悪代官の伏魔殿掲示板別館

[hijackthis]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:24:37, on 2017/11/01
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
CHROME: 61.0.3163.100
FIREFOX: 56.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON\MyEPSON Connect\mep.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Windows\vsnp2uvc.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe
C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe
C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\ryu\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\ryu\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\ypho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-C

-----------------------------------------------------------------------------------
[adwcleaner]
# AdwCleaner 7.0.4.0 - Logfile created on Tue Oct 31 23:04:32 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\Microsoft\UpdatingService
Deleted: C:\Program Files (x86)\DriverTuner
Deleted: C:\Users\ryu\AppData\Local\DriverTuner
Deleted: C:\Program Files (x86)\kikin
Deleted: C:\Users\ryu\AppData\Roaming\kikin
Deleted: C:\Users\ryu\AppData\Local\Temp\mt_ffx
Deleted: C:\Program Files (x86)\PicRec (x86)
Deleted: C:\Users\ryu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\日本hao123
Deleted: C:\Users\ryu\AppData\LocalLow\facemoods.com
Deleted: C:\ProgramData\Tarma Installer
Deleted: C:\ProgramData\Application Data\Tarma Installer
Deleted: C:\Users\All Users\Tarma Installer
Deleted: C:\Program Files\Common Files\PicRec
Deleted: C:\Users\ryu\AppData\Local\Temp\PodoWeb
Deleted: C:\Program Files (x86)\Ironsource


***** [ Files ] *****

Deleted: C:\\user.js


***** [ DLL ] *****

------------------------------------------------------------------------------------------
[cceaner]
@niftyでブロードバンド ニフティ株式会社 2010/11/12 1.00.000
Adobe AIR Adobe Systems Incorporated 2017/11/01 27.0.0.124
Adobe Creative Suite 2 2013/09/19
Adobe Reader XI (11.0.22) - Japanese Adobe Systems Incorporated 2017/09/03 205 MB 11.0.22
Adobe SVG Viewer 3.0 Adobe Systems, Inc. 2013/09/19 3.0
ALPS Touch Pad Driver ALPS ELECTRIC CO., LTD. 2010/11/12
Apple Application Support（32 ビット） Apple Inc. 2017/10/02 135 MB 6.0.2
Apple Application Support（64 ビット） Apple Inc. 2017/10/02 149 MB 6.0.2
Apple Mobile Device Support Apple Inc. 2017/10/02 27.8 MB 11.0.0.30
Apple Software Update Apple Inc. 2017/10/02 4.03 MB 2.4.8.1
ArcSoft PhotoStudio 5.5 ArcSoft 2011/12/23
Atheros Client Installation Program Atheros 2011/03/06 9.0
AVS Audio Editor version 7.0 Online Media Technologies Ltd. 2011/07/09
AVS Screen Capture version 2.0.1 Online Media Technologies Ltd. 2011/03/28
AVS Update Manager 1.0 Online Media Technologies Ltd. 2011/07/09
AVS Video Converter 7 Online Media Technologies Ltd. 2011/03/08
AVS Video Editor 5 Online Media Technologies Ltd. 2011/03/28
AVS Video Recorder 2.4 Online Media Technologies Ltd. 2011/03/28
AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 2011/07/09
AzbyClubガジェットプログラム FUJITSU LIMITED 2010/11/12 3.10
AzbyClubツールバー 2011/03/06
Bonjour Apple Inc. 2015/09/21 2.05 MB 3.1.0.1
CANON iMAGE GATEWAY 無料会員登録 MP960 2011/12/23
CCleaner Piriform 2017/11/01 5.36
Cisco EAP-FAST Module Cisco Systems, Inc. 2011/03/06 1.55 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 2011/03/06 644 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 2011/03/06 1.23 MB 1.1.6
CopyTrans Suite削除専用 WindSolutions 2012/02/06 2.34
DVD Decrypter (Remove Only) 2012/02/03
DVD Shrink 3.2 DVD Shrink 2012/02/03
Epson E-Photo SEIKO EPSON CORPORATION 2012/12/08 1.4.0.0
Epson E-Photo Plug-in for PMB(Picture Motion Browser) SEIKO EPSON CORPORATION 2012/12/08 1.00.0000
Epson E-Web Print SEIKO EPSON CORPORATION 2012/12/08 14.1 MB 1.14.0000
Epson Event Manager Seiko Epson Corporation 2012/12/08 42.4 MB 3.01.0005
EPSON PX-405A Series プリンター アンインストール SEIKO EPSON Corporation 2012/12/08
EPSON PX-405A Series ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ 2013/09/15
EPSON Scan Seiko Epson Corporation 2012/12/08
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2013/09/15 1.20.0000
EpsonNet Print SEIKO EPSON CORPORATION 2013/09/19 2.5.00
Explzh for Windows pon software 2016/05/27 7.3.2.0
e解説 Office 2010 教室 e frontier, Inc. 2010/11/26 1.0
FileZilla Client 3.28.0 Tim Kosse 2017/11/01 27.2 MB 3.28.0
FJ Camera Sonix 2011/03/06 5.8.52016.0
FoxTab Video To MP3 2011/08/11
Fujitsu Display Manager 2011/03/06
GetASFStream 2011/12/25
Google Chrome Google Inc. 2011/03/06 61.0.3163.100
iCloud Apple Inc. 2012/03/09 33.2 MB 1.1.0.40
iFunbox (v4.0.4106.1352) iFunbox DevTeam 2017/08/20 45.3 MB v4.0.4106.1352
IndicatorUtility

algernon cadです。
知恵袋から訪問させていただきました。
fox tab video to mp3というソフトがインストールされておりアンインストールもできない状況です。
また、Windows起動毎に
ーーーーーーーーーーーーーーーーーー
udd.exe-エントリポイントが見つかりません
プロシージャエントリポイント_objc_init_imageがダイナミックリンクライブラリobjc.dllから見つかりませんでした。
ーーーーーーーーーーーーーーーーーー
という添付写真のような表示がされます。

調べては見ましたが、対処法がわからないので、ご教授お願いしたいです。
お忙しいとは思いますがよろしくお願い致します。

こんばんは、IVNOと申します。
たまたま休みが取れたので顔を出せたようなものなので継続してご返答できるかは不安ですが……
Trendmicro HijackThis Open Source Utility(以下HJT)にて取得いただいたログが途中で途切れているようです。
こちらの再取得をお願いいたします。
udd.exeはApple関連のトラブルですね。

Apple Application Support（32 ビット） Apple Inc. 2017/10/02 135 MB 6.0.2
Apple Application Support（64 ビット） Apple Inc. 2017/10/02 149 MB 6.0.2
Apple Mobile Device Support Apple Inc. 2017/10/02 27.8 MB 11.0.0.30
Apple Software Update Apple Inc. 2017/10/02 4.03 MB 2.4.8.1

これらの入れ直しを行うと解決するかと思います。
それではログの再取得をお願いいたします。

お返事ありがとうございます．

以下logです．

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:24:37, on 2017/11/01
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
CHROME: 61.0.3163.100
FIREFOX: 56.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON\MyEPSON Connect\mep.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Windows\vsnp2uvc.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe
C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe
C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\ryu\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\ryu\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\ypho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NiftyBHO - {B37B14B8-699F-4002-9254-D1AB00FD07B5} - C:\Program Files (x86)\@nifty toolbar\nbho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\YahooToolBar.dll
O2 - BHO: navinow - {F6AC6E26-60C4-4132-95EA-F9B2D23C2990} - C:\Users\Public\Documents\navinow\navinow.dll
O3 - Toolbar: AzbyClubツールバー - {3DB1C21B-A7E0-4C3F-B39E-E00DD8792D90} - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\YahooToolBar.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe"
O4 - HKLM\..\Run: [FJDust] C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe
O4 - HKLM\..\Run: [NetworkPlayerServerHelper] "C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe"
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [snp2uvc] C:\windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\ryu\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000000" /M "PX-405A Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000002" /M "PX-405A Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000001" /M "PX-405A Series" /EF "HKCU"
O4 - HKCU\..\Run: [iFunBox] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: @nifty: @searchで検索 - res://C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll/atsearch.htm
O8 - Extra context menu item: @nifty: ページを日本語に翻訳 - res://C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll/en_to_jp.htm
O8 - Extra context menu item: @nifty: 選択範囲を日本語に翻訳 - res://C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll/en_to_jp_txt.htm
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: OneNote に送る(&N) - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: SmileDownloaderで保存する(&Y) - C:\Program Files (x86)\SmileDownloader\IEMenu\IEMenuExt.htm
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0E15796F-7B3A-4FB3-BF69-7B11D20A4A62} (AzbyClub ユーザー登録用 コントロール) - https://azby.fmworld.net/register/entrance/UserReg.CAB
O16 - DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - http://202.142.12.35/JpegInst.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNService3 - Unknown owner - C:\Program Files (x86)\Fujitsu\NetworkPlayer\Kernel\DMP\CLHNService.exe
O23 - Service: DraftSight API Service - Unknown owner - C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FjDstService - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\DustSolution\FJDService.exe
O23 - Service: Google アップデート サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe
O23 - Service: カスペルスキー セキュアコネクション サービス 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MyEPSON Connect Service - Seiko Epson Corporation - C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NetworkPlayer Server - Unknown owner - C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServer.exe
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PowerUtility - スケジュール機能 (PUSCSRVC) - FUJITSU LIMITED - C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCSRVC.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15024 bytes

ご連絡が遅れて申し訳ありません。
ログを確認いたしました。
感染源は十中八九マルチメディア系のフリーソフトですね。
動画をリッピングしたりネットからDLして編集しFTPでネット上にUPって言うのはもう法律的にアウトですので、
この依頼を本館に持ち込んでいたらリカバリしろって言われてるところですね。
この内容なら一気に処理したほうが手っ取り早そうですね。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。
ただし、Windows 10の方に限り「Cleanup」ボタンを押さずにファイルのみ削除してください。
このOTLでのスキャンは再度ご案内する場合がありますが、
その際はこちらの手順をそのまま繰り返していただくこととなります。
OTLで再度スキャンをと言われた場合、こちらの作業のやり直しをお願いいたします。

OTLを起動させる前にブラウザの余分なタブを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
大抵は2分割すれば事足りると思います。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html

丁寧なご説明ありがとうございます．
以下OLTの出力結果です．
OTL logfile created on: 2017/11/06 13:51:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryu\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18376)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.80 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 27.63% Memory free
7.60 Gb Paging File | 4.74 Gb Available in Paging File | 62.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.99 Gb Total Space | 60.12 Gb Free Space | 20.88% Space Free | Partition Type: NTFS
Drive D: | 287.99 Gb Total Space | 137.22 Gb Free Space | 47.65% Space Free | Partition Type: NTFS

Computer Name: RYU-PC | User Name: ryu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017/11/06 13:47:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryu\Downloads\OTL.exe
PRC - [2017/11/01 02:20:56 | 000,595,752 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
PRC - [2017/11/01 02:18:40 | 000,334,632 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
PRC - [2017/07/19 23:50:40 | 000,083,032 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017/01/24 18:57:40 | 000,354,672 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
PRC - [2017/01/24 18:57:38 | 000,354,672 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
PRC - [2015/04/10 15:22:56 | 000,530,816 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/04/02 15:44:14 | 001,058,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/12/03 21:21:07 | 000,142,184 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe
PRC - [2010/10/01 10:12:14 | 000,087,336 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer\Kernel\DMP\CLHNService.exe
PRC - [2010/09/29 18:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe
PRC - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/01/21 19:12:48 | 000,062,824 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\DustSolution\FJDService.exe
PRC - [2009/10/30 20:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/10/21 12:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/10/08 20:13:58 | 000,451,920 | ---- | M] (DigiOn, Inc.) -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe
PRC - [2009/08/13 06:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/07/02 20:09:24 | 000,107,792 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServer.exe
PRC - [2005/04/06 16:53:06 | 003,502,080 | ---- | M] () -- c:\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
PRC - [2005/04/06 16:53:04 | 000,856,064 | ---- | M] (Adobe Sytems Incorporated) -- C:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
PRC - [2005/04/06 16:53:02 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) -- c:\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/07/07 19:12:34 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_playlist.dll
MOD - [2009/07/02 20:09:24 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_crawler.dll
MOD - [2009/06/19 15:50:40 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_msd.dll
MOD - [2009/06/18 17:58:04 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_crawler_fs.dll
MOD - [2009/06/12 00:07:58 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_av.dll
MOD - [2009/06/12 00:07:58 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_util.dll
MOD - [2009/06/12 00:07:58 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_upnp.dll
MOD - [2009/06/12 00:07:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_media.dll
MOD - [2009/06/12 00:07:58 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_access_control.dll
MOD - [2009/06/12 00:07:58 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_char_util.dll
MOD - [2009/06/12 00:07:58 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_metadata.dll
MOD - [2009/06/12 00:07:58 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_device_manager.dll
MOD - [2009/06/12 00:07:58 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\dixim_printer.dll
MOD - [2009/04/30 17:24:42 | 000,937,984 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\libxml2.dll
MOD - [2009/04/30 17:24:42 | 000,499,246 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\sqlite3.dll
MOD - [2009/04/30 17:24:42 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\uchardet.dll
MOD - [2008/08/20 18:03:38 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\scew.dll
MOD - [2008/05/13 19:47:28 | 001,443,212 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\iconv.dll
MOD - [2008/05/13 19:47:28 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\libexpat.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/06/11 06:03:14 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/02/21 07:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:[b]64bit:[/b] - [2012/01/26 07:01:02 | 000,179,296 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:[b]64bit:[/b] - [2011/12/12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:[b]64bit:[/b] - [2010/10/07 15:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/03/10 11:06:30 | 000,199,528 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCSRVC.exe -- (PUSCSRVC)
SRV - [2017/11/01 02:18:55 | 000,426,416 | ---- | M] (AO Kaspersky Lab) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe -- (klvssbridge64_18.0.0)
SRV - [2017/10/25 10:38:36 | 000,194,000 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017/07/19 23:50:40 | 000,083,032 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017/06/28 16:01:20 | 000,714,712 | ---- | M] (Seiko Epson Corporation) [Auto | Stopped] -- C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2017/01/24 18:57:40 | 000,354,672 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe -- (KSDE2.0.0)
SRV - [2017/01/24 18:57:38 | 000,354,672 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe -- (AVP18.0.0)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/10/01 10:12:14 | 000,087,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Fujitsu\NetworkPlayer\Kernel\DMP\CLHNService.exe -- (CLHNService3)
SRV - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/06/26 02:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/01/21 19:12:48 | 000,062,824 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\DustSolution\FJDService.exe -- (FjDstService)
SRV - [2009/07/02 20:09:24 | 000,107,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServer.exe -- (NetworkPlayer Server)
SRV - [2005/04/06 16:53:02 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/11/01 02:17:51 | 001,071,832 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2017/11/01 02:17:50 | 000,206,040 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2017/11/01 02:17:49 | 000,350,944 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,199,360 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,137,200 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,091,352 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klbackupflt.sys -- (klbackupflt)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,081,904 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,070,872 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbackupdisk.sys -- (klbackupdisk)
DRV:[b]64bit:[/b] - [2017/10/15 15:05:06 | 000,050,672 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2016/12/26 20:27:10 | 000,247,008 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km.sys -- (cm_km)
DRV:[b]64bit:[/b] - [2016/12/23 09:19:30 | 000,057,568 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2016/12/07 09:38:46 | 000,058,592 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2016/10/11 14:14:28 | 000,057,936 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2016/10/01 02:26:00 | 000,554,408 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2016/06/07 01:31:06 | 000,052,152 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kltap.sys -- (kltap)
DRV:[b]64bit:[/b] - [2016/05/31 23:24:06 | 000,078,216 | ---- | M] (AO Kaspersky Lab) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2016/05/11 10:24:22 | 000,059,152 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV:[b]64bit:[/b] - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/27 06:45:14 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/05/09 16:20:24 | 000,362,832 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2011/03/17 15:11:37 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 22:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 20:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 18:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/10/28 17:02:34 | 010,620,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/10/09 05:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2010/07/26 11:27:00 | 000,318,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2010/06/26 02:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:[b]64bit:[/b] - [2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/06/08 04:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2010/05/18 20:40:08 | 001,603,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010/02/26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010/02/24 11:10:18 | 000,181,248 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010/02/24 11:10:16 | 000,078,336 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010/02/03 06:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/24 14:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2009/06/11 05:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006/11/01 19:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{7D38BC41-20AF-47E1-AC5C-5F84600C722E}: "URL" = http://www.amazon.co.jp/s/ref=azs_osd_ieajp?ie=UTF-8&tag=fujitsu07baawps-22&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9466DE3D-841E-41F6-A078-8203E622DB38}: "URL" = http://azby.search.nifty.com/cgi-bin/search.cgi?select=1064&htmltype=2&cflg=%e6%a4%9c%e7%b4%a2&Text={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9B632DEB-8A46-4E68-8ED3-DFE1165FE4A3}: "URL" = http://pt.afl.rakuten.co.jp/c/0c1426d1.3abb9778/_RTfujt11011201?v=2&s=1&sitem={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B1B6D866-E4CD-4401-85C9-590D3284D628}: "URL" = http://ck.jp.ap.valuecommerce.com/servlet/referral?sid=2597372&pid=879140005&vc_url=http%3a%2f%2fshopping%2esearch%2eyahoo%2eco%2ejp%2fsearch%3fp%3d{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {30A9307E-2754-4911-A426-185994DAEE33}
IE - HKLM\..\SearchScopes\{30A9307E-2754-4911-A426-185994DAEE33}: "URL" = http://search.yahoo.co.jp/search?fr=sb-kingbrw1&ei=UTF-8&p={searchTerms}
IE - HKLM\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = http://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzuzytDtDtDyE0EyBtDyD0E0AzztN0C0Czu0J0PtN0D0TzutBtDtCtCtDtAtDzz&cr=1863196913
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7D38BC41-20AF-47E1-AC5C-5F84600C722E}: "URL" = http://www.amazon.co.jp/s/ref=azs_osd_ieajp?ie=UTF-8&tag=fujitsu07baawps-22&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{9466DE3D-841E-41F6-A078-8203E622DB38}: "URL" = http://azby.search.nifty.com/cgi-bin/search.cgi?select=1064&htmltype=2&cflg=%e6%a4%9c%e7%b4%a2&Text={searchTerms}
IE - HKLM\..\SearchScopes\{9B632DEB-8A46-4E68-8ED3-DFE1165FE4A3}: "URL" = http://pt.afl.rakuten.co.jp/c/0c1426d1.3abb9778/_RTfujt11011201?v=2&s=1&sitem={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://azby.fmworld.net/?ref=201101
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=ja-jp
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111434&babsrc=SP_ss&mntrId=3ac014f100000000000096004e705ea8
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{1B8EC8BB-C7F6-47DF-95A8-6261B9D7C03F}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ac014f100000000000096004e705ea8&tlver=1.4.19.19&affID=17160
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{30A9307E-2754-4911-A426-185994DAEE33}: "URL" = http://search.yahoo.co.jp/search?fr=sb-kingbrw1&ei=UTF-8&p={searchTerms}
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = http://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzuzytDtDtDyE0EyBtDyD0E0AzztN0C0Czu0J0PtN0D0TzutBtDtCtCtDtAtDzz&cr=1863196913
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_jaJP422
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{6F664485-AE22-4892-A5FA-126572F4DD4B}: "URL" = http://searchya.com/?chnl=dcom-100&s=1&cr=768545073&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyDtDtB&q={searchTerms}
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\SearchScopes\{A764A342-E04F-476C-8212-2471D6E10A9E}: "URL" = http://search.jword.jp/cns.dll?type=jwd&fm=10&agent=&bypass=2&partner=AP&lang=utf8&name={searchTerms}
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.0.50;*.local
IE - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.anan-nct.ac.jp:8080

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\windows\system32\npdeployJava1.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ryu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ryu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 18.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2017/11/01 02:18:40 | 000,169,074 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 56.0.2\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 56.0.2\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2012/12/08 21:34:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017/11/01 02:18:40 | 000,169,074 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 56.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 56.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2017/11/01 09:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\Extensions
[2017/11/01 09:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\Firefox\Profiles\9exlfll0.default\browser-extension-data
[2017/11/01 09:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\Firefox\Profiles\9exlfll0.default\browser-extension-data\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com
[2017/11/01 09:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\Firefox\Profiles\9exlfll0.default\browser-extension-data\screenshots@mozilla.org
[2017/11/01 10:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\Firefox\Profiles\9exlfll0.default\extensions
[2017/11/01 10:35:32 | 000,000,000 | ---D | M] (NaviNow Web Tool) -- C:\Users\ryu\AppData\Roaming\mozilla\Firefox\Profiles\9exlfll0.default\extensions\navinow@www.navinow.jp
[2017/11/01 09:17:49 | 000,132,293 | ---- | M] () (No name found) -- C:\Users\ryu\AppData\Roaming\mozilla\firefox\profiles\9exlfll0.default\features\{19c296da-b216-4eaf-aea8-465c1d89d244}\shield-recipe-client@mozilla.org.xpi
[2017/01/25 02:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/19 13:02:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2017/11/01 09:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/05/02 19:36:51 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/08/11 02:20:26 | 000,002,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\ryu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij\0.0.0.26_0\
CHR - Extension: No name found = C:\Users\ryu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk\5.1.93.0_0\
CHR - Extension: No name found = C:\Users\ryu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\ryu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6117.717.0.4_0\

O1 HOSTS File: ([2012/08/12 02:50:36 | 000,000,853 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Kaspersky Protection) - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ieext\ie_plugin.dll (AO Kaspersky Lab)
O2:[b]64bit:[/b] - BHO: (i-フィルター 5.0 ブラウザヘルパー) - {0FAF6F52-1AD4-4282-9EA1-3EC884DA7AA3} - C:\Program Files (x86)\Digital Arts\IFP5\app\bin\ifp5toolbar64.dll File not found
O2:[b]64bit:[/b] - BHO: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files (x86)\Epson Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:[b]64bit:[/b] - BHO: (NaviNow64 Web Tool) - {D929622A-B35D-4F63-B851-2FBD368FD6DA} - C:\Users\Public\DOCUME~1\navinow\NAVINO~1.DLL (株式会社インターパイロン Interpylon, Inc)
O2 - BHO: (Kaspersky Protection) - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\ieext\ie_plugin.dll (AO Kaspersky Lab)
O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\ypho.dll (Yahoo Japan Corporation. )
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AzbyClubツールバー BHO) - {B37B14B8-699F-4002-9254-D1AB00FD07B5} - C:\Program Files (x86)\@nifty toolbar\nbho.dll (NIFTY Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yahoo!ツールバーヘルパー) - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O2 - BHO: (NaviNow Web Tool 1.0) - {F6AC6E26-60C4-4132-95EA-F9B2D23C2990} - C:\Users\Public\Documents\navinow\navinow.dll (株式会社インターパイロン Interpylon, Inc)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ieext\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files (x86)\Epson Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (AzbyClubツールバー) - {3DB1C21B-A7E0-4C3F-B39E-E00DD8792D90} - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O3 - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\ieext\ie_plugin.dll (AO Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\Toolbar\WebBrowser: (AzbyClubツールバー) - {3DB1C21B-A7E0-4C3F-B39E-E00DD8792D90} - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O3 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\..\Toolbar\WebBrowser: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O4:[b]64bit:[/b] - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [FJBATAID2] C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [iTunesHelper] D:\ショートカット\iTunesHelper.exe (Apple Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Fujitsu Quick Touch\BtnHnd.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Fujitsu Quick Touch\QuickTouch.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadPUSCDaemon] C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCDaemon.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [PUSCKAPLEXE] C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCKAPLEXE.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4:[b]64bit:[/b] - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe ()
O4 - HKLM..\Run: [Adobe Version Cue CS2] c:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FJDust] C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FUJ02B1_Apps] "%PROGRAMFILES(X86)%\Fujitsu\FUJ02B1\CheckBatteryPack.exe" -ViewTarget -langid 0x411 File not found
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [NetworkPlayerServerHelper] C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe (DigiOn, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000000" /M "PX-405A Series" File not found
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [EPLTarget\P0000000000000001] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000001" /M "PX-405A Series" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [EPLTarget\P0000000000000002] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIDJ.EXE /EPT "EPLTarget\P0000000000000002" /M "PX-405A Series" File not found
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [Google Update] C:\Users\ryu\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [iFunBox] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2903308731-1194887573-1762437510-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: @nifty: @searchで検索 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8:[b]64bit:[/b] - Extra context menu item: @nifty: ページを日本語に翻訳 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8:[b]64bit:[/b] - Extra context menu item: @nifty: 選択範囲を日本語に翻訳 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8:[b]64bit:[/b] - Extra context menu item: SmileDownloaderで保存する(&Y) - C:\Program Files (x86)\SmileDownloader\IEMenu\IEMenuExt.htm File not found
O8 - Extra context menu item: @nifty: @searchで検索 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8 - Extra context menu item: @nifty: ページを日本語に翻訳 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8 - Extra context menu item: @nifty: 選択範囲を日本語に翻訳 - C:\Program Files (x86)\@nifty toolbar\ntoolbar.dll (NIFTY Corporation)
O8 - Extra context menu item: SmileDownloaderで保存する(&Y) - C:\Program Files (x86)\SmileDownloader\IEMenu\IEMenuExt.htm File not found
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {0E15796F-7B3A-4FB3-BF69-7B11D20A4A62} https://azby.fmworld.net/register/entrance/UserReg.CAB (AzbyClub ユーザー登録用 コントロール)
O16 - DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} http://202.142.12.35/JpegInst.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02707723-6D4D-43D4-BB6F-19BCF558AB62}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E9AC55B-C742-44D9-A49E-D9DB7D6928A5}: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CCD4381-4895-4BAC-BCF9-D22B4143D380}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5EABE622-3160-D297-CA21-438005879321} - Java (Sun)
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C35ED8C-D400-FE37-3263-336ED23943C3} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3A78C5A5-9BF5-B569-F588-031EB6B4255E} - Java (Sun)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {551DFB90-8AE5-423A-9345-BC2116DD8D6A} - EIEDPLauncher
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {7EDE9FA8-BC60-0077-CB26-AFABE15D894A} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8EBD4B23-F23B-0CB6-9541-DB662002577A} - Browser Customizations
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AF1D77FC-6028-1827-45E3-CF0B35BA0843} - Browser Customizations
ActiveX: {C26AE799-F717-4578-D207-45BF86296BBA} - Microsoft Windows Media Player 12.0
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{42369544-3E0D-4141-B8E9-E643D4E73359} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/11/01 10:11:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2017/11/01 10:11:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2017/11/01 10:11:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2017/11/01 10:11:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2017/11/01 10:11:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2017/11/01 10:11:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2017/11/01 10:11:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2017/11/01 10:11:09 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2017/11/01 10:11:09 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2017/11/01 10:11:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2017/11/01 10:11:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2017/11/01 10:11:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2017/11/01 10:11:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/11/01 10:11:07 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2017/11/01 10:11:07 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2017/11/01 10:11:07 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2017/11/01 10:11:07 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2017/11/01 10:11:07 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2017/11/01 10:11:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2017/11/01 10:11:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2017/11/01 10:11:06 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2017/11/01 10:11:06 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2017/11/01 10:11:06 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2017/11/01 10:11:06 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2017/11/01 10:11:05 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2017/11/01 10:11:05 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2017/11/01 10:11:04 | 002,131,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2017/11/01 10:11:04 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2017/11/01 10:11:04 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2017/11/01 10:11:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2017/11/01 10:11:03 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2017/11/01 10:11:03 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2017/11/01 10:11:03 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2017/11/01 10:11:02 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2017/11/01 10:11:02 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2017/11/01 10:11:01 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2017/11/01 10:11:01 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2017/11/01 10:11:01 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2017/11/01 10:11:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2017/11/01 10:11:00 | 006,047,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2017/11/01 10:10:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2017/11/01 10:10:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2017/11/01 10:10:59 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2017/11/01 10:03:58 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2017/11/01 10:03:58 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2017/11/01 09:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/11/01 09:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017/11/01 09:04:14 | 000,000,000 | ---D | C] -- C:\Users\ryu\AppData\Roaming\Mozilla
[2017/11/01 09:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2017/11/01 08:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2017/11/01 07:54:09 | 000,000,000 | ---D | C] -- C:\windows\pss
[2017/11/01 07:51:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/11/01 07:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2017/11/01 07:40:50 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2017/11/01 07:40:29 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2017/11/01 07:40:29 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2017/11/01 07:40:29 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2017/11/01 07:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2017/11/01 02:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\カスペルスキー セキュアコネクション
[2017/11/01 02:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2017/11/01 02:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\カスペルスキー インターネット セキュリティ
[2017/11/01 02:18:57 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\klfphc.dll
[2017/11/01 02:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2017/11/01 02:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2017/11/01 02:17:50 | 001,071,832 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klif.sys
[2017/11/01 02:17:50 | 000,206,040 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klflt.sys
[2017/11/01 02:17:49 | 000,149,304 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\klhkum.dll
[2017/11/01 02:17:48 | 000,350,944 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klhk.sys
[2017/10/15 15:05:06 | 000,199,360 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\kneps.sys
[2017/10/15 15:05:06 | 000,137,200 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klwtp.sys
[2017/10/15 15:05:06 | 000,091,352 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klbackupflt.sys
[2017/10/15 15:05:06 | 000,081,904 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\kltdi.sys
[2017/10/15 15:05:06 | 000,070,872 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klbackupdisk.sys
[2017/10/15 15:05:06 | 000,050,672 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klpd.sys
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/11/06 13:54:22 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/11/06 13:54:22 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/11/06 13:41:22 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2017/11/06 13:41:19 | 3060,355,072 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/01 09:27:34 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/11/01 07:57:05 | 000,037,112 | ---- | M] () -- C:\windows\SysWow64\persistent_q.db-wal
[2017/11/01 07:57:02 | 000,032,768 | ---- | M] () -- C:\windows\SysWow64\persistent_q.db-shm
[2017/11/01 07:57:02 | 000,004,096 | ---- | M] () -- C:\windows\SysWow64\persistent_q.db
[2017/11/01 07:40:20 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2017/11/01 07:40:19 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2017/11/01 07:40:19 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2017/11/01 07:40:19 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2017/11/01 02:21:17 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\カスペルスキー セキュアコネクション.lnk
[2017/11/01 02:19:18 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\カスペルスキー インターネット セキュリティ.lnk
[2017/11/01 02:19:17 | 000,002,124 | ---- | M] () -- C:\Users\Public\Desktop\ネット決済保護.lnk
[2017/11/01 02:17:51 | 001,071,832 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klif.sys
[2017/11/01 02:17:50 | 000,206,040 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klflt.sys
[2017/11/01 02:17:49 | 000,350,944 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klhk.sys
[2017/11/01 02:17:49 | 000,149,304 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\klhkum.dll
[2017/11/01 01:53:45 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2017/10/15 15:05:06 | 000,199,360 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\kneps.sys
[2017/10/15 15:05:06 | 000,137,200 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klwtp.sys
[2017/10/15 15:05:06 | 000,091,352 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klbackupflt.sys
[2017/10/15 15:05:06 | 000,081,904 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\kltdi.sys
[2017/10/15 15:05:06 | 000,070,872 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klbackupdisk.sys
[2017/10/15 15:05:06 | 000,050,672 | ---- | M] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klpd.sys
[2017/10/09 23:32:08 | 068,961,048 | ---- | M] () -- C:\Users\ryu\Desktop\名称未設定 1.psd
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/11/01 09:27:34 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/11/01 09:02:13 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2017/11/01 07:57:02 | 000,037,112 | ---- | C] () -- C:\windows\SysWow64\persistent_q.db-wal
[2017/11/01 07:57:02 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\persistent_q.db-shm
[2017/11/01 07:57:02 | 000,004,096 | ---- | C] () -- C:\windows\SysWow64\persistent_q.db
[2017/11/01 02:21:20 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\カスペルスキー セキュアコネクション.lnk
[2017/11/01 02:19:32 | 000,002,124 | ---- | C] () -- C:\Users\Public\Desktop\ネット決済保護.lnk
[2017/11/01 02:19:32 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\カスペルスキー インターネット セキュリティ.lnk
[2014/03/30 13:30:34 | 000,003,584 | ---- | C] () -- C:\Users\ryu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/12 08:32:09 | 000,000,600 | ---- | C] () -- C:\Users\ryu\AppData\Roaming\winscp.rnd
[2012/02/13 03:44:17 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/09/16 07:29:01 | 000,017,408 | ---- | C] () -- C:\Users\ryu\AppData\Local\WebpageIcons.db
[2011/09/01 19:14:36 | 000,000,000 | ---- | C] () -- C:\Users\ryu\AppData\Local\{8C3F733B-87EE-4DB4-86E6-24C90B885CFE}
[2011/07/10 11:37:18 | 000,000,042 | ---- | C] () -- C:\Users\ryu\.a-downloader
[2011/03/26 17:07:49 | 000,002,976 | ---- | C] () -- C:\Users\ryu\AppData\Roaming\preferences.lyricsmaster
[2011/03/11 22:05:21 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/03/08 02:00:55 | 000,000,347 | ---- | C] () -- C:\Users\ryu\ホームグループ - ショートカット.lnk
[2011/03/07 18:16:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2012/06/23 15:35:02 | 000,000,000 | RH-D | M] -- C:\KRECYCLE
[2010/11/26 12:44:42 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2017/11/01 08:04:25 | 000,000,000 | RH-D | M] -- C:\ProgramData
[2017/03/14 00:27:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/11/12 18:54:54 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/06/22 23:22:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\nsklog
[2010/01/12 18:51:28 | 000,139,304 | -H-- | M] (Yahoo Japan Corporation.) -- C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_9\uninstall.exe
[2017/08/21 00:06:55 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2013/11/06 01:45:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\EPSON\PRINTER
[2012/05/02 19:47:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\rm
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2009/07/14 20:16:07 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2011/03/17 15:58:27 | 000,002,287 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Need for Speed Most Wanted\Need for Speed Most Wanted をアンインストール.lnk
[2011/03/17 15:58:25 | 000,002,253 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Need for Speed Most Wanted\Need for Speed Most Wanted.lnk
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2011/03/06 15:11:49 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2017/08/21 00:06:55 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2013/11/06 01:45:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\EPSON\PRINTER
[2012/05/02 19:47:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\rm
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2009/07/14 20:16:07 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2011/03/17 15:58:27 | 000,002,287 | -H-- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\EA GAMES\Need for Speed Most Wanted\Need for Speed Most Wanted をアンインストール.lnk
[2011/03/17 15:58:25 | 000,002,253 | -H-- | M] () -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\EA GAMES\Need for Speed Most Wanted\Need for Speed Most Wanted.lnk
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2010/02/09 19:43:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2010/02/09 19:51:12 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2010/02/09 19:51:12 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2010/02/09 19:51:19 | 000,000,000 | RH-D | M] -- C:\Users\Default\AppData\Local\Microsoft\Windows\Burn\Burn
[2010/02/09 19:51:19 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/02/09 19:50:53 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2010/02/09 19:50:53 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2010/02/09 19:50:53 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2010/02/09 19:43:05 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData
[2012/01/27 01:39:32 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2010/02/09 19:51:12 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2011/12/25 22:36:25 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2012/03/16 01:28:06 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2010/02/09 19:51:19 | 000,000,000 | RH-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\Burn\Burn
[2011/12/23 19:53:24 | 000,000,000 | RH-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\Burn\Burn1
[2012/01/31 15:00:34 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics
[2012/01/31 14:52:01 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{768E2DCF-73B0-420A-AA99-4DB04FBC3637}
[2012/01/31 14:44:03 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{8669ECE8-D1C3-4345-8310-E60F6D44FDAF}
[2012/01/31 15:00:34 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{89FE5CB3-11CB-489C-AC0D-0C0B6707E1F6}
[2012/01/31 14:49:44 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{A8977498-2FDF-42B7-A726-8D3B2A53CD2C}
[2011/12/30 21:36:34 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{E2856B15-A196-4C82-BDA1-C75D273DF989}
[2010/02/09 19:51:19 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/12/25 22:35:18 | 000,000,000 | -H-D | M] -- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2011/03/06 15:17:47 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2010/02/09 19:43:05 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData
[2017/08/20 21:54:33 | 001,074,544 | -H-- | M] (LINE Corporation) -- C:\Users\ryu\AppData\Local\Line\bin\LineUpdater.exe
[2013/09/19 14:54:18 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2011/03/06 16:14:57 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2011/03/06 16:14:58 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2011/05/13 21:35:16 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2016/10/02 00:15:22 | 000,000,000 | RH-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\Burn\Burn
[2011/03/17 15:15:00 | 000,000,000 | RH-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\Burn\Burn1
[2012/04/14 17:24:12 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics
[2011/03/07 00:11:37 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{768E2DCF-73B0-420A-AA99-4DB04FBC3637}
[2011/03/07 00:06:13 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{8669ECE8-D1C3-4345-8310-E60F6D44FDAF}
[2011/03/25 18:59:35 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{89FE5CB3-11CB-489C-AC0D-0C0B6707E1F6}
[2012/04/14 17:24:12 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{E2856B15-A196-4C82-BDA1-C75D273DF989}
[2017/08/20 23:32:50 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Temp\.iFunboxUpdated
[2011/11/12 04:21:22 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Local\Temp\QWEGoldenGateCoreIOP
[2011/03/07 02:51:36 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Roaming\CyberLink\MediaCache
[2011/03/06 15:32:06 | 000,000,000 | -H-D | M] -- C:\Users\ryu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/14 18:21:06 | 000,000,000 | RH-D | M] -- C:\Users\ryu\Documents\ZPS13\_@Keywords
[2017/11/01 08:33:54 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2011/03/25 00:03:26 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2013/05/16 21:36:14 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2011/03/06 15:20:37 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\アート キャッシュ

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives

これで最後です．

---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD6400BPVT-16HXZT1
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 20.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 200.00MB
Starting Offset: 21475885056
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 288.00GB
Starting Offset: 21685600256
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 288.00GB
Starting Offset: 330909614080
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/20 22:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 21:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 21:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 21:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 21:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

OTL Extras logfile created on: 2017/11/06 13:51:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryu\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18376)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.80 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 27.63% Memory free
7.60 Gb Paging File | 4.74 Gb Available in Paging File | 62.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.99 Gb Total Space | 60.12 Gb Free Space | 20.88% Space Free | Partition Type: NTFS
Drive D: | 287.99 Gb Total Space | 137.22 Gb Free Space | 47.65% Space Free | Partition Type: NTFS

Computer Name: RYU-PC | User Name: ryu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Program Files (x86)\Explzh\Explzh.exe /f %1 (pon software)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Program Files (x86)\Explzh\Explzh.exe /f %1 (pon software)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0985312E-27C9-45C4-90DF-145210CD1E80}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{09A4C94D-BE67-4B58-8D9C-7B5B8881CF70}" = rport=139 | protocol=6 | dir=out | app=system |
"{0FDE2277-A4F1-4C23-8902-2D812C67B11C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{298D5650-DE82-46F6-9C7A-C18B5D846515}" = lport=137 | protocol=17 | dir=in | app=system |
"{299CFE3C-540C-41A3-9319-2A51D67F5D4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29CFF72C-BEC3-4E71-BE05-CC792A376E56}" = lport=138 | protocol=17 | dir=in | app=system |
"{37C844D3-A7BC-46EA-8B37-262B91F6DE50}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3CC96D45-39A8-41CE-82CB-DD6A231BE2BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{42FDD017-6F35-4E3B-98BA-831C15BA9A44}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5B20C704-DC43-4A32-896D-89D019D0268F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{609A17C9-8838-4DAD-AFF6-FFDF4C06F1A5}" = rport=445 | protocol=6 | dir=out | app=system |
"{691D8B8B-A90C-4C97-9DD5-BFDFE1B71D8E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73E52B73-5572-4C23-A094-DDEE2495A1F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{7462439C-7B3E-44FB-8768-F368344AB287}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76B89565-1593-4106-AF1F-3A5CA62D6B8C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{94FB978C-C2E9-45B7-A631-BDBCB6B87AB3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9DCB3333-7BE4-4AD0-BCF8-0F62DBFC7436}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B864C5BA-480F-4B98-A647-15321C23B47D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BA136588-BD84-4896-BB03-E672297FD9F5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB07890E-9017-45D5-B301-F2747D766CC5}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1F22B97-6FC2-4342-8021-93684B45B636}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5466536-654C-4285-BF3F-F578272CA1EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6D4E4B1-25CB-4204-B3D1-CFAEEE724775}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DFB57105-A789-469D-BF11-E3DD4BC6D388}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4BD9BBD-68C4-4739-AC76-CEE23117617D}" = lport=139 | protocol=6 | dir=in | app=system |
"{E4E3544F-F972-4A83-A2E0-B72BC286A44B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F91BC26F-B02C-464A-B2F4-CE0E5B1A4768}" = rport=137 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047EEFD1-A904-407B-B1BF-BA23E346FA09}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0E528D5E-64BA-41C5-AB57-DD99C11A553A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{127D7AE3-9517-47C7-AD0F-C855FDD1BE4B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1B95D7A5-508D-41A7-B9AE-A8932544D7C4}" = protocol=17 | dir=in | app=c:\users\ryu\appdata\roaming\utorrent\utorrent.exe |
"{1D29A141-245F-4518-BB13-4F30300B9C8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F57731A-EEE7-45D8-A627-B1BF4B455057}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1FBB76E3-3B2F-4EF8-AC08-023208B15BDD}" = protocol=17 | dir=in | app=c:\users\ryu\downloads\musicconvertersetup.exe |
"{2682638E-5FFD-4883-A098-306F2D766E72}" = protocol=17 | dir=in | app=c:\users\ryu\downloads\utorrent (1).exe |
"{27975362-1E1F-46BE-A672-7612ABD408B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2844367E-651C-4A6D-BA3C-F6D02A292CED}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2852AA3E-3E68-4103-AFD1-61160D765619}" = protocol=6 | dir=in | app=c:\users\ryu\appdata\roaming\utorrent\utorrent.exe |
"{33887F73-2375-4CFA-8063-EEEA15BB77CE}" = protocol=17 | dir=in | app=c:\users\ryu\appdata\roaming\utorrent\utorrent.exe |
"{38212783-2F69-4547-87F6-1A5C7DB34C50}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{413C162F-6E5D-4FAB-99D2-DF71532B1CA9}" = dir=in | app=c:\program files (x86)\fujitsu\networkplayer server\fmvsttool.exe |
"{4164EA22-6989-4CBF-9FE6-B09921CDB3BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4930D5B3-7AE3-4084-8908-6FD67AA4AABC}" = protocol=6 | dir=in | app=c:\users\ryu\downloads\utorrent (1).exe |
"{4F448965-C4A7-4B44-A5AB-ED66EA332376}" = dir=in | app=c:\program files (x86)\fujitsu\networkplayer server\networkplayerserver.exe |
"{511FC1CF-6FA3-4015-8DB9-CFB5130A701D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E5C0BDD-7F0A-4E6D-BDEF-0DC962FF6B3D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{645FD464-FCBE-45C4-940F-4D343204DF6A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6C71D0B6-49EF-4C8D-8BD1-EFE5B5A94D31}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6FEEAC08-2B64-444D-8884-9AB1EEDB1C23}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{751C188E-86CE-4D8F-B51A-CF14C3E8C4C9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{754DB915-BD3D-4A85-95CB-DA33D34B510E}" = dir=in | app=c:\program files (x86)\fujitsu\networkplayer\networkplayer.exe |
"{78EA1DDE-CC32-415E-9DC1-05DFBA25B1E3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{81DD7D0A-00D1-431E-85C8-0286D8A7FFDF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8547C5BD-A3DE-4947-AE57-C69C9C86246B}" = protocol=6 | dir=in | app=c:\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{8E851894-AB67-43C5-B046-B9C27CEF9F2A}" = dir=in | app=d:\ショートカット\itunes.exe |
"{95A37FF1-6615-4223-AF9C-CB47EABA0FD1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{986C526B-1839-4CD6-AC43-8458868E12B9}" = protocol=6 | dir=in | app=c:\users\ryu\appdata\roaming\utorrent\utorrent.exe |
"{9A3C1CF7-4FCC-4898-9363-D0231DBCF2BF}" = protocol=17 | dir=in | app=c:\users\ryu\downloads\cnet2_powertab_zip.exe |
"{9D507975-9A77-4EAE-BC2D-9E9FABB018B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FF6E36C-C4E1-407A-B988-F19A417D59B3}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe |
"{A5524BF3-9AEF-412B-878F-20EFC74FE2E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5A3CDCD-E7A7-4CBE-A83E-3E04C4A3A7ED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7E23530-6BCE-4275-AE81-A3176C3B8D3D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ACB0FD26-2F5A-47B2-AA08-2BB6EA88DA99}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF74808A-FBDC-4A31-98E5-679EC9EC8BD9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B1DE08E7-7957-44F6-A4D1-0052D2A250CC}" = protocol=6 | dir=in | app=c:\users\ryu\downloads\cnet2_powertab_zip.exe |
"{B43A1CA1-39B9-40BB-8A70-E5109EBE9CD1}" = protocol=6 | dir=out | app=system |
"{B4A1C827-33E0-4BA4-AB3B-52AAF3E75F5B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{B4FB3707-1F28-45FF-BE22-C5144773AD14}" = protocol=6 | dir=in | app=c:\users\ryu\downloads\musicconvertersetup.exe |
"{B530F118-536C-494D-977E-8EE6D6243749}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B74DD0EA-5726-4283-97A6-D0636F3B48D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB603D7B-6BC5-463A-971B-FB7FE9323E3A}" = protocol=17 | dir=in | app=c:\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{CB2B7D78-0FEE-4BEA-929E-9F5B6866727A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CEACE82A-48E4-4DC9-A18A-7369CF062E54}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{CF79D9BF-DAFF-4C82-BB07-49BA683E423C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CFF4BEBF-799D-42BF-AD3B-DE670FCDB38D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4B23AB3-8AE2-42B5-8035-615BF3CE54F7}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe |
"{D5FA181E-0074-4B3E-97B8-707D598EFA32}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DB917203-94FE-4750-B64A-08A68CCBF6DA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E309FFD3-406C-4A26-BF7C-7329E2B720A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E485C254-D242-4C59-BF8A-30CFD4B47466}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ECF7AF34-94CC-40CE-8FD1-06CF89FC289D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD7E8B5D-493B-4265-9278-EF3BAE4D8D14}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{125829BF-1F03-4A01-BBAC-2F39E8FAB077}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{35A3B42C-84E8-4A9E-8A39-858CC85DCD37}C:\users\ryu\desktop\redsn0w_win_0.9.10b1 (2)\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=6 | dir=in | app=c:\users\ryu\desktop\redsn0w_win_0.9.10b1 (2)\redsn0w_win_0.9.10b1\redsn0w.exe |
"TCP Query User{3654B2AA-CD9D-4178-BD44-86A92522BEB8}C:\users\ryu\downloads\tinyumbrella-5.11.01.exe" = protocol=6 | dir=in | app=c:\users\ryu\downloads\tinyumbrella-5.11.01.exe |
"TCP Query User{4EF1C3C7-C77A-46A4-8E69-079810ACAC1F}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{9B42DF19-02F0-4F81-8F3F-6D0C1348AEB1}C:\users\ryu\desktop\redsn0w_win_0.9.10b1 (1)\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=6 | dir=in | app=c:\users\ryu\desktop\redsn0w_win_0.9.10b1 (1)\redsn0w_win_0.9.10b1\redsn0w.exe |
"TCP Query User{9E815A25-4840-4D5B-92B6-30339C97D9B9}C:\program files (x86)\naver\line\line.exe" = protocol=6 | dir=in | app=c:\program files (x86)\naver\line\line.exe |
"TCP Query User{A14EA13F-9321-4565-A208-CA6FD6F95FC5}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"TCP Query User{BA9D5463-B4EA-4055-8824-19D9A8FA0E8B}C:\users\ryu\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\ryu\appdata\roaming\spotify\spotify.exe |
"TCP Query User{D43AC8A6-6623-4846-829D-FD8D0128CE76}C:\program files (x86)\keenai\eyefireceiver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\keenai\eyefireceiver.exe |
"TCP Query User{D5A3B46A-78B6-482B-B9F2-8EDF64E46E6F}C:\users\ryu\downloads\tinyumbrella-5.10.00.exe" = protocol=6 | dir=in | app=c:\users\ryu\downloads\tinyumbrella-5.10.00.exe |
"TCP Query User{F449BE66-2422-40A1-9FE1-1658E1697466}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F6D371E5-BB14-4007-9819-136D06B769C9}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"UDP Query User{0A932590-0369-4502-8D65-491A00AFDD09}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"UDP Query User{0DAD5C39-9189-42C3-96B8-D26886E7440A}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{20DA3568-5C17-4017-9A45-601103ACC1FB}C:\program files (x86)\naver\line\line.exe" = protocol=17 | dir=in | app=c:\program files (x86)\naver\line\line.exe |
"UDP Query User{21F71DCD-C959-41A0-BBC4-7A0CABC15293}C:\users\ryu\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\ryu\appdata\roaming\spotify\spotify.exe |
"UDP Query User{3364DD68-E5EA-48D3-9177-139509DCCD3D}C:\users\ryu\desktop\redsn0w_win_0.9.10b1 (2)\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=17 | dir=in | app=c:\users\ryu\desktop\redsn0w_win_0.9.10b1 (2)\redsn0w_win_0.9.10b1\redsn0w.exe |
"UDP Query User{47270B9E-58FB-4E5E-9C8C-420DFB12D260}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{A97FBA5F-615B-450C-A597-0F85B05149AC}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"UDP Query User{AE5CF6DC-0498-431D-A7C3-2D74D340C0B2}C:\users\ryu\desktop\redsn0w_win_0.9.10b1 (1)\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=17 | dir=in | app=c:\users\ryu\desktop\redsn0w_win_0.9.10b1 (1)\redsn0w_win_0.9.10b1\redsn0w.exe |
"UDP Query User{B8F30814-6B1C-41B7-BAC4-45750D86A7F8}C:\users\ryu\downloads\tinyumbrella-5.11.01.exe" = protocol=17 | dir=in | app=c:\users\ryu\downloads\tinyumbrella-5.11.01.exe |
"UDP Query User{DF7AB287-8F70-476B-B031-7F4ADC81E3A7}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{E0E314C7-D096-4A5B-979B-72EAB1DBBC68}C:\users\ryu\downloads\tinyumbrella-5.10.00.exe" = protocol=17 | dir=in | app=c:\users\ryu\downloads\tinyumbrella-5.10.00.exe |
"UDP Query User{E99343DF-879A-4862-8DFB-E3DBBEEF469B}C:\program files (x86)\keenai\eyefireceiver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\keenai\eyefireceiver.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416039FF}" = Java(TM) 6 Update 39 (64-bit)
"{3BF2C0A8-2C44-4A36-AA96-3BD6FB7BB01F}" = Windows Live Remote Client Resources
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{461BEC63-F84A-4A97-9671-6E581BA87FDD}" = Plugfree NETWORK
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{54C5B89F-0A8C-4C07-A51D-7380974DA459}" = Windows Live Remote Service Resources
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = ワンタッチボタン設定
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7BA0ECC1-2636-4169-9BF0-F49A1F7AAD87}" = 富士通起動ユーティリティ
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7C9F3BF5-8F5D-4278-819E-66A05B5DD937}" = Microsoft Camera Codec Pack
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{82AAA3CA-973A-4EC5-9CF6-2A33B58A4344}" = 富士通モビリティセンター拡張
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{90F60411-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) Japanese
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-011C-0411-1000-0000000FF1CE}" = Microsoft Office ナビ 2010
"{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}" = iTunes
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B351DC34-2758-492A-ADEE-66C17A61860E}" = PowerUtility - スケジュール機能
"{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}" = Apple Application Support（64 ビット）
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}" = Apple Mobile Device Support
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = 富士通拡張機能ユーティリティ
"{E9327EB0-7209-4E47-8EE2-999D5E567CAE}" = テレビ出力ユーティリティ
"CCleaner" = CCleaner
"EPSON PX-405A Series" = EPSON PX-405A Series プリンター アンインストール
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"Mozilla Firefox 56.0.2 (x64 ja)" = Mozilla Firefox 56.0.2 (x64 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{08CE84B1-CD6A-490B-A824-B9FED36A086B}" = かんたんデザイン工房
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22A1A1C1-CEEC-4911-B36F-121464642478}" = ゆったり設定２
"{236BB7C4-4419-42FD-0411-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F03217080FF}" = Java 7 Update 80
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29276E3F-15EF-49FC-9793-B07811C8059D}" = PC乗換ガイド
"{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1" = PhoneClean 3.3.0
"{3280C6F4-E3AC-45E5-8F57-F698F9357315}" = らくらく手書き入力
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3361D415-BA35-4143-B301-661991BA6219}" = MyEPSON Connect
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{34C266A2-F091-4F44-B62F-FD3AA1AFD5B5}" = Epson E-Photo Plug-in for PMB(Picture Motion Browser)
"{362E3F90-7937-4AA9-806D-0C40260C3D98}" = テレビNaviガジェット
"{378C547F-7AE3-467D-9E11-C888B026F62D}" = NetworkPlayer サーバー
"{37CEF18E-0428-4168-92AC-0C709B64B6A6}" = バッテリーユーティリティ
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3A554770-F7D2-42D7-99A0-511852DA2FC2}" = Epson E-Photo
"{3D1290E6-1F77-46D5-A715-A56679C8D4E3}" = Apple Application Support（32 ビット）
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.2.2.1
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{41938788-1E1C-4A8B-A1CD-F34C7A4D3E0D}" = セキュリティ対策ソフト選択
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5404DC-D8A5-455E-96D0-9F142DAACAE7}" = Epson E-Web Print
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{51FAA187-38A0-43CE-AD03-42108F503966}" = お手入れナビ
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR コンポーネント
"{5705EC66-E894-454D-A014-ADF1DF920C10}" = いつもNAVI PC
"{5AAE61FF-858E-453E-B8F3-944618149975}" = カスペルスキー インターネット セキュリティ
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61DF29D3-16FF-4C0D-00B2-C9A5B03BE7F5}" = Need for Speed Most Wanted
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{680979B2-3EAD-4219-B32C-7A6BC02B39F9}" = 読んde!!ココ パーソナル
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6910F36C-9746-48BA-9B49-57E57DEC1A18}" = e解説 Office 2010 教室
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7134EF35-DA07-41F8-A71F-66709E194BB5}" = Windows Live Mesh
"{739A853C-D71F-404B-9E6A-012D3918ED57}" = Adobe AIR
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7BDB76F1-79BA-47BC-BAD1-2C58BCB197AF}" = 読取革命Lite
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2J
"{82F4EA7F-BBBD-4860-A347-5EC89897C7A4}" = Inspirium辞書検索ライブラリ
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F00304-550B-4652-A12C-E301CB8B1EE4}" = スクリーンセーバー for FUJITSU PC
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E38F042-3863-43D6-9430-04B3610298C3}" = かんたんバックアップ
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F01524C-0676-4CC1-B4AE-64753C723391}" = Epson Event Manager
"{8F178A65-9254-45B8-A7A7-3A89F1BB2B45}" = Windows Live UX Platform Language Pack
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2010
"{90140000-0018-0411-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Japanese) 2010
"{90140000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2010
"{90140000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2010
"{90140000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2010
"{90140000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2010
"{90140000-00A1-0411-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Japanese) 2010
"{91140000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Essentials 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = NetworkPlayer
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824237067}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.22) - Japanese
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{B05B64BA-D9C8-47B9-A2CB-A1F8E796C843}" = Windows Live Messenger
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BAF0CA91-4642-46C8-9BCD-C93B61508701}" = リモート接続用の Windows Live Mesh ActiveX コントロール (日本語)
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}" = Apple Software Update
"{C24447C3-CACD-4ce3-BA95-1BE092E0C4F8}" = AzbyClubガジェットプログラム
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C8E4B31D-337C-483D-822D-16F11441669B}" = IndicatorUtility
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEA424EF-CB92-4A3C-94DA-7152F5550E79}" = Lightway 3.5
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A1B85E-328C-47C0-80EB-3AF2C567114E}" = 電子辞書
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{E902DA50-B519-4820-81C2-694226E23B2E}" = @niftyでブロードバンド
"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
"{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1" = PhoneClean 2.1.6
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F33C0717-8E04-4EB5-90C8-47221287DB4F}" = カスペルスキー セキュアコネクション
"{F7F60AC4-4B4B-48bd-A536-381F43DAED0E}" = AzbyClubツールバー
"{FAC61EC4-2B24-4237-A2D2-F26F5F867AC4}" = 富士通PC 辞書セット(広辞苑第六版+現代用語の基礎知識+学研パーソナル統合辞典)
"Adobe AIR" = Adobe AIR
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AVS Audio Editor_is1" = AVS Audio Editor version 7.0
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"CANON iMAGE GATEWAY 無料会員登録 MP960" = CANON iMAGE GATEWAY 無料会員登録 MP960
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON PX-405A Series Useg" = EPSON PX-405A Series ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ
"EPSON Scanner" = EPSON Scan
"Explzh" = Explzh for Windows
"FaceSave" = Sense YOU Technology 設定
"FileZilla Client" = FileZilla Client 3.28.0
"GetASFStream" = GetASFStream
"iFunbox_is1" = iFunbox (v4.0.4106.1352)
"InstallShield_{1C725459-5053-42A5-B22A-F3E91484DF65}" = ＠メニュー
"InstallShield_{22A1A1C1-CEEC-4911-B36F-121464642478}" = ゆったり設定２
"InstallShield_{29276E3F-15EF-49FC-9793-B07811C8059D}" = PC乗換ガイド
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{41938788-1E1C-4A8B-A1CD-F34C7A4D3E0D}" = セキュリティ対策ソフト選択
"InstallShield_{51FAA187-38A0-43CE-AD03-42108F503966}" = お手入れナビ
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = ワンタッチボタン設定
"InstallShield_{7BA0ECC1-2636-4169-9BF0-F49A1F7AAD87}" = 富士通起動ユーティリティ
"InstallShield_{82AAA3CA-973A-4EC5-9CF6-2A33B58A4344}" = 富士通モビリティセンター拡張
"InstallShield_{83F00304-550B-4652-A12C-E301CB8B1EE4}" = スクリーンセーバー for FUJITSU PC
"InstallShield_{B351DC34-2758-492A-ADEE-66C17A61860E}" = PowerUtility - スケジュール機能
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = IndicatorUtility
"InstallShield_{D1A1B85E-328C-47C0-80EB-3AF2C567114E}" = 電子辞書
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{DFEA0A70-42C9-43A2-9455-93EDAB702E4B}" = なるほどパソコン入門
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = 富士通拡張機能ユーティリティ
"InstallShield_{E9327EB0-7209-4E47-8EE2-999D5E567CAE}" = テレビ出力ユーティリティ
"InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}" = カスペルスキー インターネット セキュリティ
"InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}" = カスペルスキー セキュアコネクション
"kikin plugin (JDownloader Edition)" = kikin plugin (JDownloader Edition) 1.11
"MediaNavigation.CDDirectPrint" = らくちんCDダイレクトプリント for Canon
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 56.0.2 (x86 ja)" = Mozilla Firefox 56.0.2 (x86 ja)
"MyEPSON Connect" = MyEPSON Connect
"Navinow WebTool" = Navinow WebTool 1.0
"Office14.EssentialsR" = Microsoft Office Home and Business 2010
"Score Grapher View" = Score Grapher View V5.092
"SIGMA_PhotoPro" = SIGMA_PhotoPro 6.5.4
"TuxGuitar_0" = TuxGuitar 1.2
"VLC media player" = VLC media player
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.3.9
"Yahoo!Jツールバー" = Yahoo!ツールバー
"採譜の達人" = 採譜の達人

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2903308731-1194887573-1762437510-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite削除専用
"FoxTab Video To MP3" = FoxTab Video To MP3
"Google Chrome" = Google Chrome
"LINE" = LINE

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013/01/01 20:06:33 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3104

Error - 2013/01/01 20:06:33 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3104

Error - 2013/01/01 20:06:34 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2013/01/01 20:06:34 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4102

Error - 2013/01/01 20:06:34 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4102

Error - 2013/01/01 20:06:35 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2013/01/01 20:06:35 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5101

Error - 2013/01/01 20:06:35 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5101

Error - 2013/01/01 20:06:36 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2013/01/01 20:06:36 | Computer Name = ryu-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6177

[ System Events ]
Error - 2017/11/02 10:22:43 | Computer Name = ryu-PC | Source = Service Control Manager | ID = 7011
Description = Wlansvc サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2017/11/02 10:22:55 | Computer Name = ryu-PC | Source = DCOM | ID = 10010
Description =

Error - 2017/11/06 0:39:41 | Computer Name = ryu-PC | Source = Service Control Manager | ID = 7043
Description = Windows Update サービスは、プレシャットダウン コントロールを受け取った後に正しくシャットダウンされませんでした。

Error - 2017/11/06 0:42:27 | Computer Name = ryu-PC | Source = Service Control Manager | ID = 7009
Description = MyEPSON Connect Service サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2017/11/06 0:42:28 | Computer Name = ryu-PC | Source = Service Control Manager | ID = 7000
Description = MyEPSON Connect Service サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2017/11/06 0:46:10 | Computer Name = ryu-PC | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 2017/11/06 0:46:10 | Computer Name = ryu-PC | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 2017/11/06 0:46:10 | Computer Name = ryu-PC | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 2017/11/06 0:46:10 | Computer Name = ryu-PC | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 2017/11/06 0:50:40 | Computer Name = ryu-PC | Source = Service Control Manager | ID = 7022
Description = Intel(R) Management & Security Application User Notification Service
サービスは開始時にハングしました。


< End of report >

ログを確認いたしました。
カスペルスキーアンチウイルスの設定が「監視しない」に設定されています。
この状態ではセキュリティソフトが意味を成しておりません。

さて本題ですが、μTorrentが確認されております。
またInternet ExplorerやAppDataフォルダ内に現在も大量の感染が確認できています。
P2Pファイル共有ソフトの使用は利用規約違反となりますため、これ以上のご案内が出来かねます。
直ちに全HDD内の全データをフォーマットの上、Windowsのクリーンインストールを行ってください。

お返事ありがとうございます。
譲り受けたpcなのであまり把握ができていなかったです。すいません…。
大変お世話になりました。
感謝いたします。