\InputService.dll
[2015/09/15 21:35:33 | 000,284,672 | ---- | C] () -- C:\WINDOWS\System32\diagtrack_win.dll
[2015/09/15 21:35:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TextInputFramework.dll
[2015/09/15 21:35:33 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\LicenseManagerApi.dll
[2015/09/06 21:01:49 | 000,000,036 | ---- | C] () -- C:\Users\さん\AppData\Local\housecall.guid.cache
[2015/07/30 22:41:58 | 000,102,896 | ---- | C] () -- C:\WINDOWS\System32\IccLibDll.dll
[2015/07/30 22:41:56 | 000,089,072 | ---- | C] () -- C:\WINDOWS\System32\igfxCUIServicePS.dll
[2015/07/30 22:41:56 | 000,078,320 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDHLibv2_0.dll
[2015/07/30 22:41:56 | 000,068,080 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDHLib.dll
[2015/07/30 22:41:56 | 000,019,440 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDILib.dll
[2015/07/30 22:41:56 | 000,018,928 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxEMLibv2_0.dll
[2015/07/30 22:41:56 | 000,018,928 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxEMLib.dll
[2015/07/30 22:41:56 | 000,018,928 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDILibv2_0.dll
[2015/07/30 22:41:56 | 000,013,808 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxLHMLibv2_0.dll
[2015/07/30 22:41:56 | 000,013,808 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxLHMLib.dll
[2015/07/30 22:41:54 | 000,194,544 | ---- | C] () -- C:\WINDOWS\System32\igdde32.dll
[2015/07/30 22:41:54 | 000,152,560 | ---- | C] () -- C:\WINDOWS\System32\igdail32.dll
[2015/07/11 00:41:10 | 000,000,895 | ---- | C] () -- C:\WINDOWS\System32\Gfxv2_0.exe.config
[2015/07/11 00:41:10 | 000,000,895 | ---- | C] () -- C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config
[2015/07/11 00:41:10 | 000,000,889 | ---- | C] () -- C:\WINDOWS\System32\Gfxv4_0.exe.config
[2015/07/11 00:41:10 | 000,000,889 | ---- | C] () -- C:\WINDOWS\System32\DPTopologyApp.exe.config
[2015/07/11 00:41:08 | 000,000,895 | ---- | C] () -- C:\WINDOWS\System32\CustomModeAppv2_0.exe.config
[2015/07/11 00:41:08 | 000,000,889 | ---- | C] () -- C:\WINDOWS\System32\CustomModeApp.exe.config
[2015/07/10 22:57:57 | 000,515,934 | ---- | C] () -- C:\WINDOWS\System32\perfh011.dat
[2015/07/10 22:57:57 | 000,144,476 | ---- | C] () -- C:\WINDOWS\System32\perfi011.dat
[2015/07/10 22:57:57 | 000,139,084 | ---- | C] () -- C:\WINDOWS\System32\perfc011.dat
[2015/07/10 22:57:57 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd011.dat
[2015/07/10 18:57:46 | 000,016,148 | ---- | C] () -- C:\WINDOWS\System32\DESKTOP-QGL8DMR_Administrator_HistoryPrediction.bin
[2015/07/10 18:53:56 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015/07/10 18:53:35 | 000,399,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2015/07/10 17:29:29 | 000,732,880 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2015/07/10 17:29:29 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2015/07/10 17:29:29 | 000,139,012 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2015/07/10 17:29:29 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2015/07/10 17:28:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2015/07/10 17:28:27 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2015/07/10 17:28:27 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\AutoWorkplace.exe.config
[2015/07/10 17:25:11 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2015/07/10 17:25:11 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2015/07/10 17:25:09 | 000,161,632 | ---- | C] () -- C:\WINDOWS\System32\weretw.dll
[2015/07/10 17:25:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2015/07/10 17:25:03 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2015/07/10 17:25:00 | 000,174,080 | ---- | C] () -- C:\WINDOWS\System32\MTFServer.dll
[2015/07/10 17:25:00 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\MTF.dll
[2015/07/10 17:25:00 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\WppRecorderUM.dll
[2015/07/10 17:24:54 | 000,167,640 | ---- | C] () -- C:\WINDOWS\System32\chs_singlechar_pinyin.dat
[2015/07/10 17:24:52 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\InputLocaleManager.dll
[2015/07/10 17:24:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EditBufferTestHook.dll
[2015/07/10 17:24:52 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\WpKbdLayout.dll
[2015/07/10 17:24:52 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\WordBreakers.dll
[2015/07/10 17:24:50 | 007,561,248 | ---- | C] () -- C:\WINDOWS\System32\DefaultHrtfs.bin
[2015/07/10 17:24:50 | 000,328,048 | ---- | C] () -- C:\WINDOWS\System32\LargeRoom.bin
[2015/07/10 17:24:50 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\HrtfApo.dll
[2015/07/10 17:24:50 | 000,246,048 | ---- | C] () -- C:\WINDOWS\System32\MediumRoom.bin
[2015/07/10 17:24:50 | 000,164,048 | ---- | C] () -- C:\WINDOWS\System32\SmallRoom.bin
[2015/07/10 17:24:50 | 000,131,248 | ---- | C] () -- C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[2015/07/10 17:24:45 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
[2015/07/10 17:24:45 | 000,325,632 | ---- | C] () -- C:\WINDOWS\System32\EditionUpgradeHelper.dll
[2015/07/10 17:24:45 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\efsext.dll
[2015/07/10 17:24:42 | 000,002,269 | ---- | C] () -- C:\WINDOWS\System32\WimBootCompress.ini
[2015/07/10 17:24:39 | 000,055,803 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2015/07/10 17:24:36 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2015/07/10 17:24:33 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2015/07/10 17:24:33 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/07/10 17:24:28 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\Udecx.sys
[2015/06/25 19:15:40 | 000,410,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\43241b4rtecdc.bin
[2015/05/16 16:21:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/12/30 21:27:46 | 000,526,500 | ---- | C] () -- C:\WINDOWS\System32\drivers\realtek_fw_sst.bin
[2013/12/18 13:19:27 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013/12/18 13:19:27 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2013/12/18 13:19:27 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS

[color=#E56717]========== ZeroAccess Check ==========[/color]

  • ピーチ
  • 2015/12/15 (Tue) 23:02:24
返信フォームへ 
OTLログ3
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2015/09/17 15:28:40 | 005,120,056 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/07/10 17:24:35 | 000,754,688 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2015/07/10 17:24:35 | 000,408,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]
[2014/03/03 10:12:43 | 000,000,000 | -H-D | M] -- C:\Intel
[2015/05/01 23:41:36 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2015/10/07 20:29:05 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp
[2015/12/14 22:48:18 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/10/07 20:29:05 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp\S-1-5-21-3451279271-2515706449-3442622051-1001
[2015/05/10 10:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/12/15 19:35:43 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2015/09/15 22:24:42 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/07/10 23:00:11 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2015/09/15 22:09:28 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2015/09/15 21:53:04 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2015/09/15 22:03:07 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2015/09/15 22:24:42 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/07/10 23:00:11 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2015/07/10 17:28:23 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2015/12/12 21:33:40 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2015/12/15 22:09:43 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2015/09/15 22:04:19 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu\Common
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu\Common\I18N
[2015/09/15 21:53:20 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData
[2014/03/27 19:56:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\Intel
[2015/05/06 09:45:52 | 000,000,000 | RH-D | M] -- C:\Users\さん\SkyDrive
[2014/11/15 12:33:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\www.apowersoft.com
[2015/04/22 20:48:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\新しいフォルダー
[2015/12/13 21:32:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Adobe
[2015/05/04 20:27:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Diagnostics
[2015/04/26 21:28:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\ESET
[2015/05/16 16:23:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Macromedia
[2015/05/09 22:19:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft Help
[2015/12/14 22:30:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Mozilla
[2015/04/26 19:52:07 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\PackageStaging
[2015/12/13 21:32:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\VirtualStore
[2015/10/01 19:18:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Diagnostics\460911090
[2015/05/04 20:27:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Diagnostics\460911090\2015050411.000
[2015/12/11 20:12:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\ESET\ESET Smart Security
[2015/09/15 22:50:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall
[2015/04/30 19:45:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\001
[2015/04/30 19:49:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\002
[2015/04/30 20:15:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\003
[2015/05/01 12:49:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\004
[2015/05/01 13:00:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\005
[2015/05/01 13:11:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\006
[2015/05/01 13:11:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\007
[2015/05/01 13:19:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\HP\AtInstall\008
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Macromedia\Flash Player
[2015/06/14 23:37:58 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\CLR_v4.0_32
[2015/09/08 20:51:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Event Viewer
[2014/03/17 18:06:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Feeds
[2015/04/27 19:16:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\FORMS
[2015/04/26 19:47:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME
[2015/09/15 22:12:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer
[2015/04/27 19:37:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office
[2015/09/15 22:10:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\PlayReady
[2015/08/03 21:02:20 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Sqm
[2015/05/04 18:53:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\TaskSchedulerConfig
[2014/03/17 18:01:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Vault
[2015/04/26 19:48:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows Services
[2015/12/11 20:38:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs
[2014/03/17 18:06:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME\15.0
[2014/03/17 22:20:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME\15.0\IMEJP
[2014/03/17 18:06:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME\15.0\IMEJP\Cache
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME\15.0\IMEJP\Dicts
[2015/12/15 19:43:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\IME\15.0\IMEJP\Watson
[2013/08/22 23:52:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\InputPersonalization\TrainedDataStore
[2015/05/04 20:14:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions
[2015/04/26 19:48:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\IECompatData
[2015/04/26 19:52:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\imagestore
[2015/05/04 17:36:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery
[2015/05/04 20:16:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\TabRoamingLocal
[2015/05/04 20:13:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles
[2015/04/26 19:48:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
[2015/04/26 19:54:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\imagestore\dxxb4qz
[2015/05/04 20:16:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\Active
[2015/05/04 17:36:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\High
[2015/04/26 19:54:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\Immersive
[2015/05/04 20:16:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\Last Active
[2015/05/04 17:37:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
[2015/05/04 17:36:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active
[2015/04/26 19:54:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Recovery\Immersive\Active
[2015/05/04 20:16:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\TabRoaming\{4C9B5208-2848-48BE-B510-3D2528DBCF4F}
[2015/04/28 19:24:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\TabRoaming\{6AAAFC6D-6A32-4F34-8D9D-3D0A1AEDF41D}
[2015/04/26 19:55:00 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\TabRoaming\{4C9B5208-2848-48BE-B510-3D2528DBCF4F}\5576
[2015/04/28 19:24:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\TabRoaming\{6AAAFC6D-6A32-4F34-8D9D-3D0A1AEDF41D}\3236
[2015/04/26 19:53:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-1265603740
[2015/04/26 19:53:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-19307508010
[2015/04/26 19:53:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940
[2015/04/26 19:53:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin1556395990
[2015/05/04 20:13:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin17488104980
[2015/04/26 19:53:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin17941283120
[2015/04/26 19:53:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin18433757420
[2015/04/26 19:53:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20973543430
[2015/04/26 19:53:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Internet Explorer\Tiles\pin3383567120
[2015/04/27 19:15:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office\12.0
[2015/04/27 19:16:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office\Groove
[2015/11/14 20:40:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office\ONetConfig
[2015/04/27 19:16:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office\Groove\System
[2015/04/27 19:16:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Office\Groove\User
[2015/12/15 19:42:15 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Sqm\WindowsLL
[2015/02/07 11:31:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
[2014/03/17 18:01:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Vault\UserProfileRoaming
[2015/05/08 20:35:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows Mail\Backup
[2015/04/27 19:16:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows Mail\Backup\old
[2015/09/15 20:49:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows Services\Bici
[2014/05/26 00:38:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\FileHistory
[2014/03/17 18:00:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\RoamingTiles
[2015/11/18 20:18:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\Themes
[2014/05/26 00:38:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\FileHistory\Configuration
[2014/06/24 20:25:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\FileHistory\Data
[2015/04/26 21:09:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2015/04/26 21:09:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\IECompatUACache\Low
[2015/10/24 21:41:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\INetCache\Content.MSO
[2015/12/15 21:31:38 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\INetCache\Content.Word
[2015/09/15 22:10:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/09/15 22:10:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2015/09/15 22:10:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2015/12/14 22:44:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Mozilla\updates
[2015/05/04 20:07:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\AC
[2014/04/05 21:13:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\LocalCache
[2014/04/05 21:13:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\RoamingState
[2014/04/05 21:13:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\TempState
[2015/05/04 20:07:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\AC\Temp
[2014/04/05 21:14:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\58857catproject.nyalu_faa2jz96sn068\LocalState\importtemp
[2015/09/15 23:00:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\AC
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\LocalCache
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\RoamingState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\TempState
[2015/04/26 19:51:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\AC\Temp
[2015/04/29 22:05:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\AC
[2014/10/14 16:05:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\LocalCache
[2014/10/14 16:05:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\RoamingState
[2014/10/14 16:05:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\TempState
[2015/04/29 22:05:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\AC\Temp
[2015/04/26 19:51:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\AC
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\LocalCache
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\LocalState
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\RoamingState
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\TempState
[2015/04/26 19:51:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\AC\Temp
[2015/04/26 19:48:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\AC
[2014/03/17 18:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\LocalState
[2014/03/17 18:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\TempState
[2015/04/26 19:48:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\CheckPoint.VPN_cw5n1h2txyewy\AC\Temp
[2015/04/26 19:51:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\AC
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\LocalCache
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\LocalState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\RoamingState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\TempState
[2015/04/26 19:51:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\DB1FC4AA.NAVITIMEforASUS_wn84thqt4dj3g\AC\Temp
[2015/04/26 19:48:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\AC
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\LocalState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\TempState
[2015/04/26 19:48:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\f5.vpn.client_cw5n1h2txyewy\AC\Temp
[2015/04/26 19:51:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\AC
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\LocalCache
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\RoamingState
[2015/03/08 12:00:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\TempState
[2015/04/26 19:51:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\AC\Temp
[2015/04/26 19:51:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\AC
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\LocalCache
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\LocalState
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\RoamingState
[2014/03/17 18:01:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\TempState
[2015/04/26 19:51:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\F5080380.ASUSPowerDirector_tfv7c950n6xcr\AC\Temp
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\FileManager_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\FileManager_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\FileManager_cw5n1h2txyewy\TempState
[2015/04/26 19:48:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\AC
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\LocalState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\TempState
[2015/04/26 19:48:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy\AC\Temp
[2015/04/29 22:06:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC
[2014/03/17 18:01:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\RoamingState
[2014/06/20 22:32:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Temp
[2014/03/19 21:36:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\LocalState\LiveTileImages
[2015/04/29 22:06:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC
[2014/03/17 18:01:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Temp
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:07 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:07 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Temp
[2014/03/17 18:01:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\RoamingState
[2015/05/11 19:59:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\TempState
[2015/12/13 21:43:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Temp
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Internal.Media.PlayReadyClient_8wekyb3d8bbwe\LocalCache
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Internal.Media.PlayReadyClient_8wekyb3d8bbwe\LocalState
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Internal.Media.PlayReadyClient_8wekyb3d8bbwe\RoamingState
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Internal.Media.PlayReadyClient_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\AC
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\LocalState
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Media.PlayReadyClient.2_8wekyb3d8bbwe\AC\Temp
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.MoCamera_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.MoCamera_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.MoCamera_cw5n1h2txyewy\TempState
[2015/04/29 22:06:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:20 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:20 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\AC
[2014/04/10 22:08:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\LocalCache
[2014/04/10 22:08:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\LocalState
[2014/04/10 22:08:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\RoamingState
[2014/04/10 22:08:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.RemoteDesktop_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:05:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC
[2014/03/17 18:01:28 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalCache
[2014/03/17 18:01:28 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\RoamingState
[2015/03/08 12:00:28 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\TempState
[2015/04/29 22:05:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\AC\Temp
[2015/04/26 19:51:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\TempState
[2015/04/26 19:51:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\Temp
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00.Preview.Internal_8wekyb3d8bbwe\LocalCache
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00.Preview.Internal_8wekyb3d8bbwe\LocalState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00.Preview.Internal_8wekyb3d8bbwe\RoamingState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00.Preview.Internal_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\AC
[2014/03/17 18:01:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.VCLibs.120.00_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:05:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\AC
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\LocalCache
[2015/11/18 20:11:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\TempState
[2015/04/29 22:05:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\AC
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\AC\Temp
[2014/03/17 18:01:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\RoamingState
[2015/03/08 19:18:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState
[2015/09/02 21:44:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\BackgroundTransferApi
[2015/12/13 21:43:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Temp
[2015/08/20 22:03:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\bici
[2014/03/17 18:07:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\UserTiles
[2015/07/05 22:33:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\7024e4639e5d3f9a\120712-0049\Temp
[2015/04/29 19:26:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\config
[2015/04/29 22:06:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\AC
[2014/03/17 18:01:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsReadingList_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:22 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\AC
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:22 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsScan_8wekyb3d8bbwe\AC\Temp
[2015/04/29 22:06:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\AC
[2014/03/17 18:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\AC\Temp
[2015/04/26 19:51:38 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:43 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\TempState
[2015/04/26 19:51:38 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\Temp
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview.Internal_8wekyb3d8bbwe\LocalCache
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview.Internal_8wekyb3d8bbwe\LocalState
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview.Internal_8wekyb3d8bbwe\RoamingState
[2014/03/17 19:31:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview.Internal_8wekyb3d8bbwe\TempState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe\LocalCache
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe\LocalState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe\RoamingState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0.Preview_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\AC
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\LocalState
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\TempState
[2015/04/26 19:50:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.2.0_8wekyb3d8bbwe\AC\Temp
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe\LocalCache
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe\LocalState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe\RoamingState
[2014/03/17 19:31:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.WinJS.Preview.1_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC
[2014/03/17 18:01:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\TempState
[2015/04/29 22:06:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\Temp
[2015/09/19 22:40:59 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC
[2014/03/17 18:01:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalCache
[2014/03/17 18:01:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\RoamingState
[2014/03/17 18:01:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\TempState
[2015/05/04 20:07:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\Temp
[2015/09/19 22:41:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\ImageStore
[2015/04/26 19:48:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\AC
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\LocalState
[2014/03/17 18:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\TempState
[2015/04/26 19:48:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\SonicWALL.MobileConnect_cw5n1h2txyewy\AC\Temp
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\TempState
[2015/04/26 19:48:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\windows_ie_ac_001\AC\Temp
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalCache
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\RoamingState
[2014/03/17 18:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\TempState
[2015/04/26 20:03:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\AC\Microsoft\Windows
[2014/03/17 18:38:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\3
[2014/03/17 18:38:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\5
[2014/03/17 18:38:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\6
[2015/12/13 21:32:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Local\VirtualStore\ProgramData
[2014/03/17 21:18:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Siber Systems
[2015/04/22 19:53:00 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Yahoo!J
  • ピーチ
  • 2015/12/15 (Tue) 23:04:16
返信フォームへ 
OTLログ4
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IME
[2015/04/22 20:53:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IME12
[2015/04/22 20:53:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IMJP12
[2015/04/22 20:53:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IMJP8_1
[2015/04/22 20:53:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IMJP9_0
[2014/03/17 18:06:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Windows
[2014/03/17 20:38:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Windows Live
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IME\15.0
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IME\15.0\SQM
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\IME\15.0\SQM\Upload
[2015/04/26 21:10:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Internet Explorer\imagestore
[2015/04/26 21:10:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Internet Explorer\imagestore\dxxb4qz
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1
[2015/10/19 20:45:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\g
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\l
[2015/10/19 20:45:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s
[2014/05/31 21:07:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\g\ehxbxqwe3au4pleixu5ghhc44wur0ntzxduhduqvucpw4cztgwaaacga
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\g\x5bwo5jq435ilat3kodgv5sqj44lzmgqbd3qvgkrslad2kwqddaaabaa
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\pnxm1ihy1ikcrfuax4lsawptuquffvalgpdyzk4zgonqbsnx0caaaeea
[2014/11/14 23:19:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\x5bwo5jq435ilat3kodgv5sqj44lzmgqbd3qvgkrslad2kwqddaaabaa
[2014/05/31 21:07:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\xixpivl1pkkw2yyk25rqjd3xjssnyxnq0arsgnx2ekapeaotb5aaabda
[2014/04/14 20:52:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\pnxm1ihy1ikcrfuax4lsawptuquffvalgpdyzk4zgonqbsnx0caaaeea\f
[2014/11/14 23:19:40 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\x5bwo5jq435ilat3kodgv5sqj44lzmgqbd3qvgkrslad2kwqddaaabaa\f
[2014/05/31 21:07:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Silverlight\is\1hztp4kl.xf3\vy3qx3rp.psp\1\s\xixpivl1pkkw2yyk25rqjd3xjssnyxnq0arsgnx2ekapeaotb5aaabda\f
[2014/03/17 20:38:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Windows Live\Setup
[2014/04/23 19:24:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp
[2015/04/26 20:42:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Siber Systems\RoboForm
[2015/01/01 14:52:30 | 000,007,284 | -H-- | M] () -- C:\Users\さん\AppData\LocalLow\Siber Systems\RoboForm\UserData\DMM.com.rfp
[2015/05/04 17:39:23 | 000,002,682 | -H-- | M] () -- C:\Users\さん\AppData\LocalLow\Siber Systems\RoboForm\UserData\OUTLOOK.EXE.rfp
[2015/12/15 19:47:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Siber Systems\RoboForm\UserData\_gsdata_
[2015/01/29 20:16:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\AU
[2014/11/15 12:31:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\jre1.8.0_25
[2015/01/29 20:16:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\jre1.8.0_31
[2014/11/15 12:32:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache
[2014/11/15 12:32:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\ext
[2014/11/15 12:32:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\log
[2014/11/15 12:33:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\security
[2014/11/15 12:32:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
[2015/01/29 20:15:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\security
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14
[2014/11/15 12:32:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30
[2014/11/15 12:32:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55
[2014/11/15 12:33:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host
[2014/11/15 12:31:33 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin
[2014/11/15 12:32:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp
[2015/04/14 21:39:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\LocalLow\Yahoo!J\ToolbarData
[2015/12/13 21:32:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe
[2015/04/26 21:28:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\ESET
[2015/05/30 20:57:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\HpUpdate
[2015/09/15 22:17:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Identities
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia
[2015/04/26 21:45:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\RoboForm
[2015/04/26 19:53:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\WebStorage
[2015/05/01 14:52:00 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\WinRAR
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player\AFCache
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player\APSPrivateData2
[2015/04/26 20:48:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player\AssetCache
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player\Icon Cache
[2015/09/10 18:18:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Adobe\Flash Player\AssetCache\YBBSSGC8
[2015/10/16 20:40:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\ESET\ESET Smart Security
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir
[2015/07/14 21:40:38 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp
[2015/04/26 21:01:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\boost
[2015/04/26 21:00:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\default
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\bin\cmigemo\dict
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\bin\cmigemo\dict\1041
[2015/04/26 21:01:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\boost\acf9c9c725e2eeb2ab2740997f826f44
[2015/05/04 16:37:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\caches\option
[2015/04/26 21:08:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\caches\rss
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\extension
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu
[2015/04/26 21:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\cabinet\css
[2015/04/26 21:00:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\cabinet\img
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\Panel
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\popup
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\SiteUpdates
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\toolbar
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\toolbar\ActionBar
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\toolbar\TabBar
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\menu\toolbar\TabGroupBar
[2015/04/26 21:00:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\xml
[2015/04/26 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\css
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\icons
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img
[2015/04/26 21:00:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\Plugin
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img\common
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img\plugin
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img\result
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img\search_icon
[2015/04/26 21:00:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\option\images\img\setting
[2015/04/26 21:00:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\siteupdates\css
[2015/04/26 21:00:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\siteupdates\resources
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\popup
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\StatusBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\TitleMenu
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar
[2015/04/26 21:00:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\dock\InformationBar
[2015/04/26 21:00:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\Gesture
[2015/04/26 21:00:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\HeadlineReader
[2015/04/26 21:00:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\Importer
[2015/04/26 21:00:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\LabelBookmark
[2015/04/26 21:00:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\PassConnect
[2015/04/26 21:00:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\RecoveryManager
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\SmartSearch
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\module\Suggest
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\Panel\Bookmark
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\popup\SecurePopup
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\ActionBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\BookmarkBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\CabinetBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\ExtensionBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\MainBar
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\PageSearch
[2015/04/26 21:00:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\PortalField
[2015/04/26 21:00:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\chrome\skins\default\widget\toolbar\ThumbnailTab
[2015/04/26 21:00:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\default\extensions
[2015/04/26 21:01:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\dock
[2015/04/26 21:01:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\documents
[2015/04/26 21:01:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\panel
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\v3
[2015/04/26 21:05:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\Dictionaries
[2015/04/26 21:01:00 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\locales
[2015/04/26 21:01:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\ChromiumEngine\pnacl
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\v3\HeadlineReader
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\v3\RoboForm
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\plugins\v3\SuperDragExtension
[2015/04/26 21:01:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\resources\sounds
[2015/04/26 21:01:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirFS\documents
[2015/04/26 21:01:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirFS\documents\en-us
[2015/04/26 21:01:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirFS\documents\ja
[2015/04/26 21:01:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirFS\documents\zh-cn
[2015/04/26 21:01:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirUpdate\img
[2015/04/26 21:01:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\~temp\tools\FenrirUpdate\img\icon
[2015/04/26 21:01:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\extensions
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\override
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\smartinstaller
[2015/07/14 21:40:38 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\client\backup
[2015/07/14 21:40:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\client\siteupdates_image
[2015/05/31 08:27:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\client\thumbnail
[2015/07/14 21:40:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\client\url_image
[2015/04/26 21:08:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\headlinereader
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\IEBrowser
[2015/04/26 21:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\superdrag
[2015/04/26 21:01:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Caps
[2015/04/26 21:25:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\EVWhitelist
[2015/04/26 21:08:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\pnacl
[2015/05/31 08:26:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Cache
[2015/04/26 21:07:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\databases
[2015/04/26 21:01:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\GPUCache
[2015/04/26 21:07:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\IndexedDB
[2015/05/10 10:54:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Extension Settings
[2015/05/31 08:27:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Storage
[2015/05/16 16:52:07 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Media Cache
[2015/04/26 21:07:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\IndexedDB\https_twitter.com_0.indexeddb.leveldb
[2015/04/26 21:07:46 | 002,423,808 | -H-- | M] () -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Storage\https_twitter.com_0.localstorage
[2015/04/26 21:07:46 | 000,004,640 | -H-- | M] () -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Storage\https_twitter.com_0.localstorage-journal
[2015/05/04 16:48:14 | 000,003,072 | -H-- | M] () -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Storage\https_www.youtube.com_0.localstorage
[2015/05/04 16:48:14 | 000,003,608 | -H-- | M] () -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Local Storage\https_www.youtube.com_0.localstorage-journal
[2015/04/26 21:25:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\EVWhitelist\6
[2015/04/26 21:25:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\EVWhitelist\6\_metadata
[2015/04/26 21:25:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\EVWhitelist\6\_platform_specific
[2015/04/26 21:25:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\EVWhitelist\6\_platform_specific\all
[2015/04/26 21:08:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\pnacl\0.1.0.14206
[2015/04/26 21:08:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\pnacl\0.1.0.14206\_metadata
[2015/04/26 21:08:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\pnacl\0.1.0.14206\_platform_specific
[2015/04/26 21:08:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\pnacl\0.1.0.14206\_platform_specific\x86_32
[2015/04/26 21:01:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\headlinereader\temp
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\smartinstaller\SmartInstaller Installation Information
[2015/04/26 21:00:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\smartinstaller\SmartInstaller Run Once
[2015/05/04 17:37:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Identities\{8D288458-5430-4311-85D9-B0DC43C29358}
[2015/04/27 19:16:14 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Identities\{F24440DD-A5F4-4652-A7BF-1D671191246A}
[2015/07/02 21:47:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com
[2015/11/30 21:09:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY
[2015/04/28 19:57:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\cdn1b.static.pornhub.phncdn.com
[2015/11/05 21:24:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\ero-video.net
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp
[2015/05/01 21:12:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\images-na.ssl-images-amazon.com
[2015/12/07 23:20:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\s.ytimg.com
[2015/04/28 19:57:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\static.xvideos.com
[2015/05/25 20:54:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\us-st.xhamster.com
[2015/04/28 19:56:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\www.tubecup.com
[2015/04/28 19:57:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\cdn1b.static.pornhub.phncdn.com\www-static
[2015/06/18 20:20:47 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\cdn1b.static.pornhub.phncdn.com\www-static\flash
[2015/05/29 21:47:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\cdn1b.static.pornhub.phncdn.com\www-static\flash\player2013.swf
[2015/05/01 21:17:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images
[2015/05/18 19:51:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\gyao
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\yvpub
[2015/05/01 21:17:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\gyao\newsfla
[2015/05/01 21:17:30 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\gyao\newsfla\v1
[2015/12/02 20:54:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\gyao\newsfla\v1\GyaoPlayerNews.swf
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\yvpub\player
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\yvpub\player\fla
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\yvpub\player\fla\v1
[2015/12/13 21:56:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\i.yimg.jp\images\yvpub\player\fla\v1\YVPubPlayer.swf
[2015/07/11 20:31:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\static.xvideos.com\swf
[2015/12/08 23:12:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\static.xvideos.com\swf\flv_player_site_v4.swf
[2015/04/28 19:56:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\us-st.xhamster.com\xembed10.swf
[2015/09/06 00:07:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XK389TKY\www.tubecup.com\#kernelteam
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support
[2015/04/28 19:47:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer
[2015/12/12 21:36:25 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys
[2015/04/28 19:57:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn1b.static.pornhub.phncdn.com
[2015/04/28 19:56:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ero-video.net
[2015/04/29 15:59:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#i.yimg.jp
[2015/05/01 21:12:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#images-na.ssl-images-amazon.com
[2015/04/29 19:40:23 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com
[2015/04/28 19:57:13 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.xvideos.com
[2015/04/28 19:56:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#us-st.xhamster.com
[2015/04/28 19:56:55 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.tubecup.com
[2015/04/27 19:18:58 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\AddIns
[2015/05/01 22:14:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Document Building Blocks
[2015/08/09 22:02:00 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Excel
[2015/04/26 21:37:56 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\HTML Help
[2015/04/26 19:47:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\IME
[2015/04/26 19:50:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\InputMethod
[2015/09/08 20:51:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\MMC
[2015/07/24 23:48:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Office
[2015/09/13 20:22:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Outlook
[2015/04/27 19:19:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Proof
[2015/05/04 17:40:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Signatures
[2015/05/13 20:51:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Speech
[2015/12/13 21:39:19 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Spelling
[2015/05/04 17:40:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Stationery
[2015/05/10 11:40:15 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\UProof
[2014/03/17 18:01:35 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Vault
[2015/07/24 23:48:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Word
[2015/05/01 22:15:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Document Building Blocks\1041
[2015/05/04 22:03:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Excel\XLSTART
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\IME\15.0
[2014/03/17 18:05:32 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\IME\15.0\IMEJP
[2014/03/17 18:06:53 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\IME\15.0\IMEJP\UserDict
[2015/04/26 19:50:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\InputMethod\Chs
[2015/04/26 19:47:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\InputMethod\Shared
[2015/04/26 19:48:31 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Internet Explorer\UserData
[2015/09/15 22:03:36 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/04/26 19:48:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts
[2015/05/01 22:14:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Microsoft\Word\STARTUP
[2015/05/04 18:18:49 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\Mozilla\Extensions
[2015/07/15 21:41:47 | 000,000,000 | RH-D | M] -- C:\Users\さん\AppData\Roaming\Orbit\AdConfig
[2015/04/26 20:43:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\RoboForm\_mirrors_
[2015/12/15 19:47:39 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\RoboForm\_mirrors_\C-Users-さん-Documents-My RoboForm Data-Default Profile
[2015/12/15 19:47:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\RoboForm\_mirrors_\https-online.roboform.com-users-cordxyz
[2015/04/30 19:45:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\AppData\Roaming\WebStorage\Logs
[2014/10/14 16:54:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\AGENDA
[2014/03/18 15:11:22 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\CyberLink
[2015/03/05 23:13:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\Freemake
[2014/03/17 21:18:27 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My RoboForm Data
[2014/06/22 19:22:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\OneNote ノートブック
[2015/04/12 19:44:41 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\YviewerTEMP
[2014/10/25 16:10:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版
[2014/10/14 16:54:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\AGENDA\システム辞書
[2014/10/14 16:54:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\AGENDA\ユーザー辞書
[2014/03/18 15:11:22 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\CyberLink\PowerDVD
[2015/03/06 08:31:54 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\Freemake\FreemakeVideoDownloader
[2015/03/06 00:07:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\Freemake\FreemakeVideoDownloader\History
[2015/04/09 19:21:15 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\Freemake\FreemakeVideoDownloader\Persistent
[2015/04/06 20:47:45 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\Freemake\FreemakeVideoDownloader\History\Thumbnails
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\Players
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\save
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\Players\00
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\Players\00\save
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\Players\00\save\Bin
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\save\Conf
[2014/03/23 21:09:09 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\work\benchmark
[2014/03/23 14:12:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\work\Bin
[2014/03/23 14:12:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Games\DRAGON QUEST X BENCHMARK\work\my_Log
[2015/04/11 22:35:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\最近悩んだ牌譜
[2015/04/11 20:30:10 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\牌譜
[2015/03/29 14:40:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\Maru-Jan\temp
[2014/04/19 14:41:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\牌譜\2014年04月19日
[2015/01/01 22:26:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\牌譜\2015年01月01日
[2015/04/11 22:55:01 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My Mahjong\牌譜\2015年04月11日
[2015/10/24 19:47:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My RoboForm Data\Default Profile
[2015/01/01 14:52:30 | 000,007,284 | -H-- | M] () -- C:\Users\さん\Documents\My RoboForm Data\Default Profile\DMM.com.rfp
[2015/05/04 17:39:23 | 000,002,682 | -H-- | M] () -- C:\Users\さん\Documents\My RoboForm Data\Default Profile\OUTLOOK.EXE.rfp
[2015/12/15 19:47:44 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\My RoboForm Data\Default Profile\_gsdata_
[2014/06/22 19:22:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\OneNote ノートブック\OneNote 2007 ガイド
[2014/06/22 19:22:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\OneNote ノートブック\仕事ノートブック
[2014/06/22 19:22:17 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\OneNote ノートブック\個人用ノートブック
[2014/10/14 16:54:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\カスタムレイアウト
[2014/10/14 16:54:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\ダウンロード済
[2014/10/25 16:10:50 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\住所録印刷設定
[2014/10/21 22:24:26 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\住所録項目割当
[2014/10/14 16:54:29 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\個人用
[2014/10/14 16:54:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\標準レイアウト設定
[2014/10/14 16:54:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\Documents\宛名職人PB版\ダウンロード済\裏面デザイン
[2015/05/04 20:48:11 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\amzip-0.5.1
[2015/05/04 20:49:51 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\axrar-1.0.1
[2015/05/04 20:47:07 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\ifjpgx21
[2015/05/04 20:50:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\spi32008(1)
[2015/05/04 20:50:12 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\axrar-1.0.1\axrar-1.0.1
[2015/02/22 10:48:04 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\Dragon Ball Z - Super Saiya Densetsu\5783 - Nora to Toki no Koubou - Kiri no Mori no Majo (J)
[2015/02/22 21:59:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\snesgt0218\docs
[2005/04/13 01:05:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\snesgt0218\plugin
[2015/11/16 21:50:24 | 000,000,000 | -H-D | M] -- C:\Users\さん\Downloads\snesgt0218\save
[2015/09/15 22:07:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Favorites\ASUS E-Service
[2014/03/27 19:56:52 | 000,000,000 | -H-D | M] -- C:\Users\さん\Intel\Logs
[2014/07/26 23:46:21 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\frozen
[2015/01/02 15:44:57 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes
[2014/03/18 16:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork
[2014/10/05 23:28:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\iTunes Media
[2014/03/18 16:02:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache
[2014/03/18 16:01:48 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cloud Purchases
[2014/03/18 16:02:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download
[2014/10/05 23:24:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\02
[2014/03/18 16:02:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\04
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\05
[2014/03/18 16:24:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\11
[2014/03/18 16:19:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\12
[2014/10/05 23:24:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\14
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\02\11
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\02\11\06
[2014/03/18 16:02:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\04\12
[2014/03/18 16:02:03 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\04\12\00
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\05\13
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\05\13\05
[2014/03/18 16:24:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\11\05
[2014/03/18 16:24:05 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\11\05\12
[2014/03/18 16:19:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\12\14
[2014/03/18 16:19:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\12\14\03
[2014/10/05 23:24:16 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\14\14
[2014/10/05 23:28:42 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Cache\B29BA3BDBE05D473\14\14\03
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\02
[2014/03/18 16:02:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\04
[2014/03/18 16:24:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\05
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\10
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\02\11
[2014/03/18 16:02:08 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\02\11\06
[2014/03/18 16:02:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\04\12
[2014/03/18 16:02:02 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\04\12\00
[2014/03/18 16:24:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\05\13
[2014/03/18 16:24:06 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\05\13\05
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\10\10
[2014/03/18 16:24:18 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\Album Artwork\Download\B29BA3BDBE05D473\10\10\03
[2014/03/18 11:36:34 | 000,000,000 | -H-D | M] -- C:\Users\さん\Music\iTunes\iTunes Media\iTunes に自動的に追加
[2015/05/06 09:45:58 | 000,000,000 | -H-D | M] -- C:\Users\さん\OneDrive\ドキュメント
[2015/05/24 18:51:46 | 000,000,000 | -H-D | M] -- C:\Users\さん\OneDrive\画像
[2015/07/10 17:28:26 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2015/09/15 21:55:05 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2015/09/15 21:55:05 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/12/15 22:39:04 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/12/14 23:24:06 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: Hynix HCG8e
Partitions: 4
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: HGST HTS 545050A7E680 USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 900.00MB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 49.00GB
Starting Offset: 1183842304
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 53954478080
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 466.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV - [2015/07/10 17:24:45 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2015/07/10 17:24:34 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2015/07/10 17:24:35 | 000,802,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2015/07/10 17:24:54 | 000,558,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/07/10 17:24:46 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2015/07/10 17:24:42 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2015/07/10 17:25:12 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/07/10 17:24:45 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2015/07/10 17:24:42 | 000,725,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2015/07/10 17:24:55 | 000,292,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2015/07/10 17:24:55 | 000,217,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2015/07/10 17:24:34 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2015/07/10 17:24:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2015/07/10 17:24:31 | 000,392,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2015/07/10 17:24:34 | 000,316,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2015/07/10 17:24:38 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV - [2015/07/10 17:24:31 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2015/07/10 17:24:32 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2015/07/10 17:25:47 | 000,305,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2015/07/10 17:24:56 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2015/07/10 17:24:41 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2015/07/10 17:25:02 | 000,530,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV - [2015/07/10 17:24:32 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2015/07/10 17:24:33 | 000,587,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2015/07/10 17:24:42 | 000,725,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2015/07/10 17:24:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/07/10 17:24:56 | 000,041,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2015/07/10 17:25:48 | 000,137,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2015/07/10 17:24:46 | 000,218,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2015/07/10 17:25:06 | 000,544,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2015/09/15 21:35:33 | 000,822,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2015/07/10 17:25:02 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2015/07/10 17:25:06 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2015/11/25 13:06:51 | 000,243,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2015/07/10 17:24:42 | 000,991,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/11/05 12:35:38 | 000,821,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/09/15 21:35:59 | 000,239,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2015/07/10 17:25:47 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2015/07/10 17:24:29 | 000,023,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2015/07/10 17:24:36 | 001,356,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (EventLog)
SRV - [2015/09/17 14:36:27 | 000,661,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2015/07/10 17:25:49 | 000,522,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2015/09/15 21:35:33 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (msiserver)
SRV - [2015/07/10 17:24:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (winmgmt)
SRV - [2015/09/17 14:39:54 | 001,829,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2015/07/10 17:24:32 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2015/09/17 14:39:34 | 001,877,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (WlanSvc)
SRV - [2015/07/10 17:24:46 | 000,233,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\さん\OneDrive:ms-properties
@Alternate Data Stream - 200 bytes -> C:\Users\さん\SkyDrive:ms-properties

< End of report >
  • ピーチ
  • 2015/12/15 (Tue) 23:06:34
返信フォームへ 
Extraのログは出ませんでしたか?
作業と報告、ご苦労様です。
OTLスキャンログを見せてもらいました。

ちょっと確認ですが、OTLのExtra.txtは出ませんでしたか?
一応確認して、このログもあればその内容を追加で見せてください。
探しても見つからなければそのことだけ教えてください
  • 悪代官
  • 2015/12/16 (Wed) 21:20:35
返信フォームへ 
Extrasログ
OTL Extras logfile created on: 2015/12/15 22:19:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\さん\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.89 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 54.07% Memory free
2.64 Gb Paging File | 1.56 Gb Available in Paging File | 59.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.15 Gb Total Space | 24.01 Gb Free Space | 48.85% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 406.08 Gb Free Space | 87.19% Space Free | Partition Type: NTFS

Computer Name: ASUS-T100T | User Name: さん | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3451279271-2515706449-3442622051-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06223F5E-06BD-46D3-A20C-CAEE5BB9CF10}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{16A9B07F-E009-4D23-AC46-98D94F31A3A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F3BF759-B8CC-41AB-BF58-67333691DD2C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41B81887-1ED9-4A31-B1CD-A52199181D47}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{48F854B2-3724-4E09-B083-0855BBE331FD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{49AC6E73-7C58-4702-8A28-270A8495D31F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5504C2D8-EE85-44AC-9AB7-F10062304D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5B0977B9-144A-418A-9118-1049E74133A6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{8EB7D3DE-60FF-4000-B72B-22943A37F7B7}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A5600BAB-9848-45D6-86B1-EC406157B47B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C321D4F9-FC63-4F9B-B4FC-8DF8173FC3C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D2CF2F99-E159-4355-A577-D7C15424227D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF4AEE17-B667-411D-8CD9-84C4A03E9A2C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0419577C-E558-4031-9572-206A3CAD6615}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{0595D620-FCFC-4E2B-AA8E-C260C5984526}" = dir=out | name=@{microsoft.3dbuilder_10.9.6.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{06D29882-323F-4EC9-A391-364833B68A7F}" = dir=out | name=candy crush saga |
"{0ADC60BE-1A26-429D-B36B-4833D397B3CF}" = dir=out | name=@{microsoft.getstarted_2.5.6.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{0C81AC90-0B8F-4C88-8F84-5B3160EC4F2F}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{0FF1B9C4-0169-4449-A4EC-9F153A21A188}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{11C27B59-CEDB-41B9-857A-5982641A8D7D}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{1E6DCD88-D4F2-4D1E-A7D2-5F6819EB04FF}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{20CB15F2-ECF3-416F-B302-DBFA47672B21}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{20F2B3BB-B551-4ECE-9265-BE85AEB74B3E}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{2173ECA7-B58B-4D5F-B411-33A2A3E7BE18}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{224CE4B6-0D4C-49A0-B9CB-2754D6525462}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{231F9C22-3DB5-4FEB-AA98-131D33C2C863}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2AC2AA37-B5AC-4C77-9DFE-DDC22068FB8F}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2CAA7127-AA5D-421E-B1F8-08B69651B6A6}" = dir=in | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{2DB8B50F-03B9-4904-9F16-2726A39F874D}" = dir=out | name=@{microsoft.windows.photos_15.1208.10480.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{2DF2E2B0-A588-4810-90EB-4C394CAB983F}" = dir=in | name=junipernetworks.junospulsevpn |
"{331D3F10-92E3-4211-9259-CAF9D02FCE86}" = dir=out | name=junipernetworks.junospulsevpn |
"{39F34A35-BCFF-45EA-B56F-9F851CB0B07F}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\devicesetup.exe |
"{3E47C5A3-051F-4201-9E32-EA962B33874E}" = dir=in | name=@{microsoft.zunevideo_3.6.15731.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{3F24A0EB-CCB4-44C6-B07E-75AED484E9D5}" = dir=out | name=asus webstorage |
"{3FCD4691-391B-4C10-A857-8A7D8C7372D3}" = dir=out | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{4B05E3B4-DBF2-45D4-8F9C-13FAD590D17C}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{4C0E60BF-7847-416B-AB87-5B1C725C825D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5008759F-DFDB-4FF7-A081-E10B8D4A5B57}" = dir=out | name=@{microsoft.zunevideo_3.6.15731.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5103ABDD-1B97-488B-813B-C12E04F69906}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{5165C49D-B502-437D-BBA0-F7296D9A2380}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{538994E0-5AC9-491F-AF51-882B07911863}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{544B4317-8ACC-474F-8986-45C6E95EE0C7}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{57357FBD-E5C4-489B-9F7E-98629EE6C0D5}" = dir=out | name=microsoft solitaire collection |
"{583B6E74-88B5-46D7-9EB8-C04195A146AE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{598203B1-6257-4FF2-9321-AB90C677E39E}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{5F2564AA-AD51-4257-88C7-E5E8F41B31E6}" = dir=in | name=microsoft solitaire collection |
"{5FE5E0C7-52E8-46E9-A00E-2C0201CCF46C}" = dir=out | name=nyalu |
"{6209DC59-76F8-4D46-A2F4-B336101599E7}" = dir=in | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{6A20B6F1-5BB8-456C-A917-324CCCE5FD95}" = dir=in | name=onenote |
"{6AC8A09E-213E-43BA-A967-4DEAD4810C1A}" = dir=in | name=xbox |
"{6B5C20B0-EA64-4F8D-AC9F-981EA89DC696}" = dir=out | name=windows_ie_ac_001 |
"{70E55404-CF2B-49E4-8806-FEEFB615D380}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{78AFE715-4200-4517-99DC-5C185FF0E762}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{7B29F7B1-BB1F-49EC-AF87-D44253D88916}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{81F49C06-973E-49F4-B805-B11A54B043BB}" = dir=in | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{835E0E77-65D1-4FAA-AA5E-AC67565A94FB}" = dir=out | name=sonicwall.mobileconnect |
"{86E056D1-7A39-4098-A00A-8C4DAAC5FA03}" = dir=out | name=@{microsoft.windowsmaps_4.1512.3450.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{8883F137-5535-4E17-97FB-06A423FC1903}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{8A79918D-F5EF-45E2-BEB3-E0ACA1BCCBA9}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{8ACCE049-C320-4712-AE61-10CA8A74BEAE}" = dir=in | name=@{microsoft.windows.photos_15.1208.10480.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8B7728E3-40A0-4BEC-8678-C3B8CF64245E}" = dir=out | name=@{microsoft.remotedesktop_6.3.9600.16419_neutral__8wekyb3d8bbwe?ms-resource://microsoft.remotedesktop/resources/displayname} |
"{8BDBAF4B-3E51-4282-ACD2-C6D11BB6074A}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{8C3DCDFE-6768-4D2E-8D4F-FBA7C24712D1}" = dir=out | name=hp all-in-one printer remote |
"{8C935484-DF4D-402D-815D-9CC699D27FBC}" = dir=out | name=@{microsoft.windowsstore_2015.23.23.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8D02CD65-8E96-4137-85EF-8D48524734C1}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8DCB8BF0-FBFA-4A08-8850-ED098D245DA9}" = dir=out | name=asus photodirector |
"{92020401-EA86-498F-BD37-E1860E83EE42}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{95349CEC-F494-4390-8639-B61986C8179A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9785A9A5-9584-44DE-A161-A7CAC1A63943}" = dir=out | name=@{microsoft.remotedesktop_6.3.9600.16419_neutral__8wekyb3d8bbwe?ms-resource://microsoft.remotedesktop/resources/displayname} |
"{98A2E10C-C583-46F7-BF64-FF18E14477BB}" = dir=in | name=asus webstorage |
"{9A9BB7DB-8B0E-4DBE-96D8-5AE7758D34B2}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9B5526BA-055A-41C6-B2EF-DD37F2654489}" = dir=out | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{9C0B7D4E-08AB-4FAD-ACAA-E9641B128FE1}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{9CA1CABE-D34E-4A58-9FB8-665A502A4168}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{A3A52B3F-6309-4C9B-A872-D8557BBF2591}" = dir=out | name=@{microsoft.people_10.0.3350.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{A4DCCF0D-E087-4DA6-97D5-1B5BC9D5BFC8}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{A606FD51-152B-45C4-AFE4-292EE947E91D}" = dir=in | name=@{microsoft.windowsstore_2015.23.23.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{A7702E93-B4E0-4DCF-9131-634FD0564F6E}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe |
"{A9080F4C-BE69-49F6-87CD-FAE444526D27}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{AB182E10-6ED4-43EB-8F2E-BB4E5C78E863}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6509.64001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{AD825FF3-F18D-430A-8CC7-D407CFB604B5}" = dir=out | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{AE4511D0-106B-44CC-A09D-8642DD97849D}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{AE9A74B1-A8B1-49E3-9EEA-ABDC2D430891}" = dir=out | name=@{microsoft.windowsphone_10.1511.18010.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{AF4CD98F-A6B6-4B1C-8D65-661A94CE0BDE}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{B8762B2A-E60C-404A-90E8-6EF6347691C8}" = dir=out | name=onenote |
"{B9480B0B-6B60-43C9-95E2-362E290F079D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B9754A40-2E3A-4468-8622-EEB1D033B69C}" = dir=in | name=hp all-in-one printer remote |
"{BC1BC0DC-AA78-4207-A8DB-1D6FD0A2B849}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{BDDD191C-0E77-4C45-99BB-0BB5F537DD4A}" = dir=out | name=windows_ie_ac_001 |
"{C15C3BD7-848D-4E37-80F4-7CC841BFDE0E}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C2BED147-81E1-48FC-9330-FE32F0F53E42}" = dir=in | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{C2E832B8-B52E-418F-BBEA-124884D33FFA}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{C47C3EDF-6F73-4E89-9A81-2E9F1CACCC0A}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe |
"{C4DA0BAE-2380-40D6-BFD6-1B5EE7CF0A62}" = dir=out | name=xbox |
"{C6182E4B-10FC-4083-A766-458080D68E73}" = dir=in | name=f5.vpn.client |
"{C7534946-AD2B-4CA0-BD3C-990198194947}" = dir=in | name=@{microsoft.remotedesktop_6.3.9600.16419_neutral__8wekyb3d8bbwe?ms-resource://microsoft.remotedesktop/resources/displayname} |
"{D0609BA8-798F-4262-9A81-62BB9E17E2F4}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6509.64001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{D65C90D4-5C82-461A-B81A-DC6021393651}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D686F1A4-64BE-4EDE-93A2-F493D96AA1BD}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D851BF76-2F87-4DE4-B1CD-F53ABED30C63}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{DBCA2111-231F-4303-9F28-84A49A6D0645}" = dir=out | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{DF4A5C9C-6EE6-466F-9511-A72EFDA9DE3E}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{E20BB53A-3BDC-460D-BAEE-FFDC117AB485}" = dir=in | name=sonicwall.mobileconnect |
"{E2D9C7B0-2FF5-4B13-A61F-C5C255DD5A0C}" = dir=in | name=@{microsoft.remotedesktop_6.3.9600.16419_neutral__8wekyb3d8bbwe?ms-resource://microsoft.remotedesktop/resources/displayname} |
"{E4ACD088-D6DC-46BB-A66E-34894AB2DC1B}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{E6A4BE21-4183-455E-8C07-84C78011B261}" = dir=out | name=checkpoint.vpn |
"{E8F9EBFC-75FA-4E26-A9E4-0F1EE2B84882}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{E923A153-970A-453A-946E-8F801659974C}" = protocol=58 | dir=in | app=system |
"{ECB06A4C-0545-4EE3-9FDD-B0966A4CBE14}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{EE009641-04D9-4BE4-A159-2A122035FC13}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EFB3C579-A20F-44DD-84F5-2A573DB2B214}" = dir=in | name=@{microsoft.microsoftofficehub_17.6508.23761.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{F09007B7-16FA-4A4A-8B49-35ABF89BC69B}" = dir=out | name=navitime for asus |
"{F1B1B777-6FF5-4EF6-8B3E-982BB19FA29A}" = dir=out | name=@{microsoft.microsoftofficehub_17.6508.23761.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{F45A1B7D-2BF6-4F98-9277-A8400F84403D}" = dir=out | name=twitter |
"{F5458746-A826-4DC5-9BF5-9E36B17F6D2F}" = dir=out | name=asus powerdirector |
"{FA26AE1E-4A89-48D7-81E1-445FC4D43FE1}" = dir=out | name=asus welcome |
"{FA35BA80-EA4B-48FD-9FEF-74E9E0B3FEC7}" = dir=in | name=checkpoint.vpn |
"{FA7D69CE-3167-4495-BFFE-AB029C1274B1}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{FAF7CF96-4B8B-466D-B728-D962800D87A9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{FE5EA256-AD54-4FD8-B211-1263089653FF}" = dir=out | name=f5.vpn.client |
"TCP Query User{03D236A4-DB5A-4AC2-9CE3-D72929050985}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{0DA9D646-FE53-4D05-8509-CA860EEE290E}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{70A90FCB-1F33-4440-B807-8586EECE781F}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine
"{1F2DC3EA-9682-3AAA-BB63-D9BC1AC17960}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617
"{1f407217-9aec-4146-8504-e64ac959c534}" = Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{5225D772-5A0E-4258-9355-F31000505126}" = Intel(R) Trusted Execution Engine Driver
"{64565E1D-0831-469D-AEFA-F5EE499B7B2C}" = HP Photosmart 5520 series ベーシック デバイス ソフトウェア
"{74D52476-2E1E-3F1B-8460-E4ECF2FB6491}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617
"{89A448AA-3301-46AA-AFC3-34F2D7C670E8}" = Realtek I2S Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0411-0000-0000000FF1CE}" = Microsoft Office Access MUI (Japanese) 2007
"{90120000-0015-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2007
"{90120000-0016-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0411-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Japanese) 2007
"{90120000-0018-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0411-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Japanese) 2007
"{90120000-0019-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2007
"{90120000-001A-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2007
"{90120000-001B-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2007
"{90120000-001F-0411-0000-0000000FF1CE}_ENTERPRISE_{8B0BBAAA-BB10-41E1-B27E-24CF08CBB253}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0411-0000-0000000FF1CE}" = 2007 Office system 互換機能パック
"{90120000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0411-0000-0000000FF1CE}_ENTERPRISE_{277B1BCF-97A7-40F2-87A5-3CACB0E9714B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0411-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Japanese) 2007
"{90120000-0044-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2007
"{90120000-006E-0411-0000-0000000FF1CE}_ENTERPRISE_{84C84010-F698-443E-84B4-A82DD01A17FE}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0411-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Japanese) 2007
"{90120000-00A1-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0411-0000-0000000FF1CE}" = 2007 Microsoft Office プログラム用 Microsoft PDF/XPS 保存アドイン
"{90120000-00BA-0411-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Japanese) 2007
"{90120000-00BA-0411-0000-0000000FF1CE}_ENTERPRISE_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{A36BF53C-8B2C-40B3-A74A-5EA5A1954B5C}" = BSMOW07
"{AA8FCC00-B6B5-4183-AC23-AADA688580E9}" = Intel(R) Trusted Execution Engine
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{EB6E928B-EA45-46EF-8343-D1E75237BF44}" = ESET Smart Security
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"957A3BFBBA16065613E677D24C64785D717C6B05" = Windows ドライバ パッケージ - ASUS (AsusSGDrv) Mouse (07/07/2015 8.0.0.17)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"AI RoboForm" = RoboForm 7-9-13-5 (All Users)
"Avidemux 2.6 - 32 bits" = Avidemux 2.6 - 32 bits (32-bit)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FenrirSleipnirV5_is1" = Sleipnir Version 6.1.6
"FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C" = Intel(R) Dynamic Platform and Thermal Framework
"GOM Player" = GOM Player
"HP Photo Creations" = HP Photo Creations
"Jane Style_is1" = Jane Style Version 3.83
"LINE" = LINE
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.0.1024
"Mozilla Firefox 42.0 (x86 ja)" = Mozilla Firefox 42.0 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.01 (32ビット)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/12/14 10:12:31 | Computer Name = ASUS-T100T | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SearchUI.exe、バージョン: 10.0.10240.16603、タイム スタンプ:
0x56553494 障害が発生しているモジュール名: CortanaApi.dll、バージョン: 0.0.0.0、タイム スタンプ: 0x565532ab 例外コード:
0x80000003 障害オフセット: 0x00138281 障害が発生しているプロセス ID: 0x77c 障害が発生しているアプリケーションの開始時刻: 0x01d1367978265c73
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 障害が発生しているモジュール
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
レポート
ID: 4bcc8d89-4dec-4a23-be75-5d1bc42a3dd0 障害が発生しているパッケージの完全な名前: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
障害が発生しているパッケージに関連するアプリケーション
ID: CortanaUI

Error - 2015/12/14 10:12:31 | Computer Name = ASUS-T100T | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2147023170。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/12/14 10:12:34 | Computer Name = ASUS-T100T | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.5.6.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/12/14 10:22:31 | Computer Name = ASUS-T100T | Source = DptfPolicyLpmService | ID = 131073
Description =

Error - 2015/12/14 10:24:11 | Computer Name = ASUS-T100T | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SearchUI.exe、バージョン: 10.0.10240.16603、タイム スタンプ:
0x56553494 障害が発生しているモジュール名: CortanaApi.dll、バージョン: 0.0.0.0、タイム スタンプ: 0x565532ab 例外コード:
0x80000003 障害オフセット: 0x00138281 障害が発生しているプロセス ID: 0x78c 障害が発生しているアプリケーションの開始時刻: 0x01d1367b199593b4
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 障害が発生しているモジュール
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
レポート
ID: 97eedfd8-ee0b-4bb3-95de-776d18d2f8f0 障害が発生しているパッケージの完全な名前: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
障害が発生しているパッケージに関連するアプリケーション
ID: CortanaUI

Error - 2015/12/14 10:24:14 | Computer Name = ASUS-T100T | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SearchUI.exe、バージョン: 10.0.10240.16603、タイム スタンプ:
0x56553494 障害が発生しているモジュール名: CortanaApi.dll、バージョン: 0.0.0.0、タイム スタンプ: 0x565532ab 例外コード:
0x80000003 障害オフセット: 0x00138281 障害が発生しているプロセス ID: 0x580 障害が発生しているアプリケーションの開始時刻: 0x01d1367b1ba42005
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 障害が発生しているモジュール
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
レポート
ID: 43227852-ae97-4147-8022-703f0835b5aa 障害が発生しているパッケージの完全な名前: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
障害が発生しているパッケージに関連するアプリケーション
ID: CortanaUI

Error - 2015/12/14 10:24:15 | Computer Name = ASUS-T100T | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2147023170。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/12/14 10:24:15 | Computer Name = ASUS-T100T | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.5.6.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/12/15 6:26:06 | Computer Name = ASUS-T100T | Source = DptfPolicyLpmService | ID = 131073
Description =

Error - 2015/12/15 9:28:53 | Computer Name = ASUS-T100T | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システム ライター オブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。 。

[ System Events ]
Error - 2015/12/15 5:14:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 5:24:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 5:34:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 5:44:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 5:54:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 6:04:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 6:14:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 6:24:01 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 6:24:12 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =

Error - 2015/12/15 6:24:15 | Computer Name = ASUS-T100T | Source = DCOM | ID = 10005
Description =


< End of report >
  • ピーチ
  • 2015/12/16 (Wed) 22:12:45
返信フォームへ 
Re: MPC Cleanerのアンインストール
すいません。ログ載せ忘れてました。
  • ピーチ
  • 2015/12/16 (Wed) 22:14:01
返信フォームへ 
DotCash←これがMPC一派です
作業と報告、ご苦労様です。
Extraのログも見せてもらいました。

では今度は見つかったものをOTLから処置にかかります。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
PRC - [2015/12/11 20:12:37 | 000,270,304 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCProtectService.exe
PRC - [2015/12/11 20:12:37 | 000,166,368 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCTray.exe
SRV - [2015/12/11 20:12:37 | 000,270,304 | ---- | M] (DotCash Limited) [Auto | Running] -- C:\Program Files\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
DRV - [2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) [File_System | System | Running] -- C:\Windows\System32\drivers\MPCKpt.sys -- (MPCKpt)
DRV - [2015/12/11 20:12:39 | 000,028,904 | ---- | M] (DotCash) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MPCBase.sys -- (MPCBase)
[2015/12/11 20:12:49 | 000,049,384 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:48 | 000,028,904 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\MPC Cleaner
[2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:39 | 000,028,904 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:18:06 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu\Common
[2015/03/05 23:08:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\Baidu\Common\I18N

:Files
C:\Program Files\MPC Cleaner
C:\Windows\System32\drivers\MPCKpt.sys
C:\Windows\System32\drivers\MPCBase.sys
C:\Users\Public\Desktop\MPC Cleaner.lnk
C:\Users\Public\Documents\Baidu
C:\Users\Public\Documents\Baidu\Common
C:\Users\Public\Documents\Baidu\Common\I18N

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2015/12/17 (Thu) 08:26:30
返信フォームへ 
OTLログ2回目
いつもお世話になっております。
状況ですが、デスクトップが若干変わったような?
圧縮解凍は特に行ってませんが、「Thumbs.db」が出来たような・・・?
MPCcleanerのショートカットアイコンは、いつのまにか消えたような・・・。常駐には居ますけど。
その他、特に不具合は発生していない・・・と思います。

All processes killed
========== OTL ==========
No active process named MPCProtectService.exe was found!
No active process named MPCTray.exe was found!
Service MPCProtectService stopped successfully!
Service MPCProtectService deleted successfully!
File move failed. C:\Program Files\MPC Cleaner\MPCProtectService.exe scheduled to be moved on reboot.
Error: Unable to stop service MPCKpt!
Unable to delete service\driver key MPCKpt.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
Service MPCBase stopped successfully!
Service MPCBase deleted successfully!
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
C:\Users\Public\Desktop\MPC Cleaner.lnk moved successfully.
C:\Users\Public\Documents\Baidu\Common\I18N folder moved successfully.
C:\Users\Public\Documents\Baidu\Common folder moved successfully.
C:\Users\Public\Documents\Baidu folder moved successfully.
Folder C:\Users\Public\Documents\Baidu\Common\ not found.
Folder C:\Users\Public\Documents\Baidu\Common\I18N\ not found.
========== FILES ==========
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
File\Folder C:\Users\Public\Desktop\MPC Cleaner.lnk not found.
File\Folder C:\Users\Public\Documents\Baidu not found.
File\Folder C:\Users\Public\Documents\Baidu\Common not found.
File\Folder C:\Users\Public\Documents\Baidu\Common\I18N not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: さん
->Temp folder emptied: 87351880 bytes
->Temporary Internet Files folder emptied: 2617729 bytes
->Java cache emptied: 6797028 bytes
->FireFox cache emptied: 171218134 bytes
->Flash cache emptied: 388745 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10182645 bytes
RecycleBin emptied: 594311458 bytes

Total Files Cleaned = 833.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 12172015_221109

Files\Folders moved on Reboot...
File move failed. C:\Program Files\MPC Cleaner\MPCProtectService.exe scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • ピーチ
  • 2015/12/17 (Thu) 23:36:02
返信フォームへ 
一度各ログから見直します
作業と報告、ご苦労様です。

>状況ですが、デスクトップが若干変わったような?
>圧縮解凍は特に行ってませんが、「Thumbs.db」が出来たような・・・?
>MPCcleanerのショートカットアイコンは、いつのまにか消えたような・・・。常駐には居ますけど。

はい、Thumbs.dbについては特に異常でもないのでそれは置いといていいです。

他の症状では少し沈静化はしてもまだ解決には至ってないようですね。

ではここでまた全体の見直しです。
CCの各タブログとインストール情報とHJTログを取り直して、それらをまた見せてください
  • 悪代官
  • 2015/12/18 (Fri) 21:42:55
返信フォームへ 
CCインストール情報
2007 Microsoft Office プログラム用 Microsoft PDF/XPS 保存アドイン Microsoft Corporation 2015/05/09 124 KB 12.0.4518.1014
2007 Office system 互換機能パック Microsoft Corporation 2015/12/12 80.2 MB 12.0.6612.1000
3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
Adobe AIR Adobe Systems Incorporated 2015/09/15 18.0.0.144
Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 2015/12/10 9.05 MB 20.0.0.235
ASUS Live Update ASUS 2014/03/03 8.49 MB 3.2.6
ASUS PhotoDirector CyberLink Corp. 2015/09/15 2.1.3706.2
ASUS PowerDirector CyberLink Corp. 2015/09/15 1.0.3618.38952
ASUS Screen Saver ASUS 2014/03/03 32.0 KB 1.0.2
ASUS Smart Gesture ASUS 2015/09/15 102 MB 4.0.6
ASUS WebStorage ASUS Cloud Corporation 2015/09/15 1.0.24.190
ASUS Welcome ASUSTeK COMPUTER INC. 2015/09/15 1.0.1.0
ATK Package ASUS 2014/03/03 13.9 MB 1.0.0031
Avidemux 2.6 - 32 bits (32-bit) 2015/09/15 2.6.9.00
Broadcom 802.11 Network Adapter Broadcom Corporation 2015/09/15 5.93.99.187.1
BSMOW07 BUFFALO 2015/05/10 1.0.2
Candy Crush Saga king.com 2015/12/14 1.668.0.0
CCleaner Piriform 2015/12/11 5.12
ESET Smart Security ESET, spol s r. o. 2015/09/15 96.8 MB 8.0.304.7
GOM Player Gretech Corporation 2015/09/19 2.2.73.5235
Groove ミュージック Microsoft Corporation 2015/11/11 3.6.15131.0
HP AiO Printer Remote Hewlett-Packard Company 2015/09/29 58.1.78.0
HP FWUpdateEDO2 Hewlett-Packard 2015/05/23 1.53 MB 1.2.0.0
HP Photo Creations HP 2015/09/15 14.6 MB 1.0.0.7702
HP Photosmart 5520 series ベーシック デバイス ソフトウェア Hewlett-Packard Co. 2015/05/16 102 MB 28.0.1315.0
HP Update Hewlett-Packard 2015/05/16 4.04 MB 5.005.002.002
Intel(R) Dynamic Platform and Thermal Framework Intel Corporation 2015/09/15 7.1.0.479
Intel(R) Processor Graphics Intel Corporation 2015/06/24 10.18.10.3417
Intel(R) Trusted Execution Engine Intel Corporation 2014/03/03 1.0.0.1054
Jane Style Version 3.83 Jane, Inc. 2015/04/26 3.83
LINE LINE Corporation 2015/12/08 4.3.0.724
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 2015/12/14 66.0 MB 2.2.0.1024
Microsoft Office Enterprise 2007 Microsoft Corporation 2015/09/15 12.0.6612.1000
Microsoft Office File Validation Add-In Microsoft Corporation 2015/05/08 10.9 MB 14.0.5130.5003
Microsoft Silverlight Microsoft Corporation 2015/12/12 89.3 MB 5.1.41105.0
Microsoft Solitaire Collection Microsoft Studios 2015/12/19 3.6.12153.0
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/07/02 5.15 MB 10.0.40219
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 Microsoft Corporation 2015/09/15 17.3 MB 12.0.20617.1
Mozilla Firefox 43.0 (x86 ja) Mozilla 2015/12/16 89.9 MB 43.0
Mozilla Maintenance Service Mozilla 2015/12/16 425 KB 43.0.0.5820
MSN トラベル Microsoft Corporation 2015/09/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/09/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/09/15 3.0.4.336
NAVITIME for ASUS NavitimeJapan. 2015/09/15 2.0.3.0
nyalu catproject 2015/09/15 1.8.0.40
OneNote Microsoft Corporation 2015/12/10 17.6366.15841.0
People Microsoft Corporation 2015/12/19 10.0.3450.0
Realtek I2S Audio Realtek Semiconductor Corp. 2014/03/03 6.2.9600.4055
RoboForm 7-9-13-5 (All Users) Siber Systems 2015/09/15 20.0 MB 7-9-13-5
Skype を手に入れよう Skype 2015/09/15 3.2.1.0
Sleipnir Version 6.1.6 Fenrir Inc. 2015/04/26 263 MB 6.1.6
Twitter Twitter Inc. 2015/12/18 4.3.3.0
VLC media player VideoLAN 2015/09/15 2.2.1
Windows スキャン Microsoft Corporation 2015/09/15 6.3.9654.17133
Windows ドライバ パッケージ - ASUS (AsusSGDrv) Mouse (07/07/2015 8.0.0.17) ASUS 2015/09/15 07/07/2015 8.0.0.17
Windows リーディング リスト Microsoft Corporation 2015/09/15 6.3.9654.20947
WinFlash ASUS 2014/03/03 889 KB 2.42.0
WinRAR 5.01 (32ビット) win.rar GmbH 2015/09/15 5.01.0
Xbox Microsoft Corporation 2015/12/10 11.12.9011.0
はじめに Microsoft Corporation 2015/11/10 2.5.6.0
アプリ コネクター Microsoft Corporation 2015/09/15 1.3.3.0
アラーム & クロック Microsoft Corporation 2015/11/18 10.1511.61020.0
カメラ Microsoft Corporation 2015/12/16 2015.1211.10.0
ストア Microsoft Corporation 2015/12/17 2015.25.5.0
スポーツ Microsoft Corporation 2015/11/24 4.7.130.0
ニュース Microsoft Corporation 2015/11/17 4.7.118.0
フォト Microsoft Corporation 2015/12/10 15.1208.10480.0
ボイス レコーダー Microsoft Corporation 2015/11/20 10.1511.17110.0
マップ Microsoft Corporation 2015/12/15 4.1512.3450.0
マネー Microsoft Corporation 2015/11/17 4.7.118.0
メール/カレンダー Microsoft Corporation 2015/12/17 17.6515.64021.0
モバイル コンパニオン Microsoft Corporation 2015/11/20 10.1511.18010.0
リモート デスクトップ Microsoft Corporation 2015/09/15 6.3.9600.16419
リーダー Microsoft Corporation 2015/09/15 6.4.9926.17994
天気 Microsoft Corporation 2015/11/17 4.7.118.0
新しい Office を始めよう Microsoft Corporation 2015/12/10 17.6508.23761.0
映画 & テレビ Microsoft Corporation 2015/12/10 3.6.15731.0
電卓 Microsoft Corporation 2015/12/18 10.1512.17020.0
  • ピーチ
  • 2015/12/19 (Sat) 20:19:26
返信フォームへ 
各ログ情報
Windows
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run HP Photosmart 5520 series (NET) Hewlett-Packard Co. "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RoboForm Siber Systems "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
有効 HKLM:Run ASUSPRP ASUSTek Computer Inc. "C:\Program Files\ASUS\APRP\APRP.EXE"
有効 HKLM:Run BSMOW07 Buffalo "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
有効 HKLM:Run DptfPolicyLpmServiceHelper Intel Corporation C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
有効 HKLM:Run egui ESET "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
有効 HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
有効 HKLM:Run HP Software Update Hewlett-Packard C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
有効 HKLM:Run IgfxTray Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
有効 HKLM:Run RtkNGUI Realtek Semiconductor "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
有効 Startup User OneNote 2007 画面の領域の取り込みと起動.lnk Microsoft Corporation C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

IE
有効 Extension OneNote に送る Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
有効 Extension Research Microsoft Corporation C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
有効 Extension ツールバー表示 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension フォーム記入 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Extension 保存 Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
無効 Helper Groove GFS Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
有効 Helper RoboForm Toolbar Helper Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
有効 Toolbar RoboForm Toolbar Siber Systems Inc. C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

FF
有効 Extension RoboForm Toolbar for Firefox 7.9.13.5 Siber Systems Inc. default Firefox 43.0 C:\Program Files\Siber Systems\AI RoboForm\Firefox
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 43.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.5.0 Intel Corporation default Firefox 43.0 C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin OpenH264 Video Codec 1.5.1 Mozilla Corporation default Firefox 43.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\g3ubdbvo.default\gmp-gmpopenh264\1.5.1\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 15 Adobe Systems Inc default Firefox 43.0 C:\Users\さん\AppData\Roaming\Mozilla\Firefox\Profiles\g3ubdbvo.default\gmp-eme-adobe\15\eme-adobe.dll
有効 Plugin Shockwave Flash 20.0.0.235 Adobe Systems Incorporated default Firefox 43.0 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll
有効 Plugin Silverlight Plug-In 5.1.41105.0 Microsoft Corporation default Firefox 43.0 C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll
有効 Plugin VLC Web Plugin 2.2.1.0 VideoLAN default Firefox 43.0 C:\Program Files\VideoLAN\VLC\npvlc.dll

タスク
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task ASUS Live Update1 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -critical
有効 Task ASUS Live Update2 ASUSTeK Computer Inc. C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe -check
有効 Task ASUS Patch for Touch Panel ASUSTek Computer INC. C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task Open URL by RoboForm Microsoft Corporation C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMKJKMMMJMIMLJMJCNLJMMIMNJCNLMNMJMKJCNGMNMNJMJCNKJOJNMOJOMLJKJLMMMJJNMKMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMLMPMLMJNHICMEKMICNJJCKJNBJCMKKMGJNKJCMJNNICMJNDJCMFJPIJNMJCMPMFMOMGMJMFMNMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3451279271-2515706449-3442622051-1001
有効 Task Run RoboForm TaskBar Icon Siber Systems C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
有効 Task {1994A667-DE99-4D82-B3C1-19EBB008C86E} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\coreaacSetup.exe -d C:\Users\さん\Downloads
有効 Task {3FE3E668-0FC6-4D31-9A72-E3B4CA43FBB3} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\さん\Downloads\inst_essv8_efseps.exe -d C:\Users\さん\Downloads

コンテキスト
有効 Directory 7-Zip
有効 Directory Offline Files
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File 7-Zip
有効 File ANotepad++64
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Folder Offline Files
有効 Folder WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll

  • ピーチ
  • 2015/12/19 (Sat) 20:23:21
返信フォームへ 
HJTログ
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:25:09, on 2015/12/19
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)

FIREFOX: 43.0 (x86 ja)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\IME\SHARED\imebroker.exe
C:\Users\さん\Downloads\HijackThis.exe

O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [RtkNGUI] "C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BSMOW07] "C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AG513CM0603:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [OneDrive] "C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS HID Access Service (AsHidService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem54.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem2.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotCash Limited - C:\Program Files\MPC Cleaner\MPCProtectService.exe

--
End of file - 8153 bytes
  • ピーチ
  • 2015/12/19 (Sat) 20:25:21
返信フォームへ 
Re: MPC Cleanerのアンインストール
お世話になっております。

すいません各ログなんですが、何も考えずに「通常モード」で取ってしまったんですが、
「セーフモード」にした方がいいですかね?
  • ピーチ
  • 2015/12/19 (Sat) 20:27:02
返信フォームへ 
HJTでfixを
作業と報告、ご苦労様です。
現在のログを見せていただきました。

ログはそのまま通常モードでとったものでいいです。

では再度作業です。

またセーフモードでHJTでスキャンして、表示された中の下記をfixしてください。
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotCash Limited - C:\Program Files\MPC Cleaner\MPCProtectService.exe

処置できたらPCを通常モードで再起動後、またしばらく様子見後MPCフォルダの有無を含む状態報告をレスください。
MPCフォルダが見つかったら再度削除もしてみてください
  • 悪代官
  • 2015/12/19 (Sat) 22:07:54
返信フォームへ 
HJTでfixできず?
お世話になっております。

セーフモードでHJTスキャン後に、チェックしてfixしようとしたところ、
添付のような画像が出て、処置出来ませんでした・・・。

通常モードで起動すると、画面右下に「MPCclener注意」が出てきます。

このままフォルダを右クリック削除でよろしいのでしょうか?
現状はストップしています。
  • ピーチ
  • 2015/12/19 (Sat) 22:35:14
返信フォームへ 
お手数ですがOTLで再スキャンを
おはようございます。
画像とともにレスを見せてもらいましたが、HJTでの処置ができないとのことですね。
では手動目視でフォルダの削除を試してください。
それが削除できればいいですが、できないときはキャンセルして、次回レスでまた教えてください。
C:\Program Files\MPC Cleaner

おそらく削除はできないと思いますが、この場合は次の作業にかかってください。

先にOTLでスキャンしたときの要領で、またOTLで「Run scan」でスキャンして、そのログをまた見せてください。
このログも見たうえで、隠れていたものが見つかればそれを処置にかかりましょう
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
  • 悪代官
  • 2015/12/20 (Sun) 08:25:01
返信フォームへ 
OTLログ3回目
こんばんは。お世話になっております。

フォルダ削除ですが、予想通り「admin権限。。。」が出て途中で止まりますので、キャンセルしました。
あ、一応、adminでログインしての話です。

OTL logfile created on: 2015/12/20 20:05:40 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\さん\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.89 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 58.92% Memory free
2.64 Gb Paging File | 1.94 Gb Available in Paging File | 73.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.15 Gb Total Space | 23.96 Gb Free Space | 48.75% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 406.08 Gb Free Space | 87.19% Space Free | Partition Type: NTFS

Computer Name: ASUS-T100T | User Name: さん | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/12/15 22:16:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\さん\Downloads\OTL.exe
PRC - [2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015/09/17 15:20:38 | 001,235,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
PRC - [2015/07/10 17:25:02 | 000,036,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ApplicationFrameHost.exe
PRC - [2015/07/10 17:24:54 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sihost.exe
PRC - [2015/07/10 17:24:46 | 000,898,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
PRC - [2015/07/10 17:24:42 | 000,066,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/09/17 15:27:29 | 001,766,952 | ---- | M] () -- C:\Windows\System32\CoreUIComponents.dll
MOD - [2015/09/15 21:35:33 | 000,025,088 | ---- | M] () -- C:\Windows\System32\LicenseManagerApi.dll
MOD - [2015/07/10 17:24:27 | 000,288,768 | ---- | M] () -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/12/19 20:45:47 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/12/19 20:13:32 | 000,349,152 | ---- | M] (DotCash Limited) [Auto | Stopped] -- C:\Program Files\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
SRV - [2015/12/10 20:39:16 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/25 13:07:42 | 001,918,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2015/11/05 12:32:33 | 000,738,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV - [2015/11/05 12:30:07 | 000,546,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\usermgr.dll -- (UserManager)
SRV - [2015/11/05 12:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/11/05 12:24:39 | 000,115,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dssvc.dll -- (DsSvc)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/09/25 11:34:48 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV - [2015/09/25 11:34:07 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV - [2015/09/25 11:34:00 | 000,928,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV - [2015/09/17 15:26:35 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/09/17 14:48:20 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV - [2015/09/17 14:45:35 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/09/17 14:42:00 | 000,388,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV - [2015/09/17 14:36:54 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2015/09/17 14:32:20 | 001,543,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2015/09/17 14:31:28 | 000,389,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV - [2015/09/17 14:28:20 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2015/09/17 14:27:58 | 001,380,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2015/09/17 14:27:28 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2015/09/15 21:35:59 | 000,239,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2015/09/15 21:35:58 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV - [2015/09/15 21:35:54 | 000,669,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV - [2015/09/15 21:35:34 | 000,872,448 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dosvc.dll -- (DoSvc)
SRV - [2015/09/15 21:35:34 | 000,251,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2015/09/15 21:35:34 | 000,236,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\usocore.dll -- (UsoSvc)
SRV - [2015/09/15 21:35:33 | 001,183,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/09/15 21:35:33 | 000,520,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV - [2015/09/15 21:35:33 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorService.dll -- (SensorService)
SRV - [2015/07/30 22:41:56 | 000,290,208 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/07/30 22:41:56 | 000,283,552 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\System32\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV - [2015/07/10 23:00:01 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2015/07/10 17:25:49 | 000,473,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2015/07/10 17:25:49 | 000,430,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WalletService.dll -- (WalletService)
SRV - [2015/07/10 17:25:49 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2015/07/10 17:25:15 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2015/07/10 17:25:15 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2015/07/10 17:25:10 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/10 17:25:07 | 000,636,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2015/07/10 17:25:05 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2015/07/10 17:24:54 | 000,293,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2015/07/10 17:24:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpnservice.dll -- (WpnService)
SRV - [2015/07/10 17:24:54 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV - [2015/07/10 17:24:54 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV - [2015/07/10 17:24:54 | 000,016,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV - [2015/07/10 17:24:52 | 000,807,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV - [2015/07/10 17:24:52 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV - [2015/07/10 17:24:52 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV - [2015/07/10 17:24:52 | 000,048,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\moshost.dll -- (MapsBroker)
SRV - [2015/07/10 17:24:52 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV - [2015/07/10 17:24:50 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV - [2015/07/10 17:24:50 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV - [2015/07/10 17:24:48 | 002,903,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2015/07/10 17:24:46 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2015/07/10 17:24:45 | 000,520,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV - [2015/07/10 17:24:45 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2015/07/10 17:24:45 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2015/07/10 17:24:43 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2015/07/10 17:24:42 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2015/07/10 17:24:42 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV - [2015/07/10 17:24:41 | 000,322,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2015/07/10 17:24:39 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2015/07/10 17:24:38 | 000,229,376 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV - [2015/07/10 17:24:38 | 000,152,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV - [2015/07/10 17:24:38 | 000,104,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2015/07/10 17:24:38 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2015/07/10 17:24:36 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV - [2015/07/10 17:24:35 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV - [2015/07/10 17:24:33 | 000,401,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV - [2015/07/10 17:24:32 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2015/07/10 17:24:29 | 000,277,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2015/07/10 17:24:29 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2015/07/10 17:24:29 | 000,023,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2015/07/10 17:24:19 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV - [2014/10/29 12:06:52 | 002,472,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2014/03/03 10:20:44 | 001,677,016 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
SRV - [2014/01/22 07:04:02 | 000,096,720 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\System32\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV - [2014/01/22 07:04:02 | 000,090,576 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\System32\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV - [2014/01/22 07:04:02 | 000,083,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\System32\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV - [2013/09/09 10:05:10 | 000,103,224 | ---- | M] (ASUSTek Computer Inc.) [Auto | Stopped] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe -- (AsHidService)
SRV - [2013/09/09 10:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) [Auto | Stopped] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2013/08/25 03:21:46 | 000,168,216 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/07/01 20:01:08 | 000,637,912 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV - [2013/07/01 20:00:54 | 000,586,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wfpcapture.sys -- (wfpcapture)
DRV - [2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MPCBase.sys -- (MPCBase)
DRV - [2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) [File_System | System | Running] -- C:\Windows\System32\drivers\MPCKpt.sys -- (MPCKpt)
DRV - [2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV - [2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2015/10/05 09:50:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/10/05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/09/17 15:28:39 | 000,083,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV - [2015/09/17 14:34:20 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV - [2015/09/15 21:35:58 | 000,042,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2015/09/15 21:35:35 | 000,488,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV - [2015/09/15 21:35:34 | 000,054,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\dam.sys -- (dam)
DRV - [2015/09/15 21:35:33 | 000,284,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2015/09/15 21:35:33 | 000,173,408 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2015/09/15 21:35:33 | 000,066,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV - [2015/09/15 21:35:33 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2015/09/15 21:35:33 | 000,036,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2015/09/15 21:35:33 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV - [2015/09/14 00:09:32 | 000,025,016 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2015/08/27 10:29:34 | 000,116,032 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsusSGDrv.sys -- (AsusSGDrv)
DRV - [2015/07/10 23:00:05 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2015/07/10 23:00:03 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2015/07/10 17:25:56 | 000,024,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2015/07/10 17:25:00 | 000,276,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV - [2015/07/10 17:25:00 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV - [2015/07/10 17:24:56 | 000,086,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV - [2015/07/10 17:24:56 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV - [2015/07/10 17:24:55 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2015/07/10 17:24:55 | 000,052,736 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV - [2015/07/10 17:24:55 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV - [2015/07/10 17:24:55 | 000,023,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ioqos.sys -- (IoQos)
DRV - [2015/07/10 17:24:54 | 000,087,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2015/07/10 17:24:50 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\mmcss.sys -- (MMCSS)
DRV - [2015/07/10 17:24:45 | 000,033,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2015/07/10 17:24:43 | 000,190,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV - [2015/07/10 17:24:43 | 000,127,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2015/07/10 17:24:43 | 000,121,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV - [2015/07/10 17:24:43 | 000,076,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2015/07/10 17:24:43 | 000,060,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV - [2015/07/10 17:24:43 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV - [2015/07/10 17:24:43 | 000,042,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV - [2015/07/10 17:24:43 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2015/07/10 17:24:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2015/07/10 17:24:33 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2015/07/10 17:24:32 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV - [2015/07/10 17:24:32 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV - [2015/07/10 17:24:31 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2015/07/10 17:24:29 | 000,245,600 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV - [2015/07/10 17:24:29 | 000,097,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2015/07/10 17:24:29 | 000,037,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV - [2015/07/10 17:24:28 | 000,173,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV - [2015/07/10 17:24:28 | 000,093,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV - [2015/07/10 17:24:28 | 000,074,240 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV - [2015/07/10 17:24:28 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2015/07/10 17:24:28 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV - [2015/07/10 17:24:28 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV - [2015/07/10 17:24:24 | 000,025,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV - [2015/07/10 17:24:24 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2015/07/10 17:24:24 | 000,015,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV - [2015/07/10 17:24:23 | 000,410,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV - [2015/07/10 17:24:23 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2015/07/10 17:24:23 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV - [2015/07/10 17:24:23 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV - [2015/07/10 17:24:23 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV - [2015/07/10 17:24:23 | 000,059,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uaspstor.sys -- (UASPStor)
DRV - [2015/07/10 17:24:23 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV - [2015/07/10 17:24:23 | 000,051,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV - [2015/07/10 17:24:23 | 000,051,040 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV - [2015/07/10 17:24:23 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2015/07/10 17:24:23 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storufs.sys -- (storufs)
DRV - [2015/07/10 17:24:23 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV - [2015/07/10 17:24:23 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uefi.sys -- (UEFI)
DRV - [2015/07/10 17:24:23 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\swenum.inf_x86_b6707c73599dd1b6\swenum.sys -- (swenum)
DRV - [2015/07/10 17:24:22 | 001,038,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV - [2015/07/10 17:24:22 | 000,524,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2015/07/10 17:24:22 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV - [2015/07/10 17:24:22 | 000,171,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2015/07/10 17:24:22 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV - [2015/07/10 17:24:22 | 000,088,928 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV - [2015/07/10 17:24:22 | 000,085,856 | ---- | M] (LSI) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV - [2015/07/10 17:24:22 | 000,083,296 | ---- | M] (Avago Technologies) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV - [2015/07/10 17:24:22 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2015/07/10 17:24:22 | 000,037,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV - [2015/07/10 17:24:22 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kdnic.sys -- (kdnic)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV - [2015/07/10 17:24:22 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV - [2015/07/10 17:24:21 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2015/07/10 17:24:19 | 000,193,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV - [2015/07/10 17:24:19 | 000,101,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2015/07/10 17:24:19 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2015/07/10 17:24:19 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netvsc.sys -- (netvsc)
DRV - [2015/07/10 17:24:19 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV - [2015/07/10 17:24:19 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2015/07/10 17:24:19 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2015/07/10 17:24:19 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2015/07/10 17:24:19 | 000,038,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelpep.sys -- (intelpep)
DRV - [2015/07/10 17:24:19 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV - [2015/07/10 17:24:19 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2015/07/10 17:24:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_a4832450a7024d49\CompositeBus.sys -- (CompositeBus)
DRV - [2015/07/10 17:24:19 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2015/07/10 17:24:19 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2015/07/10 17:24:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fcvsc.sys -- (fcvsc)
DRV - [2015/07/10 17:24:19 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthMini.SYS -- (BthMini)
DRV - [2015/07/10 17:24:19 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2015/07/10 17:24:19 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2015/07/10 17:24:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2015/07/10 17:24:19 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2015/07/10 17:24:19 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV - [2015/07/10 17:24:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2015/07/08 02:27:58 | 000,025,040 | ---- | M] (Capella Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CPLMACPI.sys -- (CPLMACPI)
DRV - [2015/06/27 05:46:16 | 000,044,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV - [2015/06/27 05:46:16 | 000,035,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iwdbus.sys -- (iwdbus)
DRV - [2015/06/25 19:14:57 | 000,304,344 | ---- | M] (Broadcom Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmdhd63.sys -- (BCMSDH43XX)
DRV - [2015/06/25 19:14:57 | 000,016,088 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2015/05/21 00:04:02 | 000,263,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtii2sac.sys -- (rtii2sac)
DRV - [2015/05/13 05:44:24 | 000,017,416 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsHIDSwitch.sys -- (HIDSwitch)
DRV - [2015/04/09 10:37:54 | 000,139,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BtwSerialBus.sys -- (BtwSerialBus)
DRV - [2014/09/22 07:20:06 | 000,191,928 | ---- | M] (ESET) [File_System | System | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2014/09/22 07:20:06 | 000,190,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\edevmon.sys -- (edevmon)
DRV - [2014/09/22 07:20:06 | 000,176,448 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2014/09/22 07:20:06 | 000,135,296 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2014/09/22 07:20:06 | 000,051,288 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2014/09/22 07:20:06 | 000,037,928 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2014/02/26 16:42:48 | 000,075,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TXEI.sys -- (TXEI)
DRV - [2014/01/22 07:04:02 | 000,181,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfManager.sys -- (DptfManager)
DRV - [2014/01/22 07:04:00 | 000,080,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV - [2014/01/22 07:04:00 | 000,044,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevAmbient.sys -- (DptfDevAmbient)
DRV - [2014/01/22 07:04:00 | 000,036,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevGen.sys -- (DptfDevGen)
DRV - [2014/01/22 07:04:00 | 000,028,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevDisplay.sys -- (DptfDevDisplay)
DRV - [2014/01/22 07:04:00 | 000,025,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevPower.sys -- (DptfDevDBPT)
DRV - [2013/12/30 21:27:46 | 000,254,464 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\isstrtc.sys -- (IntelSST)
DRV - [2013/12/30 21:27:46 | 000,087,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaiouart.sys -- (iaiouart)
DRV - [2013/12/30 21:27:46 | 000,048,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PMIC.sys -- (PMIC)
DRV - [2013/12/30 21:27:46 | 000,023,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpioe.sys -- (GPIO)
DRV - [2013/12/30 21:27:46 | 000,021,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MBI.sys -- (MBI)
DRV - [2013/12/30 21:27:46 | 000,016,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpiovirtual.sys -- (GpioVirtual)
DRV - [2013/12/12 14:07:14 | 000,064,792 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AsusHID.sys -- (AsusHID)
DRV - [2013/12/02 19:42:42 | 000,345,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camera.sys -- (camera)
DRV - [2013/12/02 19:42:42 | 000,038,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mt9m114.sys -- (MT9M114)
DRV - [2013/11/15 10:19:20 | 000,058,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaioi2ce.sys -- (iaioi2c)
DRV - [2013/08/09 11:31:54 | 000,505,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013/07/02 16:45:50 | 000,017,720 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Stopped] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2015/05/04 18:18:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Extensions
[2015/12/14 22:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Firefox\Profiles\g3ubdbvo.default\extensions
[2015/12/19 20:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/12/19 20:45:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2015/12/17 22:12:58 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [BSMOW07] C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe (Buffalo)
O4 - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [RtkNGUI] C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [OneDrive] C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O9 - Extra Button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c836c8dc-713c-44b9-9fe3-f6f201d65504}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d6ac41ee-4466-4acc-8c44-d8b1fe62318d}: DhcpNameServer = 169.254.125.80
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 17:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D3D70DDE-B3B4-33DE-A8CD-808A85D68682} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/12/19 20:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/12/17 22:11:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/12/14 23:00:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/12/14 22:51:27 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/14 22:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/12/14 22:50:43 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2015/12/14 22:50:43 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mwac.sys
[2015/12/14 22:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/12/14 22:48:41 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Malwarebytes
[2015/12/14 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/12/14 22:48:14 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbam.sys
[2015/12/14 22:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2015/12/12 21:14:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2015/12/11 21:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/12/11 21:06:37 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Geek Uninstaller
[2015/12/11 20:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[2015/12/11 20:12:49 | 000,049,384 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:48 | 000,028,648 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\MPC Cleaner
[2015/12/11 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Local\Programs
[2015/12/09 20:07:53 | 018,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2015/12/09 20:07:47 | 001,467,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2015/12/09 20:07:45 | 001,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2015/12/09 20:07:45 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2015/12/09 20:07:45 | 001,442,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2015/12/09 20:07:40 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/12/09 20:07:39 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2015/12/09 20:07:38 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/12/09 20:07:34 | 005,455,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/09 20:07:32 | 002,987,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2015/12/09 20:07:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ninput.dll
[2015/12/09 20:07:30 | 004,047,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/12/09 20:07:30 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2015/12/09 20:07:27 | 002,153,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2015/12/09 20:07:26 | 001,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2015/12/09 20:07:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2015/12/09 20:07:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/12/09 20:07:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/12/09 20:07:23 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/12/09 20:07:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3mm.dll
[2015/12/09 20:07:23 | 000,133,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/12/09 20:07:22 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/12/09 20:07:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/12/09 20:07:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMM.dll
[2015/12/09 20:07:20 | 000,414,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/12/09 20:07:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2015/12/09 20:07:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll
[2015/12/09 20:07:19 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdownux.dll
[2015/12/09 20:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeoqw.dll
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZST.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZEL.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZE.DLL
[2015/12/09 20:07:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profext.dll
[2015/12/09 20:07:12 | 003,580,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/12/20 20:11:11 | 000,731,134 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2015/12/20 20:11:11 | 000,513,144 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2015/12/20 20:11:11 | 000,138,028 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2015/12/20 20:11:11 | 000,137,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015/12/20 20:06:09 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/12/20 20:04:24 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2015/12/20 20:04:23 | 000,016,148 | ---- | M] () -- C:\WINDOWS\System32\ASUS-T100T_さん_HistoryPrediction.bin
[2015/12/20 20:04:06 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/12/20 20:04:04 | 810,827,776 | -HS- | M] () -- C:\hiberfil.sys
[2015/12/20 19:39:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/17 22:12:58 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2015/12/15 19:32:28 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/14 22:50:53 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/12/14 22:30:03 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/12/14 22:04:18 | 000,180,269 | ---- | M] () -- C:\Users\さん\Desktop\bookmarks-2015-12-14.json
[2015/12/12 22:57:05 | 000,399,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2015/12/11 21:52:19 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/01 14:02:29 | 003,580,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2015/12/01 13:59:46 | 005,455,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/01 09:32:22 | 000,826,872 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015/12/01 09:32:22 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/11/25 14:11:12 | 000,133,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/11/25 13:28:47 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/11/25 13:28:41 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/11/25 13:28:36 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/11/25 13:28:32 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/11/25 13:28:31 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/11/25 13:18:28 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/11/25 13:17:23 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/11/25 13:17:13 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2015/11/25 13:16:55 | 001,442,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2015/11/25 13:16:25 | 000,786,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2015/11/25 13:13:23 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2015/11/25 13:13:03 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3mm.dll
[2015/11/25 13:12:52 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2015/11/25 13:12:50 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMM.dll
[2015/11/25 13:11:39 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ninput.dll
[2015/11/25 13:10:48 | 018,801,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2015/11/25 13:08:14 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdownux.dll
[2015/11/25 13:07:42 | 001,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2015/11/25 13:07:05 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\profext.dll
[2015/11/25 13:04:46 | 002,987,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2015/11/25 13:04:42 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2015/11/25 13:04:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZEL.DLL
[2015/11/25 13:04:33 | 001,467,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2015/11/25 13:04:27 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeoqw.dll
[2015/11/25 13:04:24 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZE.DLL
[2015/11/25 13:04:21 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZST.DLL
[2015/11/25 13:04:18 | 001,134,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2015/11/25 13:01:47 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2015/11/25 13:01:44 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/12/20 20:04:23 | 000,016,148 | ---- | C] () -- C:\WINDOWS\System32\ASUS-T100T_さん_HistoryPrediction.bin
[2015/12/14 22:48:20 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/12/14 22:30:03 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/12/14 22:04:17 | 000,180,269 | ---- | C] () -- C:\Users\さん\Desktop\bookmarks-2015-12-14.json
[2015/12/11 21:52:19 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/12/11 20:57:56 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2015/10/01 12:18:21 | 001,766,952 | ---- | C] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[2015/09/15 22:19:59 | 000,053,352 | ---- | C] () -- C:\WINDOWS\System32\ASGCoInstaller_x86.dll
[2015/09/15 22:06:56 | 000,021,780 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2015/09/15 21:35:54 | 000,301,056 | ---- | C] () -- C:\WINDOWS\System32\diagtrack_wininternal.dll
[2015/09/15 21:35:33 | 001,823,232 | ---- | C]
  • ピーチ
  • 2015/12/20 (Sun) 20:46:52
返信フォームへ 
またOTLでRun fixを
作業と報告、ご苦労様です。

>フォルダ削除ですが、予想通り「admin権限。。。」が出て途中で止まりますので、キャンセルしました。
>あ、一応、adminでログインしての話です。

はい、ではそこは今は置いときましょう。

再度のOTLスキャンログも見せてもらいました。
やはりというかMPC関連が見つかってます。
またOTLからそれを処置にかかりましょう。

先の要領でセーフモードでまたOTLを起動して、以下のスクリプトを使って「Run fix」してから、そのあとに処置後のOTLログを貼り付けて、作業後の状態報告とともにレスをお願いします。
------------------------------------------
:OTL
DRV - [2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MPCBase.sys -- (MPCBase)
DRV - [2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) [File_System | System | Running] -- C:\Windows\System32\drivers\MPCKpt.sys -- (MPCKpt)
[2015/12/11 20:12:49 | 000,049,384 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:48 | 000,028,648 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\MPC Cleaner
[2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys

:Files
C:\Windows\System32\drivers\MPCBase.sys
C:\Windows\System32\drivers\MPCKpt.sys
C:\Program Files\MPC Cleaner

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2015/12/20 (Sun) 22:13:16
返信フォームへ 
RunFix後ログ
All processes killed
========== OTL ==========
Service MPCBase stopped successfully!
Service MPCBase deleted successfully!
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
Error: Unable to stop service MPCKpt!
Unable to delete service\driver key MPCKpt.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
========== FILES ==========
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: さん
->Temp folder emptied: 17925 bytes
->Temporary Internet Files folder emptied: 1078338 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 369123951 bytes
->Flash cache emptied: 3654 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9092 bytes
RecycleBin emptied: 327140 bytes

Total Files Cleaned = 353.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 12202015_223947

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\MPCBase.sys scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\MPCKpt.sys scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP\Upgrade scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\TEMP scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Uninstall scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Tray scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\CrashReport scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin\Cleaner scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\F246D4A0F8B844D1B6713506552D29591 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb\E9A82F4B1B6D4E87A60A4976874F7AFF1 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\ntkrpamp.pdb scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Microsoft.VC90.CRT scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SoIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SgIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image\SearchIcon scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Image scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Exe scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config\DB scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner\Config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\MPC Cleaner scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • ピーチ
  • 2015/12/20 (Sun) 23:31:50
返信フォームへ 
RunFix後ログ2
OTL logfile created on: 2015/12/20 22:58:37 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\さん\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.89 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 54.03% Memory free
2.64 Gb Paging File | 1.63 Gb Available in Paging File | 61.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.15 Gb Total Space | 24.33 Gb Free Space | 49.51% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 406.08 Gb Free Space | 87.19% Space Free | Partition Type: NTFS

Computer Name: ASUS-T100T | User Name: さん | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/12/19 20:13:42 | 000,167,392 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCTray.exe
PRC - [2015/12/19 20:13:32 | 000,349,152 | ---- | M] (DotCash Limited) -- C:\Program Files\MPC Cleaner\MPCProtectService.exe
PRC - [2015/12/15 22:16:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\さん\Downloads\OTL.exe
PRC - [2015/12/14 20:26:50 | 000,551,112 | ---- | M] (Microsoft Corporation) -- C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015/12/07 17:59:24 | 017,456,664 | ---- | M] (LINE Corporation) -- C:\Program Files\LINE\LINE.exe
PRC - [2015/12/04 12:02:28 | 000,684,544 | ---- | M] (LINE Corp) -- C:\Program Files\LINE\LinePlayer\LinePlayer.exe
PRC - [2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015/11/25 14:01:01 | 004,793,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2015/11/17 01:54:02 | 006,602,152 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/09/17 15:28:29 | 000,441,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
PRC - [2015/09/17 15:20:38 | 001,235,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
PRC - [2015/08/27 10:30:00 | 000,363,504 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
PRC - [2015/08/27 10:29:38 | 000,304,112 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
PRC - [2015/08/27 10:29:16 | 000,177,136 | ---- | M] (AsusTek) -- C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
PRC - [2015/07/30 22:41:56 | 000,425,376 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxEM.exe
PRC - [2015/07/30 22:41:56 | 000,283,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxCUIService.exe
PRC - [2015/07/30 22:41:56 | 000,219,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxHK.exe
PRC - [2015/07/10 17:24:54 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sihost.exe
PRC - [2015/07/10 17:24:50 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/07/10 17:24:42 | 000,066,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2015/07/10 17:24:41 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2015/07/10 17:24:35 | 000,071,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostw.exe
PRC - [2015/04/26 20:42:02 | 000,110,160 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2014/10/01 14:40:14 | 005,088,456 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2014/01/22 07:04:04 | 000,081,360 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
PRC - [2014/01/22 07:04:02 | 000,096,720 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyCriticalService.exe
PRC - [2014/01/22 07:04:02 | 000,090,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfPolicyLpmService.exe
PRC - [2014/01/22 07:04:02 | 000,083,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DptfParticipantProcessorService.exe
PRC - [2013/10/30 14:23:28 | 002,904,064 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
PRC - [2013/09/23 15:59:24 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/09/09 11:36:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/09/09 10:05:10 | 000,103,224 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
PRC - [2013/09/09 10:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2013/08/25 03:21:46 | 000,168,216 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
PRC - [2013/07/01 20:00:54 | 000,586,752 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
PRC - [2013/05/30 14:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/01/09 17:11:08 | 000,144,512 | ---- | M] (ASUSTek Computer INC.) -- C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
PRC - [2012/10/17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
PRC - [2012/10/17 04:05:10 | 000,673,384 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/09/28 13:58:18 | 001,791,784 | ---- | M] (Buffalo) -- C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/12/07 17:59:38 | 003,379,224 | ---- | M] () -- C:\Program Files\LINE\ampkit_windows.dll
MOD - [2015/11/26 16:48:04 | 000,868,864 | ---- | M] () -- C:\Program Files\LINE\LinePlayer\LPEngine.dll
MOD - [2015/11/26 16:48:04 | 000,117,248 | ---- | M] () -- C:\Program Files\LINE\PlayerHelper.dll
MOD - [2015/11/25 13:01:51 | 004,317,696 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
MOD - [2015/11/25 12:59:12 | 001,183,232 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
MOD - [2015/11/25 12:58:42 | 000,377,856 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
MOD - [2015/11/17 01:55:44 | 000,030,720 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/09/17 15:27:29 | 001,766,952 | ---- | M] () -- C:\Windows\System32\CoreUIComponents.dll
MOD - [2015/09/17 14:26:12 | 001,425,920 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
MOD - [2015/09/15 21:35:33 | 000,025,088 | ---- | M] () -- C:\Windows\System32\LicenseManagerApi.dll
MOD - [2015/07/10 17:25:00 | 000,156,672 | ---- | M] () -- C:\Windows\System32\MTF.dll
MOD - [2015/07/10 17:24:27 | 000,288,768 | ---- | M] () -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/12/19 20:45:47 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/12/19 20:13:32 | 000,349,152 | ---- | M] (DotCash Limited) [Auto | Running] -- C:\Program Files\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
SRV - [2015/12/10 20:39:16 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/25 13:07:42 | 001,918,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2015/11/05 12:32:33 | 000,738,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV - [2015/11/05 12:30:07 | 000,546,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\usermgr.dll -- (UserManager)
SRV - [2015/11/05 12:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/11/05 12:24:39 | 000,115,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dssvc.dll -- (DsSvc)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/09/25 11:34:48 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV - [2015/09/25 11:34:07 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV - [2015/09/25 11:34:00 | 000,928,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV - [2015/09/17 15:26:35 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/09/17 14:48:20 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV - [2015/09/17 14:45:35 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/09/17 14:42:00 | 000,388,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV - [2015/09/17 14:36:54 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2015/09/17 14:32:20 | 001,543,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2015/09/17 14:31:28 | 000,389,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV - [2015/09/17 14:28:20 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2015/09/17 14:27:58 | 001,380,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2015/09/17 14:27:28 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2015/09/15 21:35:59 | 000,239,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2015/09/15 21:35:58 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV - [2015/09/15 21:35:54 | 000,669,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV - [2015/09/15 21:35:34 | 000,872,448 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dosvc.dll -- (DoSvc)
SRV - [2015/09/15 21:35:34 | 000,251,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2015/09/15 21:35:34 | 000,236,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\usocore.dll -- (UsoSvc)
SRV - [2015/09/15 21:35:33 | 001,183,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/09/15 21:35:33 | 000,520,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV - [2015/09/15 21:35:33 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SensorService.dll -- (SensorService)
SRV - [2015/07/30 22:41:56 | 000,290,208 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/07/30 22:41:56 | 000,283,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV - [2015/07/10 23:00:01 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2015/07/10 17:25:49 | 000,473,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2015/07/10 17:25:49 | 000,430,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WalletService.dll -- (WalletService)
SRV - [2015/07/10 17:25:49 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2015/07/10 17:25:15 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2015/07/10 17:25:15 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2015/07/10 17:25:10 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/10 17:25:07 | 000,636,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2015/07/10 17:25:05 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2015/07/10 17:24:54 | 000,293,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2015/07/10 17:24:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpnservice.dll -- (WpnService)
SRV - [2015/07/10 17:24:54 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV - [2015/07/10 17:24:54 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV - [2015/07/10 17:24:54 | 000,016,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV - [2015/07/10 17:24:52 | 000,807,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV - [2015/07/10 17:24:52 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV - [2015/07/10 17:24:52 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV - [2015/07/10 17:24:52 | 000,048,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\moshost.dll -- (MapsBroker)
SRV - [2015/07/10 17:24:52 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV - [2015/07/10 17:24:50 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV - [2015/07/10 17:24:50 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV - [2015/07/10 17:24:48 | 002,903,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2015/07/10 17:24:46 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2015/07/10 17:24:45 | 000,520,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV - [2015/07/10 17:24:45 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2015/07/10 17:24:45 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2015/07/10 17:24:43 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2015/07/10 17:24:42 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2015/07/10 17:24:42 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV - [2015/07/10 17:24:41 | 000,322,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2015/07/10 17:24:39 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2015/07/10 17:24:38 | 000,229,376 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV - [2015/07/10 17:24:38 | 000,152,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV - [2015/07/10 17:24:38 | 000,104,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2015/07/10 17:24:38 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2015/07/10 17:24:36 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV - [2015/07/10 17:24:35 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV - [2015/07/10 17:24:33 | 000,401,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV - [2015/07/10 17:24:32 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2015/07/10 17:24:29 | 000,277,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2015/07/10 17:24:29 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2015/07/10 17:24:29 | 000,023,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2015/07/10 17:24:28 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2015/07/10 17:24:19 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV - [2014/10/29 12:06:52 | 002,472,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2014/03/03 10:20:44 | 001,677,016 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
SRV - [2014/01/22 07:04:02 | 000,096,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV - [2014/01/22 07:04:02 | 000,090,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV - [2014/01/22 07:04:02 | 000,083,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV - [2013/09/09 10:05:10 | 000,103,224 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe -- (AsHidService)
SRV - [2013/09/09 10:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2013/08/25 03:21:46 | 000,168,216 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/07/01 20:01:08 | 000,637,912 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV - [2013/07/01 20:00:54 | 000,586,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wfpcapture.sys -- (wfpcapture)
DRV - [2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MPCBase.sys -- (MPCBase)
DRV - [2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) [File_System | System | Running] -- C:\Windows\System32\drivers\MPCKpt.sys -- (MPCKpt)
DRV - [2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV - [2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2015/10/05 09:50:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/10/05 09:50:04 | 000,023,256 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/09/17 15:28:39 | 000,083,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV - [2015/09/17 14:34:20 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV - [2015/09/15 21:35:58 | 000,042,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2015/09/15 21:35:35 | 000,488,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV - [2015/09/15 21:35:34 | 000,054,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\dam.sys -- (dam)
DRV - [2015/09/15 21:35:33 | 000,284,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2015/09/15 21:35:33 | 000,173,408 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2015/09/15 21:35:33 | 000,066,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV - [2015/09/15 21:35:33 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2015/09/15 21:35:33 | 000,036,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2015/09/15 21:35:33 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV - [2015/09/14 00:09:32 | 000,025,016 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2015/08/27 10:29:34 | 000,116,032 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsusSGDrv.sys -- (AsusSGDrv)
DRV - [2015/07/10 23:00:05 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2015/07/10 23:00:03 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2015/07/10 17:25:56 | 000,024,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2015/07/10 17:25:00 | 000,276,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV - [2015/07/10 17:25:00 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV - [2015/07/10 17:24:56 | 000,086,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV - [2015/07/10 17:24:56 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV - [2015/07/10 17:24:55 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2015/07/10 17:24:55 | 000,052,736 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV - [2015/07/10 17:24:55 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV - [2015/07/10 17:24:55 | 000,023,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ioqos.sys -- (IoQos)
DRV - [2015/07/10 17:24:54 | 000,087,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2015/07/10 17:24:50 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mmcss.sys -- (MMCSS)
DRV - [2015/07/10 17:24:45 | 000,033,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2015/07/10 17:24:43 | 000,190,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV - [2015/07/10 17:24:43 | 000,127,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2015/07/10 17:24:43 | 000,121,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV - [2015/07/10 17:24:43 | 000,076,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2015/07/10 17:24:43 | 000,060,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV - [2015/07/10 17:24:43 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV - [2015/07/10 17:24:43 | 000,042,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV - [2015/07/10 17:24:43 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2015/07/10 17:24:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2015/07/10 17:24:33 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2015/07/10 17:24:32 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV - [2015/07/10 17:24:32 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV - [2015/07/10 17:24:31 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2015/07/10 17:24:29 | 000,245,600 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV - [2015/07/10 17:24:29 | 000,097,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2015/07/10 17:24:29 | 000,037,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV - [2015/07/10 17:24:28 | 000,173,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV - [2015/07/10 17:24:28 | 000,093,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV - [2015/07/10 17:24:28 | 000,074,240 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV - [2015/07/10 17:24:28 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2015/07/10 17:24:28 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV - [2015/07/10 17:24:28 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV - [2015/07/10 17:24:24 | 000,025,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV - [2015/07/10 17:24:24 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV - [2015/07/10 17:24:24 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2015/07/10 17:24:24 | 000,015,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV - [2015/07/10 17:24:23 | 000,410,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV - [2015/07/10 17:24:23 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2015/07/10 17:24:23 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV - [2015/07/10 17:24:23 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV - [2015/07/10 17:24:23 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV - [2015/07/10 17:24:23 | 000,059,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uaspstor.sys -- (UASPStor)
DRV - [2015/07/10 17:24:23 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV - [2015/07/10 17:24:23 | 000,051,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV - [2015/07/10 17:24:23 | 000,051,040 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV - [2015/07/10 17:24:23 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2015/07/10 17:24:23 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storufs.sys -- (storufs)
DRV - [2015/07/10 17:24:23 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV - [2015/07/10 17:24:23 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uefi.sys -- (UEFI)
DRV - [2015/07/10 17:24:23 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\swenum.inf_x86_b6707c73599dd1b6\swenum.sys -- (swenum)
DRV - [2015/07/10 17:24:22 | 001,038,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV - [2015/07/10 17:24:22 | 000,524,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2015/07/10 17:24:22 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV - [2015/07/10 17:24:22 | 000,171,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2015/07/10 17:24:22 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV - [2015/07/10 17:24:22 | 000,088,928 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV - [2015/07/10 17:24:22 | 000,085,856 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV - [2015/07/10 17:24:22 | 000,083,296 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV - [2015/07/10 17:24:22 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2015/07/10 17:24:22 | 000,037,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV - [2015/07/10 17:24:22 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kdnic.sys -- (kdnic)
DRV - [2015/07/10 17:24:22 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV - [2015/07/10 17:24:22 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV - [2015/07/10 17:24:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV - [2015/07/10 17:24:21 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2015/07/10 17:24:19 | 000,193,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV - [2015/07/10 17:24:19 | 000,101,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2015/07/10 17:24:19 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2015/07/10 17:24:19 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netvsc.sys -- (netvsc)
DRV - [2015/07/10 17:24:19 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV - [2015/07/10 17:24:19 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2015/07/10 17:24:19 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2015/07/10 17:24:19 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2015/07/10 17:24:19 | 000,038,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelpep.sys -- (intelpep)
DRV - [2015/07/10 17:24:19 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV - [2015/07/10 17:24:19 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2015/07/10 17:24:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_a4832450a7024d49\CompositeBus.sys -- (CompositeBus)
DRV - [2015/07/10 17:24:19 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2015/07/10 17:24:19 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2015/07/10 17:24:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fcvsc.sys -- (fcvsc)
DRV - [2015/07/10 17:24:19 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthMini.SYS -- (BthMini)
DRV - [2015/07/10 17:24:19 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2015/07/10 17:24:19 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2015/07/10 17:24:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2015/07/10 17:24:19 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2015/07/10 17:24:19 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV - [2015/07/10 17:24:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2015/07/08 02:27:58 | 000,025,040 | ---- | M] (Capella Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPLMACPI.sys -- (CPLMACPI)
DRV - [2015/06/27 05:46:16 | 000,044,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV - [2015/06/27 05:46:16 | 000,035,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iwdbus.sys -- (iwdbus)
DRV - [2015/06/25 19:14:57 | 000,304,344 | ---- | M] (Broadcom Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmdhd63.sys -- (BCMSDH43XX)
DRV - [2015/06/25 19:14:57 | 000,016,088 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2015/05/21 00:04:02 | 000,263,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtii2sac.sys -- (rtii2sac)
DRV - [2015/05/13 05:44:24 | 000,017,416 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AsHIDSwitch.sys -- (HIDSwitch)
DRV - [2015/04/09 10:37:54 | 000,139,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BtwSerialBus.sys -- (BtwSerialBus)
DRV - [2014/09/22 07:20:06 | 000,191,928 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2014/09/22 07:20:06 | 000,190,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\edevmon.sys -- (edevmon)
DRV - [2014/09/22 07:20:06 | 000,176,448 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2014/09/22 07:20:06 | 000,135,296 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2014/09/22 07:20:06 | 000,051,288 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2014/09/22 07:20:06 | 000,037,928 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2014/02/26 16:42:48 | 000,075,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TXEI.sys -- (TXEI)
DRV - [2014/01/22 07:04:02 | 000,181,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfManager.sys -- (DptfManager)
DRV - [2014/01/22 07:04:00 | 000,080,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV - [2014/01/22 07:04:00 | 000,044,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DptfDevAmbient.sys -- (DptfDevAmbient)
DRV - [2014/01/22 07:04:00 | 000,036,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevGen.sys -- (DptfDevGen)
DRV - [2014/01/22 07:04:00 | 000,028,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevDisplay.sys -- (DptfDevDisplay)
DRV - [2014/01/22 07:04:00 | 000,025,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DptfDevPower.sys -- (DptfDevDBPT)
DRV - [2013/12/30 21:27:46 | 000,254,464 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\isstrtc.sys -- (IntelSST)
DRV - [2013/12/30 21:27:46 | 000,087,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiouart.sys -- (iaiouart)
DRV - [2013/12/30 21:27:46 | 000,048,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PMIC.sys -- (PMIC)
DRV - [2013/12/30 21:27:46 | 000,023,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpioe.sys -- (GPIO)
DRV - [2013/12/30 21:27:46 | 000,021,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MBI.sys -- (MBI)
DRV - [2013/12/30 21:27:46 | 000,016,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaiogpiovirtual.sys -- (GpioVirtual)
DRV - [2013/12/12 14:07:14 | 000,064,792 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AsusHID.sys -- (AsusHID)
DRV - [2013/12/02 19:42:42 | 000,345,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camera.sys -- (camera)
DRV - [2013/12/02 19:42:42 | 000,038,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mt9m114.sys -- (MT9M114)
DRV - [2013/11/15 10:19:20 | 000,058,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaioi2ce.sys -- (iaioi2c)
DRV - [2013/08/09 11:31:54 | 000,505,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013/07/02 16:45:50 | 000,017,720 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2015/04/26 20:42:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2015/05/04 18:18:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Extensions
[2015/12/14 22:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\さん\AppData\Roaming\mozilla\Firefox\Profiles\g3ubdbvo.default\extensions
[2015/12/19 20:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/12/19 20:45:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2015/12/20 22:41:34 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [BSMOW07] C:\Program Files\BUFFALO\BSMOW07\PanelEx.exe (Buffalo)
O4 - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [RtkNGUI] C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [OneDrive] C:\Users\さん\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8 - Extra context menu item: RF ツールバー表示 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: RF フォーム記入 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: RF フォーム保存 - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: RF メニューカスタマイズ - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O9 - Extra Button: フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム記入 - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: 保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF フォーム保存 - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF ツールバー表示 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c836c8dc-713c-44b9-9fe3-f6f201d65504}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d6ac41ee-4466-4acc-8c44-d8b1fe62318d}: DhcpNameServer = 169.254.125.80
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 17:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/12/19 20:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/12/17 22:11:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/12/14 23:00:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/12/14 22:51:27 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/14 22:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/12/14 22:50:43 | 000,094,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2015/12/14 22:50:43 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mwac.sys
[2015/12/14 22:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/12/14 22:48:41 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Malwarebytes
[2015/12/14 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/12/14 22:48:14 | 000,023,256 | ---- | C] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbam.sys
[2015/12/14 22:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2015/12/12 21:14:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2015/12/11 21:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/12/11 21:06:37 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Roaming\Geek Uninstaller
[2015/12/11 20:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[2015/12/11 20:12:49 | 000,049,384 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/11 20:12:48 | 000,028,648 | ---- | C] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/11 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\MPC Cleaner
[2015/12/11 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\さん\AppData\Local\Programs
[2015/12/09 20:07:53 | 018,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2015/12/09 20:07:47 | 001,467,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2015/12/09 20:07:45 | 001,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2015/12/09 20:07:45 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
[2015/12/09 20:07:45 | 001,442,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2015/12/09 20:07:40 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/12/09 20:07:39 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Magnify.exe
[2015/12/09 20:07:38 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/12/09 20:07:34 | 005,455,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/09 20:07:32 | 002,987,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2015/12/09 20:07:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ninput.dll
[2015/12/09 20:07:30 | 004,047,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/12/09 20:07:30 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2015/12/09 20:07:27 | 002,153,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2015/12/09 20:07:26 | 001,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2015/12/09 20:07:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2015/12/09 20:07:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/12/09 20:07:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/12/09 20:07:23 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/12/09 20:07:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3mm.dll
[2015/12/09 20:07:23 | 000,133,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/12/09 20:07:22 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/12/09 20:07:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/12/09 20:07:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMM.dll
[2015/12/09 20:07:20 | 000,414,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/12/09 20:07:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2015/12/09 20:07:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psmsrv.dll
[2015/12/09 20:07:19 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdownux.dll
[2015/12/09 20:07:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeoqw.dll
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZST.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZEL.DLL
[2015/12/09 20:07:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAZE.DLL
[2015/12/09 20:07:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profext.dll
[2015/12/09 20:07:12 | 003,580,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/12/20 22:58:29 | 000,732,880 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2015/12/20 22:58:29 | 000,515,934 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2015/12/20 22:58:29 | 000,139,084 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2015/12/20 22:58:29 | 000,139,012 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015/12/20 22:55:30 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/12/20 22:53:53 | 000,016,148 | ---- | M] () -- C:\WINDOWS\System32\ASUS-T100T_さん_HistoryPrediction.bin
[2015/12/20 22:53:27 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/12/20 22:53:25 | 810,827,776 | -HS- | M] () -- C:\hiberfil.sys
[2015/12/20 22:41:34 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2015/12/20 22:38:24 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2015/12/20 21:39:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/12/19 20:15:18 | 000,028,648 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCBase.sys
[2015/12/15 19:32:28 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/12/14 22:50:53 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/12/14 22:30:03 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/12/14 22:04:18 | 000,180,269 | ---- | M] () -- C:\Users\さん\Desktop\bookmarks-2015-12-14.json
[2015/12/12 22:57:05 | 000,399,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2015/12/11 21:52:19 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/12/11 20:12:39 | 000,049,384 | ---- | M] (DotCash) -- C:\WINDOWS\System32\drivers\MPCKpt.sys
[2015/12/01 14:14:02 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gpuenergydrv.sys
[2015/12/01 14:02:29 | 003,580,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2015/12/01 13:59:46 | 005,455,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2015/12/01 09:32:22 | 000,826,872 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015/12/01 09:32:22 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2015/11/25 14:12:23 | 004,047,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015/11/25 14:11:12 | 000,133,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\NetworkUXBroker.exe
[2015/11/25 14:08:53 | 000,414,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2015/11/25 13:28:47 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WlanMediaManager.dll
[2015/11/25 13:28:41 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MBMediaManager.dll
[2015/11/25 13:28:36 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\RasMediaManager.dll
[2015/11/25 13:28:32 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\EthernetMediaManager.dll
[2015/11/25 13:28:31 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DAMediaManager.dll
[2015/11/25 13:18:28 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Globalization.dll
[2015/11/25 13:17:23 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SRH.dll
[2015/11/25 13:17:13 | 000,015,872 | ---- | M] (Mi
  • ピーチ
  • 2015/12/20 (Sun) 23:33:07
返信フォームへ 
RunFix後状況
お疲れ様です。

状況変化は特にありません。
デスクトップに「desktop.ini」が2個と、「Thumbs.db」が表示されて、常駐の「MPCclener」が右下に表示されています。
  • ピーチ
  • 2015/12/20 (Sun) 23:37:25
返信フォームへ 
desktop.iniとThumbs.dbはシステムファイルです
desktop.ini と Thumbs.db はWindowsが作ったシステムファイルで、隠しファイルを表示するとどのパソコンでも見えるものです。
エクスプローラーで「表示」をクリックしてリボンを開き、隠しファイルのチェックを外せば見えなくなります。

desktop.iniは、ソフトがデスクトップを呼び出すときのショートカットになったり、アイコンの設定などが保存されています。
Thumbs.dbは、画像などを保存した時に縮小版表示(サムネイル表示)するために作られます。

ごくまれに、マルウェアがこれらを悪用する場合が有りますが、悪質なものなら処置中に消えるはずですから、
基本的には気にしなくて大丈夫です。
  • MSQuad
  • 2015/12/21 (Mon) 02:29:03
返信フォームへ 
HPで解析しましょう
作業と報告、ご苦労様です。

MSQuadさん、またフォローありがとうございます。

>状況変化は特にありません。
>デスクトップに「desktop.ini」が2個と、「Thumbs.db」が表示されて、常駐の「MPCclener」が右下に表示されています。

やはりそうですか。
他の方の事例でもMPCは処置したそばから復活を繰り返すようです。
現状かなり巧妙で厄介なモノと見るしかないでしょう。

では今度は別のツールで別角度から解析してみます。

以下のアプリを用意してください。
「HerdProtect」(通称:HP)
説明サイト様↓
http://www.gigafree.net/security/antivirus/herdProtect.html
ダウンロード↓
http://www.herdprotect.com/installers/herdProtectScan_Setup.exe
ファイル直リンです。保存しておいてください。

準備できたら説明ページの手順に沿ってHPを起動してください。

起動したら「scan」で開始です。

しばらく待ってスキャン終了したら、「Save result」を押してそのログを表示させてから、それをデスクトップに保存してください。

保存したらHPは終了してください。
ここでは検出されたものは一切いじらないように。

このあとHPのログを返信で見せてください。
  • 悪代官
  • 2015/12/21 (Mon) 20:59:47
返信フォームへ 
HPログ
毎度お世話になっております。

MSQuad様
ご教授ありがとうございます。
隠しファイルのチェックを変えていないのに、表示されたり表示されなかったりで、不思議なんですよね。
このログ取り以降は、常に隠しファイルチェックしてるハズなんですが・・・。
まぁ、Thumbs.dbについては、過去に自分で調べた時にも、影響ないものという認識なので気にはしていなかったんですが。

悪代官様
Saved date: 2015/12/21 21:53:45
Files detected: 51
Files scanned: 7,015
Processes scanned: 76
Modules scanned: 866
ASEPs scanned: 551
Downloads scanned: 0
Deep analysis: 12/2
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\gom.exe
Publisher: Gretech Corp.
Signer: GRETECH
MD5: cde4b707b66a9fc0496ac7b9b7b4a819
SHA-1: 3be926c26a4d928e39f7761777aaa4afb6d3b07d
Created: 2015/07/29 10:19:20
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAdware (Adware)

---------------------------------------------------------------------------------

File path: c:\users\さん\downloads\adwcleaner.exe
Publisher:
MD5: 1d749fc1137c46737f14edd47219fda3
SHA-1: fd75f0d79d772ae4c86d1bf281c9db9f06a52c93
Created: 2015/12/14 22:41:31
Detections: 2
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAtITA (Undefined)
- Qihoo 360 Security as HEUR/QVM11.1.Malware.Gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\さん\downloads\hijackthis.exe
Publisher: Trend Micro Inc.
MD5: 47811d50390a86a17102d7496e6eabb9
SHA-1: 2623749cdb27887f6746acdee7e8065475f8b541
Created: 2015/12/11 22:00:00
Detections: 2
Determination: Ignore detections (false positive)
- Kingsoft AntiVirus as Win32.HeurC.KVM099.a.(kcloud) (Undefined)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\さん\downloads\otl.exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2015/12/15 22:16:24
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\さん\downloads\boot-ts\boot-ts\adb.exe
Publisher:
MD5: 6f6ed8f670668c72f0a3d1641d405a3d
SHA-1: da4e35bc73468db38c7d68bafcfff447e658eb9e
Created: 2015/08/29 16:47:01
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Generic (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\intelsocyuvcopy.dll
Publisher: Intel Corporation
MD5: f6369036e1718fa3a604701f77043500
SHA-1: d1d5c6646fe2ba4a21599ff8315224bd973b634f
Created: 2013/12/02 19:42:42
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\windows\system32\libjpegencoder.dll
Publisher: Intel Corporation
MD5: 4fbf585c7e7f44a7c0a265314a7a4d69
SHA-1: c0c4db221b8fdf2c9ba2f31fb8545d542944471d
Created: 2013/12/02 19:42:42
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\windows\system32\wwanconn.dll
Publisher: Microsoft Corporation
MD5: 344b889f64490193a7e1bba09016da09
SHA-1: deb2a4b8a92cf47a21678495395849947c3d0e9d
Created: 2015/10/01 12:17:58
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.RDM.43!5.31[F1] (Undefined)

---------------------------------------------------------------------------------

File path: c:\Users\さん\AppData\Roaming\fenrir inc\sleipnir5\~temp\plugins\dock\headlinearticledock.fx
Publisher:
MD5: 6236685aaf0b58d9f31c22b6e69234c7
SHA-1: a0ea6e3aa66e3c98642535ad4460db8f6578e244
Created: 2015/04/26 21:01:02
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Packed.Win32.Obfuscated.10!O

---------------------------------------------------------------------------------

File path: c:\Users\さん\AppData\Roaming\fenrir inc\sleipnir5\~temp\plugins\dock\headlinetooldock.fx
Publisher:
MD5: 5c580b9ba5afce8df5ba8ae7a5b8fd20
SHA-1: 1cc8a0852b4b05573e2384999cbebc2b4a5835f3
Created: 2015/04/26 21:01:02
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Packed.Win32.Obfuscated.10!O

---------------------------------------------------------------------------------

File path: c:\Users\さん\AppData\Roaming\fenrir inc\sleipnir5\~temp\plugins\panel\headlinefeedpanel.fx
Publisher:
MD5: e03b6ab9d39cafe92edce010870b4267
SHA-1: da1a6965e2fd217fdf16d61b7031a9ffc3026b68
Created: 2015/04/26 21:01:03
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Packed.Win32.Obfuscated.10!O

---------------------------------------------------------------------------------

File path: c:\users\さん\appdata\roaming\gretech\gomplayer\grlauncher.exe
Publisher:
Signer: GRETECH
MD5: 4325e8469b1aaf8a7dcccaa8acdfb766
SHA-1: 976a1aade820d2a3423d3aec73eb254a602ff020
Created: 2015/09/19 22:42:15
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.K (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\avidemux 2.6 - 32 bits\libadm_uiqt56.dll
Publisher:
MD5: d14360b81ea0093d3b7d5764aaf08044
SHA-1: 6987be4e030aafb84193df4253c4d2b44c34adae
Created: 2015/05/16 16:16:40
Detections: 1
Determination: Inconclusive
- F-Secure as Gen:Variant.Adware.Kazy (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\avidemux 2.6 - 32 bits\libicuuc51.dll
Publisher:
MD5: b18d6e89d2b7ed60941a735333c4d999
SHA-1: 051efa94851f8292967fae463c2424bd566c3428
Created: 2015/03/14 17:29:36
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\avidemux 2.6 - 32 bits\libopencore-amrwb-0.dll
Publisher:
MD5: 50c021df114d11fe7755cef4d8962aa5
SHA-1: 1e45698c9a43dbb2b114bba8fa7f46b05a45394f
Created: 2015/05/16 16:17:34
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\avidemux 2.6 - 32 bits\plugins\muxers\libadm_mx_ffts.dll
Publisher:
MD5: 8d74310eb4c919a096f92e629009ad9e
SHA-1: 08f57fb4a32496d947ad70a308a6b8bfe76a8c2d
Created: 2015/05/16 16:17:06
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as ADWARE/Adware.Gen (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\avidemux 2.6 - 32 bits\plugins\videofilters\libadm_vf_gauss.dll
Publisher:
MD5: 499ef8bff64009094ff9261a256a6205
SHA-1: 6466550706d389efc1a57c5a64826739d0b82c66
Created: 2015/05/16 16:17:12
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\broadcom\broadcom 802.11 network adapter\driver\bcmwlanapi.dll
Publisher:
MD5: de0a3c5768a77a04ac6f905bac253199
SHA-1: 7c6f2c282722556f36cb94ff1873e34faa7533d3
Created: 2015/06/25 19:15:44
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\broadcom\broadcom 802.11 network adapter\driver\wapiutil.exe
Publisher:
MD5: 08058b748da8771d358a4e1fb7f4b7fd
SHA-1: 3ffc450023e42d056661115a2e666ecbc43b09e1
Created: 2015/06/25 19:15:45
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\buffalo\bsmow07\addinf.exe
Publisher:
Signer: DEXIN Corporation
MD5: bfa7c263bab16904f7d6af8b331828b0
SHA-1: 7baac814ba4fd05fd5355adc40eb833b1fe8846c
Created: 2015/05/10 10:06:33
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\buffalo\bsmow07\killprocess.exe
Publisher:
MD5: 29956945f03f83d5489c7d2f260d30c9
SHA-1: a2a346ec9b4c7ce450f4ae39f45804305780f3f5
Created: 2015/05/10 10:06:32
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\common files\adobe air\versions\1.0\resources\template.exe
Publisher:
MD5: 256615dd0f64773c7a9ff3eb19ae8c65
SHA-1: 0ba43501c09252b3a610d93f934507204f59f09e
Created: 2015/07/02 21:47:14
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as Win.Trojan.Slugin-287 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\dodge.dll
Publisher:
Signer: GRETECH
MD5: 8e5edfcb7c9cd94f71f531545a0350b2
SHA-1: 3b88658c7f8acc7555097e26e2db72b778e74b44
Created: 2014/01/31 12:12:28
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.F (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\gomweb3.dll
Publisher: Gretech Corp.
Signer: GRETECH
MD5: 01fc47255ecd30c8714659ded6f3a5eb
SHA-1: f32452057a2968b32a1a900a4e9a3f6af5d80e01
Created: 2014/01/31 12:12:24
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.H (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\grlauncher.exe
Publisher:
Signer: GRETECH
MD5: 4325e8469b1aaf8a7dcccaa8acdfb766
SHA-1: 976a1aade820d2a3423d3aec73eb254a602ff020
Created: 2014/10/02 14:32:32
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.K (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\killgom.exe
Publisher:
Signer: GRETECH
MD5: d1b0bab2b910640641b1fb04bb0e89e2
SHA-1: 9f2a08b1e8d4086a30e599e82db591fd51111c4c
Created: 2015/05/07 10:04:16
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.H (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\rtparser.exe
Publisher:
Signer: GRETECH
MD5: 41e08979d3353021ab19699563e6f398
SHA-1: 98450def7868b92e812db8f8c4404b2435963e5f
Created: 2014/01/27 15:28:58
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.I (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\shellregister.exe
Publisher:
Signer: GRETECH
MD5: 50710a5c0ea9a37b00b64712b265dacf
SHA-1: 41705974e175a29891dfef2e0b99c2c8f6270323
Created: 2015/05/07 10:04:14
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.N (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\srt2smi.exe
Publisher:
Signer: GRETECH
MD5: 6b25f5f7ed175f2f7081210fb4d6d698
SHA-1: 3d1eda8bdc0428c20532d3fe1e4e3f8cecbe886d
Created: 2014/01/31 12:12:16
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.H (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\gretech\gomplayer\vsutil.dll
Publisher: Gretech Corp.
Signer: GRETECH
MD5: d0af9939daf22e3eba094daedd7c87d0
SHA-1: ac92b643e950b29eb8935867af18959a60131252
Created: 2014/01/31 12:12:24
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.G (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\hp photo creations\uninst.exe
Publisher:
Signer: Visan Industries
MD5: 5a18957d6a3f95983149d6407136bcaf
SHA-1: 3f2247699064799ecdb2e7792bc62125f0f07755
Created: 2012/03/21 4:00:02
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as HV_ZYX_CA2255FC.TOMC (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\line\line.exe
Publisher: LINE Corporation
Signer: LINE Corporation
MD5: 0eb94e557f35f66b01f29caf594bdbff
SHA-1: 6a6c92974d80b9e8fd46a6970f5209dbf69103c9
Created: 2015/12/07 17:59:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\line\lineuninst.exe
Publisher:
Signer: LINE Corporation
MD5: aa56a1b672181af6e561a2b99ca63b33
SHA-1: e51730fcec126ca18cf5e969de4bab7acfb201c8
Created: 2015/12/07 17:59:16
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as BehavesLike.Win32.Suspicious.ch (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\9e2f88e3.twitter_4.3.3.0_x86__wgeqdkkx372wm\twitter.windows.exe
Publisher:
MD5: 526336fb49cdccdc9ea750156b33f5ba
SHA-1: 0742b2b3c7c806aad79915c359b6073ef832aba4
Created: 2015/12/18 20:13:02
Detections: 2
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen
- McAfee Web Gateway as BehavesLike.Win32.Ransom.lt (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\ad2f1837.hpprintercontrol_58.1.78.0_x86__v10z8vjag6ke6\pageliftwrc.winrt.dll
Publisher: Hewlett-Packard Development Company
MD5: 5376c7ebaa1db3fc65b49cfd81316bfb
SHA-1: 757f7ddfd08b5dfe4635703084dd57362d590fb6
Created: 2015/09/29 20:18:33
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\b9eced6f.asuswelcome_1.0.1.0_x86__qmba6cd70vzyy\asus welcome app.exe
Publisher:
MD5: 1e09709ec132da624c88bf4a7772f2fa
SHA-1: 9e0cbf9e8d155eb5ffd8f090d7f7fd53e7f0bf45
Created: 2015/09/15 22:26:10
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\f5080380.asusphotodirector_2.1.3706.2_x86__tfv7c950n6xcr\uicolormanagement.dll
Publisher:
MD5: a7b66a699920a0ae82928a0962b0d583
SHA-1: d2b195ea309f3303aa03a4a30ef14122af0d6a4e
Created: 2015/01/22 20:12:36
Detections: 1
Determination: Ignore detections (false positive)
- F-Secure as Riskware.Gen:Application.Heur.tv1@muOfIFaO (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\king.com.candycrushsaga_1.668.0.0_x86__kgqvnymyfvs32\candycrushsaga.exe
Publisher:
MD5: e542f777869ef499c1a2f032273844a3
SHA-1: b09b1c0cb93c7917f45d090817f541afddc40b59
Created: 2015/12/14 20:34:37
Detections: 1
Determination: Inconclusive
- F-Secure as Gen:Adware.BrowseFox.1 (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.3dbuilder_10.9.6.0_x86__8wekyb3d8bbwe\lib3mfuap.dll
Publisher:
MD5: 4a7f11a2ee1b8fa45c445fc65d433f3a
SHA-1: a43ac1e497bd06092f99def357a4a502193fe7d0
Created: 2015/09/16 19:51:33
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe\microsoft.msn.sports.dll
Publisher:
MD5: 5b253d3306e0fc2c3a3a92dc4c5e501e
SHA-1: 3613bbe99a7458d0275ff78cf725c9bf80aa19c4
Created: 2015/11/24 20:24:33
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen3

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.getstarted_2.5.6.0_x86__8wekyb3d8bbwe\whatsnew.store.exe
Publisher:
MD5: 69d8aa778025f7461bee6b137cc4a950
SHA-1: 2f9fbedfd5f1a5b6d871372bee0533aabe5d3441
Created: 2015/11/10 20:56:41
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windows.photos_15.1208.10480.0_x86__8wekyb3d8bbwe\microsoft.photos.exe
Publisher:
MD5: 76528350547d2af4b53faf75a04b13e6
SHA-1: 0c21faa55b03758e98991204373735957b0a6d57
Created: 2015/12/10 20:31:33
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowscamera_2015.1211.10.0_x86__8wekyb3d8bbwe\windowscamera.exe
Publisher: Microsoft Corporation
MD5: 50f590f6c3914f7d28fd1ded42935cf2
SHA-1: 95259a691e1396d0377c76e83436e4773d1f5459
Created: 2015/12/16 22:11:40
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Trojan/CDur.amb (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowsphone_10.1511.18010.0_x86__8wekyb3d8bbwe\companionapp.exe
Publisher:
MD5: 3b55fc272d44477fb0059a169a3e1144
SHA-1: 0af89dff40d32265ec26c7845ad4bef44081ab39
Created: 2015/11/20 19:51:29
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as TR/Crypt.XPACK.Gen

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowsphone_10.1511.18010.0_x86__8wekyb3d8bbwe\companionappdevicemanager.dll
Publisher:
MD5: fc05e27016522bc850e6498dcc5fdd56
SHA-1: ce20612b785161b6a6fb45e60eab4264c1219f86
Created: 2015/11/20 19:51:29
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowssoundrecorder_10.1511.17110.0_x86__8wekyb3d8bbwe\backgroundaudio.dll
Publisher:
MD5: 1c82be6fa02391ea9201ceaa12e0c407
SHA-1: 85e68002b5744089f235fe5b9a69c73a036b4568
Created: 2015/11/20 19:49:05
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowssoundrecorder_10.1511.17110.0_x86__8wekyb3d8bbwe\microsoft.people.controls.dll
Publisher:
MD5: 7777d4fa6ea38b460057fb03002aa6a4
SHA-1: 62e97ec9c77f86e080a58abaad6677e66cbbc581
Created: 2015/09/15 22:57:57
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.windowsstore_2015.25.5.0_x86__8wekyb3d8bbwe\winstore.entertainment.mobile.dll
Publisher:
MD5: c2bd1255067ffcefa535b448f1a13d76
SHA-1: 83b5bd3e57d6330726252b4677c3f372bda5d8d0
Created: 2015/12/17 21:58:13
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as ADWARE/Adware.Gen2 (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.xboxapp_11.12.9011.0_x86__8wekyb3d8bbwe\prndmediasource.dll
Publisher:
MD5: 0381d41f318a890ce6c6483ea368c152
SHA-1: d0c8c6e1a7659b9400d248662af671da5726df0e
Created: 2015/11/12 19:58:48
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\naver.linewin8_1.0.9.97_x86__8ptj331gd3tyt\databasemodule.dll
Publisher:
MD5: 6ccc6681aa78806558b84f39e309d14b
SHA-1: 622faccc2dca6498945de4f53de235ae08a47a7a
Created: 2014/10/22 21:05:36
Detections: 1
Determination: Ignore detections (false positive)
- Baidu Antivirus as Trojan.Win32.Avc (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\naver.linewin8_1.0.9.97_x86__8ptj331gd3tyt\emojistickermodule.dll
Publisher:
MD5: 37009f8150ba7ae88c331d2808c3087b
SHA-1: fdfd52fa874dda4fd25ecc591e781bb953b1a114
Created: 2014/10/22 21:05:36
Detections: 1
Determination: Ignore detections (false positive)
- Baidu Antivirus as Trojan.Win32.Avc (Undefined)

  • ピーチ
  • 2015/12/21 (Mon) 22:03:35
返信フォームへ 
HPでもダメでしたか
作業と報告、ご苦労様です。
HPログを見せてもらいましたが、これでも主因らしきものは見えないようです。

ここまで解析逃れも巧妙化しているとは、現時点では自分の限界を認めざるを得ません。
これ以上時間かけているとその間にも傷口広げてしまうおそれがあるので、残念ですが安全最優先で今回はリカバリ推奨の判断となります。

必要なデータのバックアップができたら速やかにリカバリ後、WindowsUpdateやセキュリティソフトを含む各種プログラムの更新も最新まで持っていってから、そこで再度HJTとCCの各タブとインストール情報ログを取り直して、それらをリカバリ後の状態報告とともにレスください。

ここまでお手間かけてもらったのに結局処置できずリカバリの判断となったのは自分の未熟ゆえで申し訳ありません。

リカバリの再被害を防ぐための自衛はしておいたほうがいいので、そこは引き続きレスさせていただきます
  • 悪代官
  • 2015/12/22 (Tue) 21:41:53
返信フォームへ 

返信フォーム※初心者、通りすがり等、重複しやすい名前の利用はご遠慮ください。
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック