悪代官の伏魔殿掲示板

自分がインストールしようとしていたものではなく、orbitumが入ってしまいました。知恵袋で、同じことをしてしまった質問者に宛てたIVNO様の回答を見つけ、ほとんど同じ作業をしました。

（ここから、IVNO様の回答のコピー）Orbit系をインストールしたのですね。
OrbitはGeekUninstallerで削除しても完全には消えません。
以下の手順で処置してもまだ残骸は残りますが、それでも一応手順を書いておきます。

以下のソフトウェアをご用意ください。
GeekUninstaller(以下GU)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
展開が完了した後のzipファイルは不要となりますので、そちらは削除を行ってください。
GU本体の削除を案内された際は、そのままごみ箱に処分してください。

PCをセーフモードで起動してください。
セーフモードでの起動は以下を参考になされてください。
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=017878

GUを起動させ、該当ソフトウェアを削除してください。
GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了すると自動的にスキャンが開始されますので、
スキャンが完了しましたらOKを押して削除を完了させてください。
GUでのアンインストールが完了しましたら、GUを終了させてください。
PCを通常モードで再起動させてください。
キーボードの左Ctrlと左Altの間にあるWindowsキーを押しながらRボタンを押します。
ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

cleanmgr

入力が完了しましたらエンターキーを押してください。
C:ドライブを選択してOKを押します。
スキャンが開始されますので完了するまでお待ちください。
スキャンが完了すると一覧が表示されますので、すべてにチェックを入れてOKを押してください。
ただし、OKを押すとごみ箱の中身を含めてすべて削除されますので、
ごみ箱の中に必要なファイルが入っている場合はご注意ください。
ディスクのクリーンアップが完了しましたらスタートボタンを右クリックし、コンピューターの管理をクリックします。
タスクスケジューラ→タスクスケジューラライブラリを開き、Orbitと書かれたものを探してください。
Orbit関連のものが見つかった場合、そちらをクリックして無効化→削除の順番で押して削除を行ってください。
削除が完了しましたら、PCを再起動させてください。
数時間程度通常通りに使用し、問題点の有無をご確認ください。

ここまでが応急処置となります。（引用はここまで）

一部異なる作業をしました。それは、geekのところでダブルクリックではなく「右クリック→強制的に削除(?)」で消した点です。ダブルクリックでは削除できなかったためです。
この処置をする前も後も、症状は出ていません。
「応急処置」と書いてあったので、この掲示板できちんとした処置ができたらと思い、投稿させていただきました。

私事になりますが、趣味で動画作成をしています。そして、それにはそこそこの時間をかけてます。そのため、リカバリーまでの猶予(?)はどの程度あるのかも教えていただけたら幸いです。
（作成はoffラインで作業できます）

このorbitumがどのような悪さをするのか全くの無知でして、、、こんなわがまま言ってすみません。

どうかよろしくお願いします。

※画像は使用しているコンピューターの情報です

これはHijackThisの結果です。ただ、このソフトがスキャンを始める前に、この写真に載せたメッセージが出てきました。

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:25:38, on 2017/02/25
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\【ユーザー名】\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\【ユーザー名】\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.digi-c.com
O15 - Trusted Zone: http://*.digi-c.com
O15 - Trusted Zone: *.microsoft.com
O15 - Trusted Zone: http://*.microsoft.com
O15 - Trusted Zone: *.streaming-hls.toshin.com.edgesuite.net
O15 - Trusted Zone: http://*.streaming-hls.toshin.com.edgesuite.net
O15 - Trusted Zone: *.streaming-ss.toshin.com.edgesuite.net
O15 - Trusted Zone: http://*.streaming-ss.toshin.com.edgesuite.net
O15 - Trusted Zone: *.toshin.com
O15 - Trusted Zone: http://*.toshin.com
O15 - Trusted Zone: *.yotsuyaotsuka.com
O15 - Trusted Zone: http://*.yotsuyaotsuka.com
O15 - Trusted Zone: *.yotsuyaotsuka.net
O15 - Trusted Zone: http://*.yotsuyaotsuka.net
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem23.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem39.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundataion Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Speed Wi-Fi Next setting tool - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem41.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem41.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11851 bytes

これはCCleaner→スタートアップ→Windows の結果です

有効 HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\【ユーザー名】\AppData\Local\Microsoft\BingSvc\BingSvc.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
有効 HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run ProductUpdater C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
有効 HKLM:Run WindowsDefender "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

これは　CCleaner→スタートアップ→スケジュールされたタスク　の結果です

有効 Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task OneDrive Standalone Update Task C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

これは　CCleaner→スタートアップ→コンテキストメニュー　の結果です

有効 Directory 7-Zip
有効 Directory Offline Files
有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File 7-Zip
有効 File ANotepad++64
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File {4A7C4306-57E0-4C0C-83A9-78C1528F618C}
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Folder Offline Files

これは　CCleaner→ブラウザプラグイン→InternetExplorerの結果です

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll

これは　CCleaner→ブラウザプラグイン→Firefox　の結果です

無効 Extension Bing Search 1.0.0.6 Microsoft Corporation default Firefox 45.0.1 C:\Users\大石芳樹\AppData\Roaming\Mozilla\Firefox\Profiles\sde30y62.default\extensions\bingsearch.full@microsoft.com.xpi
有効 Extension Firefox Hello Beta 0.1 Mozilla default Firefox 45.0.1 C:\Program Files (x86)\Mozilla Firefox\browser\features\loop@mozilla.org.xpi
有効 Plugin Adobe Acrobat 11.0.15.2 default Firefox 45.0.1 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
有効 Plugin Google Update 1.3.29.5 default Firefox 45.0.1 C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 4.0.68.0 Intel Corporation default Firefox 45.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.68.0 Intel Corporation default Firefox 45.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 45.0.1 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 45.0.1 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin OpenH264 Video Codec 1.5.3 Mozilla Corporation default Firefox 45.0.1 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\sde30y62.default\gmp-gmpopenh264\1.5.3\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 15 Adobe Systems Inc default Firefox 45.0.1 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\sde30y62.default\gmp-eme-adobe\15\eme-adobe.dll
有効 Plugin Silverlight Plug-In 5.1.41212.0 default Firefox 45.0.1 c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

これは　CCleaner→ブラウザプラグイン→Google Chrome　の結果です

有効 App Gmail 8.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App Google 検索 0.0.0.19 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Docs 0.0.0.6 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
有効 Extension Google スプレッドシート 1.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0

こんばんは、IVNOと申します。
色々ともらっているのはログが不足している現状でも分かるのですが、
どうやらご利用なされている動画配信のために準備したソフトウェアが感染源のようです。
そして上記のとおりそっちのログも必要となるのですが、実はそれの前に取得いただくログが1つあるのです。
ですので追加のログ取得をお願いいたします。

CCleaner(以下CC)を起動させ、ツール→インストール情報を表示してテキストとして保存を押してください。
保存したログを貼り付けてご連絡ください。

こんばんは。
本館管理人の悪代官です。

MLSさんに案内です。
投稿されたログ内に、ユーザー名が表示されていたのでそこは自分のほうで編集しました。

>C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe

>C:\Users\【ユーザー名】\AppData\Local\Microsoft\BingSvc\BingSvc.exe

>O4 - HKCU\..\Run: [OneDrive] "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

>O4 - HKCU\..\Run: [BingSvc] C:\Users\【ユーザー名】\AppData\Local\Microsoft\BingSvc\BingSvc.exe

>有効 Task OneDrive Standalone Update Task C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe

他にも複数の箇所で同様に出ています。
次回レス時以降は投稿前にログを確認して、ユーザー名にあたるところは伏せてから投稿してください。
本名を含む身元特定可能な情報はネット上に公開しないほうがいろいろな意味で安全です。

編集が遅くなってごめんなさい

悪代官様、ご丁寧にありがとうございます。本当に助かりました。以後気を付けます

IVNO様、返信ありがとうございます。
（このコンピューターは、プライベート用です。言い忘れていました。）
以下に不足しているログを張ります

3D Builder Microsoft Corporation 2016/12/04 12.0.3131.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2017/02/24 436 MB 15.023.20070
Apple Application Support（32 ビット） Apple Inc. 2016/07/26 172 MB 4.3.2
Apple Application Support（64 ビット） Apple Inc. 2016/07/26 190 MB 4.3.2
Apple Mobile Device Support Apple Inc. 2016/03/24 56.6 MB 9.3.0.15
Apple Software Update Apple Inc. 2016/03/24 5.39 MB 2.2.0.150
Bonjour Apple Inc. 2016/03/24 4.03 MB 3.1.0.1
Candy Crush Soda Saga king.com 2017/02/04 1.82.900.0
CCleaner Piriform 2017/02/25 5.27
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2016/03/11 5.61 MB 7.6.3.1
ESET Smart Security ESET, spol. s r.o. 2016/04/18 246 MB 9.0.349.19
Freemake Video Converter バージョン 4.1.9 Ellora Assets Corporation 2016/09/24 79.0 MB 4.1.9
Game Maker 8.0 2017/02/15
GIMP 2.8.18 The GIMP Team 2016/08/05 282 MB 2.8.18
Google Chrome Google Inc. 2016/03/23 320 MB 56.0.2924.87
Groove ミュージック Microsoft Corporation 2017/02/23 10.17012.10301.0
iCloud Apple Inc. 2016/08/13 163 MB 5.2.2.87
Intel(R) Management Engine Components Intel Corporation 2016/03/11 11.0.0.1163
Intel(R) Processor Graphics Intel Corporation 2016/11/23 20.19.15.4531
Intel(R) WiDi Intel Corporation 2016/03/11 102 MB 6.0.44.0
iTunes Apple Inc. 2016/08/13 282 MB 12.4.3.1
Lenovo Companion LENOVO INC. 2017/01/21 3.66.1.0
Lenovo Power Management Driver Lenovo 2016/10/02 10.2 MB 1.67.10.20
Lenovo QuickOptimizer Lenovo 2016/03/11 23.2 MB 1.0.019.00
Lenovo Settings LENOVO INCORPORATED. 2017/01/21 3.145.0.0
Lenovo Solution Center Lenovo 2016/03/11 217 MB 3.2.002.00
Lenovo System Interface Foundation Lenovo 2017/02/20 11.4 MB 1.0.070.04
Lenovo アカウント・ポータル LENOVO INCORPORATED. 2017/02/03 2.0.32.0
LINE LINE Corporation 2017/02/03 5.4.7.0
Metasequoia 4 (64bit) tetraface Inc. 2016/03/18 360 MB 4.5.4
MetasequoiaLE R3.0 2017/02/20 781 MB
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2017/02/20 1.58 GB 15.0.4893.1002
Microsoft OneDrive Microsoft Corporation 2017/01/28 84.7 MB 17.3.6743.1212
Microsoft Silverlight Microsoft Corporation 2016/10/19 101 MB 5.1.50901.0
Microsoft Solitaire Collection Microsoft Studios 2017/02/21 3.15.2140.0
Microsoft Sticky Notes Microsoft Corporation 2017/02/10 1.6.2.0
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2016/03/17 1.63 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/03/27 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2016/05/20 4.78 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/05/20 4.14 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/03/27 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/03/27 18.3 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/10/02 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/10/02 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2016/10/02 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 Microsoft Corporation 2016/10/02 18.6 MB 14.0.23026.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2016/10/02 1.54 MB 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2016/10/02 1.54 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 2016/10/02 1.1604.4.0
Mozilla Firefox 45.0.1 (x86 ja) Mozilla 2016/10/02 88.4 MB 45.0.1
Mozilla Maintenance Service Mozilla 2016/10/02 231 KB 45.0.1
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2017/02/03 4.0.18.0
OneNote Microsoft Corporation 2017/02/21 17.7870.57621.0
People Microsoft Corporation 2017/02/03 10.1.3410.0
PrintMusic 2010J MakeMusic 2016/10/02 15.0.1.1
PrintMusic 2014J MakeMusic 2016/10/02 2014.1.1258.0
QuickTime 7 Apple Inc. 2016/03/17 115 MB 7.79.80.95
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/10/04 17.3 MB 6.0.1.7554
Runtime x64 for Power Manager 2016/03/11
Runtime x86 for Power Manager 2016/09/20
Skype プレビュー Skype 2017/02/23 11.11.110.0
Speed Wi-Fi Next setting tool Huawei Technologies Co.,Ltd 2016/10/02 22.001.26.09.824
Store Purchase App Microsoft Corporation 2016/10/03 11608.1000.2431.0
Sway Microsoft Corporation 2017/02/10 17.7870.45131.0
ThinkPad OneLink Dock Lenovo 2016/03/11 39.7 MB 1.08.35
Thinkpad USB Ethernet Adapter Driver Lenovo 2016/03/11 1.37 MB 10.1.506.2015
Twitter Twitter Inc. 2017/02/24 5.5.1.0
Ut Video Codec Suite UMEZAWA Takeshi 2017/01/05 928 KB 17.2.0
Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0) Synaptics FP Sensors 2016/10/02 11/27/2015 4.5.503.0
Xbox Microsoft Corporation 2017/02/15 24.26.14000.0
Xbox Identity Provider Microsoft Corporation 2016/10/03 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/18 1.0.10332.0
アプリ コネクター Microsoft Corporation 2016/10/02 1.3.3.0
アラーム & クロック Microsoft Corporation 2017/02/03 10.1701.10103.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2016/03/11 5.14 MB 17.1.1525.1443
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2016/12/05 232 MB 19.1.0
カメラ Microsoft Corporation 2017/02/21 2017.125.40.0
ストア Microsoft Corporation 2017/02/03 11610.1001.25.0
スポーツ Microsoft Corporation 2016/12/17 4.18.37.0
ニュース Microsoft Corporation 2016/12/26 4.18.41.0
ヒント Microsoft Corporation 2017/02/16 4.5.6.0
フィードバック Hub Microsoft Corporation 2017/02/10 1.1612.10312.0
フォト Microsoft Corporation 2017/02/24 17.214.10010.0
ボイス レコーダー Microsoft Corporation 2017/02/15 10.1702.301.0
マップ Microsoft Corporation 2016/12/17 5.1611.3342.0
マネー Microsoft Corporation 2016/12/17 4.18.37.0
メッセージング Microsoft Corporation 2016/10/02 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/02/23 17.7912.40507.0
モバイル コンパニオン Microsoft Corporation 2016/10/02 10.1609.2561.0
ユーザサポートツール 学力POS 2016/03/23 2.49 MB 1.3.0
天気 Microsoft Corporation 2016/12/17 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2017/02/17 17.7909.7600.0
映画 & テレビ Microsoft Corporation 2017/02/24 10.17012.10301.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2016/10/03 1.1607.6.0
電卓 Microsoft Corporation 2017/02/15 10.1702.312.0
電話 Microsoft Corporation 2016/10/02 2.17.27003.0

ログはここまでです

よろしくお願いします。

おはようございます。
続きの情報ログもみせてもらいました。

今回の異常は下記アプリを入れたことによる疑いが大です。
>Freemake Video Converter バージョン 4.1.9 Ellora Assets Corporation 2016/09/24 79.0 MB 4.1.9

これは性能だけなら高性能と言われる無償のマルチメディア系アプリですが、Freemake系は著作権に抵触する問題点も指摘されており、少なくとも自分からは使用はお勧めしません。使うならそれによるいかなトラブルもすべて自己責任、自力解決の覚悟が必要です。

それだけでなくFreemake系はダウンロードしたサイトにもよりますが、かなり悪質な挙動の別アプリを同梱されることも多く、それらの「おまけアプリ」によるトラブルは当掲示板以外でも連日ネット上に相談と報告が挙がってます。
しかもそれらは一度PC内にいれてしまうと普通にアンインストールしただけではきれいには消えず、手間を覚悟で手動目視作業しないと解決できませんがそれも結構手間は避けられません。

手間を厭わず作業にかかれば解決は可能ですが、調べていくと更に悪質な感染や問題点が見つかり、結局は安全優先の観点からリカバリでの対処を指示したことも多いほどです。

更にはインストールしたFreemakeアプリ自体が改変を施されていたのか、それ自体がマルウェア的挙動や性質していることもあちこちで見られ、PCに明るい有識者の間では到底安全に使えるとは思わないほうが良い代物との評価が多数です。

ログを見るとFreemake以外に他の問題点はいくつもあり、このあと腰を据えて解析していけばまだまだ隠れているモノが大量に見つかるのも間違いないでしょう。

該当のPCはお勉強にも使っているように見える点から、MLSさんは学生さんでしょうか。
ログを見ての判断ですが、安全優先の意味から今回は一度PCのリカバリ（初期化）をお勧めします。
ただでさえ悪評高いFreemakeによる問題点だけでも楽観視できませんがそれ以外の感染も可能性大である以上下手に時間かけて調べてからひとつずつ処置していくのは手間と時間のうえから傷口を広げるおそれがあります。
まずは必要なデータ等のバックアップしたうえで、それが済み次第すみやかにリカバリです。

リカバリできたら今度はWindowsUpdateやセキュリティソフトを含む各種更新も全部最新状態まで更新してください。
更新する対象がなくなったらそこで最新状態のアンチウイルスソフトでフルスキャンして、感染や異常が見つからなければリカバリ成功です。

リカバリ前のPCで入力したことのある各種パスワード等はみな変更もしておいてください。
特にネットショッピング、バンキングでもしたことがあればその情報は最優先で変更必須です。
ひとつでも抜かれていたらそれによる2次3次被害も起きます。
またFreemake系や、信頼できない経緯、怪しいサイト等から入手したファイルやアプリ類はバックアップせず即時破棄推奨です。
バックアップは完全に信頼できるファイルだけにしましょう。
当然怪しいものはリカバリ後は手を出さないことも覚えておきましょう。

リカバリとその後のスキャンもできたら、そこで再度HJTログとCCのインストール情報と各タブのログを取り直して、それらをリカバリ後の状態報告とともにレスください。
よほど手順を間違ったりしなければその時点で異常は消えているはずですが、まだ見落としがあるといけないのでリカバリ後の確認と必要な対処もしていきましょう。

あと、HJTログの取得時に出た画面ですが、それはHJTでのスキャンがWindows正規のhostsファイルにアクセスしたのをWindows側が過剰反応して出た警告表示ですが、その表示は無視して進めて構いません。

焦らなくていいので落ち着いてひとつずつリカバリ準備と作業にかかってください

遅くなってすみません。

初期化は二種類あったのですが、個人用ファイルを残し初期化しました。

すると、いろいろなファイルは残ってましたが、freemakerも含めアプリは無くなっていました。

無料版ESETをいれて検査すると、orbitumとfreemakerの「setup」(消し忘れ)　が引っ掛かりました。駆除したのち、もう一度検査すると「脅威は０」となりました。

思っていたより甘い(?)初期化だったので、「すべて初期化」すべきか…と思ったのですが、一度ログを見てもらうことに決めました。よろしくお願いします。

以下ログのコピーです


(hijackthisのログです)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:54, on 2017/02/26
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKCU\..\Run: [OneDrive] "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6381.0405\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6381.0405] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6381.0405"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: McAfee Application Installer Cleanup (0000681488095709) (0000681488095709mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\000068~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Internet Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @oem20.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem47.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundataion Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee Service Controller (mfemms) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe (file missing)
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem39.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem39.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8699 bytes

(ここまで)


ここから　CC　インストール情報です

3D Builder Microsoft Corporation 2017/02/26 11.0.47.0
Candy Crush Soda Saga king.com 2017/02/26 1.84.700.0
CCleaner Piriform 2017/02/26 5.27
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2016/03/11 2.80 MB 7.6.3.1
ESET Internet Security ESET, spol. s r.o. 2017/02/26 131 MB 10.0.369.3
Facebook Facebook Inc 2017/02/26 77.754.22711.0
Google Chrome Google Inc. 2017/02/26 56.0.2924.87
Groove ミュージック Microsoft Corporation 2017/02/26 10.17012.10301.0
Houzz Houzz Inc. 2017/02/26 1.1.18.0
Integrated Camera Realtek Semiconductor Corp. 2017/02/26 19.5 MB 10.0.10240.11126
Intel(R) Management Engine Components Intel Corporation 2016/03/11 11.0.0.1163
Intel(R) Processor Graphics Intel Corporation 2017/02/26 20.19.15.4531
Intel(R) WiDi Intel Corporation 2016/03/11 51.4 MB 6.0.44.0
Lenovo BatteryGauge Lenovo 2016/03/11 3.98 MB 1.0.021.00
Lenovo Companion Lenovo, INC. 2017/02/26 3.37.0.0
Lenovo ID LENOVO INCORPORATED. 2017/02/26 1.5.0.0
Lenovo Power Management Driver Lenovo 2017/02/26 10.2 MB 1.67.10.20
Lenovo QuickOptimizer Lenovo 2016/03/11 12.3 MB 1.0.019.00
Lenovo Scaling Utility Lenovo 2017/02/26 450 KB 3.10
Lenovo Settings LENOVO INCORPORATED. 2017/02/26 3.47.0.0
Lenovo Solution Center Lenovo 2016/03/11 145 MB 3.2.002.00
Lenovo System Interface Foundation Lenovo 2017/02/26 6.62 MB 1.0.066.01
Lenovo オン スクリーン表示 Lenovo 2017/02/26 56.0 MB 8.79.10
LINE LINE Corporation 2017/02/26 5.4.7.0
Microsoft OneDrive Microsoft Corporation 2017/02/26 84.7 MB 17.3.6743.1212
Microsoft Solitaire Collection Microsoft Studios 2017/02/26 3.9.5100.0
Microsoft Sticky Notes Microsoft Corporation 2017/02/26 1.0.136.0
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/02/26 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/02/26 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/02/26 20.5 MB 12.0.30501.0
Minecraft: Windows 10 Edition Microsoft Studios 2017/02/26 1.0.312.0
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2017/02/26 3.2.0.1
OneNote Microsoft Corporation 2017/02/26 17.6868.57981.0
People Microsoft Corporation 2017/02/26 10.0.11902.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/02/26 6.0.1.7554
Royal Revolt 2 flaregames GmbH 2017/02/26 2.7.0.2
Skype プレビュー Skype 2017/02/26 11.4.86.0
Store Purchase App Microsoft Corporation 2017/02/26 1.0.45.0
ThinkPad OneLink Dock Lenovo 2016/03/11 45.9 MB 1.08.35
ThinkPad Settings Dependency Lenovo 2016/03/11 74.5 MB 3.0.0.17
Thinkpad USB Ethernet Adapter Driver Lenovo 2016/03/11 10.1.506.2015
Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0) Synaptics FP Sensors 2017/02/26 11/27/2015 4.5.503.0
Xbox Microsoft Corporation 2017/02/26 24.26.14000.0
Xbox Identity Provider Microsoft Corporation 2017/02/26 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/26 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/02/26 10.1605.1742.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2016/03/11 2.57 MB 17.1.1525.1443
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2017/02/26 346 MB 19.1.0
カメラ Microsoft Corporation 2017/02/26 2017.125.40.0
ストア Microsoft Corporation 2017/02/26 11610.1001.25.0
ニュース Microsoft Corporation 2017/02/26 4.18.41.0
ヒント Microsoft Corporation 2017/02/26 4.5.6.0
フィードバック Hub Microsoft Corporation 2017/02/26 1.1612.10312.0
フォト Microsoft Corporation 2017/02/26 17.214.10010.0
ボイス レコーダー Microsoft Corporation 2017/02/26 10.1605.1622.0
マップ Microsoft Corporation 2017/02/26 5.1603.1830.0
メッセージング Microsoft Corporation 2017/02/26 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/02/26 17.7920.40507.0
天気 Microsoft Corporation 2017/02/26 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2017/02/26 17.6801.23751.0
映画 & テレビ Microsoft Corporation 2017/02/26 3.6.19281.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2017/02/26 1.1605.17.0
電卓 Microsoft Corporation 2017/02/26 10.1605.1582.0
電話 Microsoft Corporation 2017/02/26 1.10.23004.0

（ここまで）

ここから　CC　startup windowsです

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:RunOnce Uninstall 17.3.6381.0405 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6381.0405"
有効 HKCU:RunOnce Uninstall 17.3.6381.0405\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
有効 HKLM:Run RtsCM RTSCM64.EXE

（ここまで）

ここから　CC startup スケジュールされたタスクです

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

（ここまで）

ここから　CC startup コンテキストメニュー　です

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll

（ここまで）

ここから　CC　ブラウザプラグイン　InternerExplorer　です

（ここまで）※なにもかかれていませんでした


ここから　CC　ブラウザプラグイン　GoogleChrome　です

有効 App Gmail 8.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.4 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0

（ここまで）

作業と報告、ご苦労様です。
その後のログを見せてもらいましたが、

>初期化は二種類あったのですが、個人用ファイルを残し初期化しました。

>すると、いろいろなファイルは残ってましたが、freemakerも含めアプリは無くなっていました。

>無料版ESETをいれて検査すると、orbitumとfreemakerの「setup」(消し忘れ)　が引っ掛かりました。駆除したのち、もう一度検査すると「脅威は０」となりました。

ちょっと確認ですが、そのリカバリは「OneKey Recovery」で行いましたか？
その操作は「かんたんリカバリ」ともばれる簡易リカバリ機能です。

これは本来のリカバリとは違い、何かの事情でシステムがバグった時に以前の状態に復元することが可能な機能です。
ですが復元する時点のPC状態が正常でなかった場合は、当然ながら正常でない状態のまま復元してしまうことになります。

これに対して本来のリカバリはHDD内の各パーティション（Cドライブ、またはDドライブを含む全ドライブ）内の個人データを含む全データを消去したうえでPC購入時（出荷時）の初期状態に戻します。

前述のかんたんリカバリではちょっとした異常なら復元できる可能性もありますが、PC内の深い部分に食い込んだ以上もしくは感染があるときは修正できません。

作業後のログを見てもPC出荷時と言うより、2月26日あたりに復元したように見えますが、どちらのリカバリ実行したかを教えてもらえますか。
もしOneKey Recoveryで作業したなら安全上十分処置できていない可能性が高いので、その場合は本来のリカバリを再度実行してもらうことになるでしょう。
レノボのPCなら型番（機種）にもよりますがHDD内のリカバリ領域からリカバリ機能を起動するか、またはリカバリディスクを光学ドライブに入れて起動するかのどちらかでしょう。

PC購入時の取り扱い説明書に沿ってリカバリしたならそのことを教えてください

この前セーフモードで立ち上げる際に、「初期化」という項目を発見しまして、、、このことだと思い込んでいました。

（シフトキーを押しながら「再起動」をクリック→トラブルシューティング→初期化→個人ファイルを残して初期化）

今調べたところ、このコンピューターはUSBフラッシュメモリを使って　回復ドライブをつくるそうです。
やり直します！ありがとうございます

今回の初期化で、マルウエアをうまく取り除けたでしょうか。

ログを張っていきます

hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:42, on 2017/02/28
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\miroc\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKCU\..\Run: [OneDrive] "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6381.0405\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6381.0405] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: McAfee Application Installer Cleanup (0211861488272760) (0211861488272760mcinstcleanup) - Unknown owner - C:\Windows\TEMP\021186~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Internet Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @oem26.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundataion Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee Service Controller (mfemms) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe (file missing)
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @oem53.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem53.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\Windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8510 bytes

（ここまで）


CC インストール情報　

3D Builder Microsoft Corporation 2017/02/28 12.0.3131.0
Candy Crush Soda Saga king.com 2017/02/28 1.84.700.0
CCleaner Piriform 2017/02/28 5.27
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2016/03/11 2.80 MB 7.6.3.1
ESET Internet Security ESET, spol. s r.o. 2017/02/28 131 MB 10.0.369.3
Facebook Facebook Inc 2017/02/28 77.754.22711.0
Groove ミュージック Microsoft Corporation 2017/02/28 10.17012.10301.0
Houzz Houzz Inc. 2017/02/28 1.1.18.0
Integrated Camera Realtek Semiconductor Corp. 2017/02/28 19.5 MB 10.0.10240.11126
Intel(R) Management Engine Components Intel Corporation 2016/03/11 11.0.0.1163
Intel(R) Processor Graphics Intel Corporation 2017/02/28 10.18.15.4256
Intel(R) WiDi Intel Corporation 2016/03/11 51.4 MB 6.0.44.0
Lenovo BatteryGauge Lenovo 2016/03/11 3.98 MB 1.0.021.00
Lenovo Companion LENOVO INC. 2017/02/28 3.66.1.0
Lenovo Power Management Driver Lenovo 2017/02/28 10.2 MB 1.67.10.20
Lenovo QuickOptimizer Lenovo 2016/03/11 12.3 MB 1.0.019.00
Lenovo Scaling Utility Lenovo 2017/02/28 450 KB 3.10
Lenovo Settings LENOVO INCORPORATED. 2017/02/28 3.148.0.0
Lenovo Solution Center Lenovo 2016/03/11 145 MB 3.2.002.00
Lenovo System Interface Foundation Lenovo 2016/03/11 5.03 MB 1.0.051.02
Lenovo アカウント・ポータル LENOVO INCORPORATED. 2017/02/28 2.0.32.0
Lenovo オン スクリーン表示 Lenovo 2017/02/28 56.0 MB 8.79.10
LINE LINE Corporation 2017/02/28 5.4.7.0
Microsoft OneDrive Microsoft Corporation 2017/02/28 84.7 MB 17.3.6743.1212
Microsoft Solitaire Collection Microsoft Studios 2017/02/28 3.15.2140.0
Microsoft Sticky Notes Microsoft Corporation 2017/02/28 1.6.2.0
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/02/28 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/02/28 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/02/28 20.5 MB 12.0.30501.0
Minecraft: Windows 10 Edition Microsoft Studios 2017/02/28 1.0.312.0
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2017/02/28 4.0.18.0
OneNote Microsoft Corporation 2017/02/28 17.7870.57621.0
People Microsoft Corporation 2017/02/28 10.1.3410.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/02/28 6.0.1.7554
Royal Revolt 2 flaregames GmbH 2017/02/28 2.7.0.2
Skype プレビュー Skype 2017/02/28 11.11.110.0
Store Purchase App Microsoft Corporation 2017/02/28 11608.1000.2431.0
Synaptics Pointing Device Driver Synaptics Incorporated 2017/02/28 46.4 MB 19.0.17.27
ThinkPad OneLink Dock Lenovo 2016/03/11 45.9 MB 1.08.35
ThinkPad Settings Dependency Lenovo 2016/03/11 74.5 MB 3.0.0.17
Thinkpad USB Ethernet Adapter Driver Lenovo 2016/03/11 10.1.506.2015
Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0) Synaptics FP Sensors 2017/02/28 11/27/2015 4.5.503.0
Xbox Microsoft Corporation 2017/02/28 24.26.14000.0
Xbox Identity Provider Microsoft Corporation 2017/02/28 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/28 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/02/28 10.1701.10103.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2016/03/11 2.57 MB 17.1.1525.1443
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2017/02/28 303 MB 18.20.0
カメラ Microsoft Corporation 2017/02/28 2017.125.40.0
ストア Microsoft Corporation 2017/02/28 11610.1001.25.0
ニュース Microsoft Corporation 2017/02/28 4.18.41.0
ヒント Microsoft Corporation 2017/02/28 4.5.6.0
フィードバック Hub Microsoft Corporation 2017/02/28 1.1612.10312.0
フォト Microsoft Corporation 2017/02/28 17.214.10010.0
ボイス レコーダー Microsoft Corporation 2017/02/28 10.1702.301.0
マップ Microsoft Corporation 2017/02/28 5.1611.3342.0
メッセージング Microsoft Corporation 2017/02/28 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/02/28 17.7920.40507.0
天気 Microsoft Corporation 2017/02/28 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2017/02/28 17.7909.7600.0
映画 & テレビ Microsoft Corporation 2017/02/28 10.17012.10301.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2017/02/28 1.1607.6.0
電卓 Microsoft Corporation 2017/02/28 10.1702.312.0
電話 Microsoft Corporation 2017/02/28 1.10.23004.0

（ここまで）


CC　スタートアップ　Windows

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:RunOnce Uninstall 17.3.6381.0405 Microsoft Corporation C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405"
有効 HKCU:RunOnce Uninstall 17.3.6381.0405\amd64 Microsoft Corporation C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
有効 HKLM:Run RtsCM RTSCM64.EXE

（ここまで）



CC　スタートアップ　スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 Task RtHDVBg_LENOVO_MICPKEY Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
有効 Task RTKCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 Task RtsCM Realtek Semiconductor Corp. %windir%\RtsCM64.exe

（ここまで）



CC　スタートアップ　コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll

（ここまで）



CC　ブラウザプラグイン　InternerExplorer

（ここまで）　なにも書かれていませんでした




よろしくお願いします
そして、いつもありがとうございます

作業と報告、ご苦労様です。
現在のログもみせてもらいましたが、今度はリカバリもできたようですね。
異常も出てないと思いますが、ログでは少しばかりまだゴミが残ってるのでそれも含めて少し掃除かかりましょうか。

まずHJTを起動して再度スキャンした後、表示された中の下記エントリをfixしてください。
O23 - Service: McAfee Application Installer Cleanup (0211861488272760) (0211861488272760mcinstcleanup) - Unknown owner - C:\Windows\TEMP\021186~1.EXE (file missing)

O23 - Service: McAfee Service Controller (mfemms) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe (file missing)

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

見てわかるかと思いますがマカフィーの残骸です。
現在はESETをお使いなら残しておく必要もないので掃除します。
間違って他のエントリをいじらないようによく見て処置してください。

HJTを終了したら今度は以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです。

おそらくですがもう感染はないとは思いますが、今後の再被害を防ぐために自衛の面で不備が残っていたらザルで水を汲むように危険もすぐに襲ってきます。
このOTLスキャンの結果ログを解析して、それでも問題がなくなっていればヤマも越えられるかと思います

まず、Extrasです

OTL Extras logfile created on: 2017/02/28 22:32:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miroc\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 5.38 Gb Available Physical Memory | 68.29% Memory free
9.76 Gb Paging File | 7.47 Gb Available in Paging File | 76.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 197.62 Gb Free Space | 83.30% Space Free | Partition Type: NTFS
Drive D: | 29.81 Gb Total Space | 18.98 Gb Free Space | 63.67% Space Free | Partition Type: FAT32

Computer Name: DESKTOP-4SGAMEK | User Name: miroc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C9 FF AA 65 9F 91 D2 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01526197-0B58-4308-A4CA-B8ABC11EBD08}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{025A9213-2FFC-44B9-932C-25E6A3CF9DEA}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{057CDCE0-3491-4979-A822-A09805E93A25}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{05A0C478-407D-471B-84EC-6B6FE649F9E1}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{06B24FFE-7581-41D7-98E8-B662DF169766}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{073C1390-4539-411B-9A2F-C9A0A7F0CE60}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{0859249F-49B8-4232-A8D3-66EDBCE99AA9}" = dir=out | name=my time line |
"{0E9C55A4-1721-46A5-B870-FDE4D3820CCE}" = dir=in | name=line |
"{0FCF0FF5-E3BE-44EB-B87F-057AC7C61052}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1537B2EA-DDAE-449B-834D-D65F5F953C13}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{179EA137-756F-4AFD-95D7-F86A296D2F1D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{18CDEDDD-79A9-472D-9080-255CC2252A35}" = dir=out | name=windows_ie_ac_001 |
"{19229055-6D89-492C-B6BC-2618A433E505}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1A770304-3CC3-473C-B93C-E5561117392B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1DDDC7A0-B167-4378-AA1F-F780E49351CD}" = dir=out | name=@{e046963f.lenovocompanion_3.66.1.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{1F9E9B28-DB26-4492-B1B9-EDF01408D250}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{224CA255-5156-41C4-BFA1-07EC3F2CB390}" = dir=in | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{23A2E89A-FC79-4400-B091-992F3B403A4B}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{2902D294-DE34-4D9D-96B4-03EB708DDB36}" = dir=out | name=onenote |
"{33364DD6-CFF4-4B6F-A12E-7208D0E6E03F}" = dir=out | name=lenovo settings |
"{39D30097-34BB-4831-B56D-17ED24FF0D5C}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{4256A3BF-B55D-4DA9-AC00-E2FD7EFA3069}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{43B4AAAC-A207-4F63-BD17-A4B459979FC6}" = dir=out | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4467655D-4E9D-469F-ADF9-2EC5C870F992}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{49AA2A41-1E44-4D53-B130-8BEA00C445E6}" = dir=in | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4BAF651F-8855-45AF-9B48-A01E740C1014}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{4ED115CB-9EEC-4476-BC79-23472ED90308}" = dir=out | name=@{lenovocorporation.lenovoid_2.0.32.0_x86__4642shxvsv8s2?ms-resource://lenovocorporation.lenovoid/resources/displayname} |
"{506A8B78-8B5F-41BA-95E3-9FEB776C0FD1}" = dir=in | name=onenote |
"{5B182C27-322A-4C01-A72E-E511C14CFCF4}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{5CE3F0E8-9C4A-45EB-ACBA-455C23CA511C}" = dir=out | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{5D0D123F-AADC-4CF6-92D6-FC1F82E1DEAA}" = dir=in | name=royal revolt 2 |
"{626CC166-A03E-4A9F-99F2-BBE72A13F865}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{63DDE79B-8367-4AE8-B3BA-D102B92CAE94}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{64E1558B-BEF8-433D-814B-6BFEF916E375}" = dir=out | name=line |
"{65E10347-8092-49B8-B55D-2C3914953B5B}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{68F77A6D-348E-41CD-A339-575B88673DCB}" = dir=in | name=minecraft: windows 10 edition |
"{69A6E846-C169-4790-94A5-953C2109BCE5}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{6C15397E-13F5-42AD-B6D7-5BE0B8EAC151}" = dir=in | name=microsoft solitaire collection |
"{6CBB55FA-C48B-45CF-A3FD-D384E4EFEB4A}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{713810F4-A4B9-49DE-B762-CD80695C953F}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{72EEFC69-2732-4D93-9CF6-F0D793D05CE0}" = dir=in | name=xbox |
"{734EDF99-9870-4B67-9CBF-A907A646E675}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{7889BC1B-E8EE-46E0-81F2-8A1D5E2ED9D1}" = dir=out | name=royal revolt 2 |
"{78C2F878-4DBB-43D7-9B31-EF87EAD6C2EB}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{7B122D1B-581E-4BD2-93AD-B774AB6534B6}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{7BD558C8-7EBB-4E96-85E0-01A3E835A1E4}" = dir=out | name=microsoft sticky notes |
"{843C9697-48B1-4829-A1FF-E5B545114329}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{852DC98D-7BE5-4A20-A47A-EA0257E4DE28}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{8A4FF3C8-C3AC-465B-BED9-67AF5E220B5A}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{8AAE6402-899D-4B2C-970A-FDD1FBEF64B3}" = dir=in | name=@{microsoft.commsphone_1.10.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{8B8A0893-1171-4841-A135-5D87071064D2}" = dir=out | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{8D1273CC-C8DB-4069-BCE2-5CEC3ADC306A}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{8D24BBC3-34F3-4338-8AA9-B3F93B71B1B6}" = dir=in | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8E6BFD55-F798-4AE4-8D2C-BBC15BDD678F}" = dir=out | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{8FE5019F-0971-4125-9ABC-E3F374017EEA}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{90712B52-29EF-4182-81CD-EFE2A522E809}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{92550DB4-7D99-43C7-99D3-F36FD8469108}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{945B4A87-87F0-4EC8-8B3C-A7194A8CE79C}" = dir=out | name=@{microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{95F4F3FC-E7D8-4856-B29E-4AB4A91E2A53}" = dir=out | name=@{microsoft.zunemusic_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{98C41C61-BBA5-415E-B44B-0F5F39807630}" = dir=in | name=microsoft sticky notes |
"{99294F84-7F16-4938-A01C-88A859AFD917}" = dir=out | name=houzz |
"{99FFB8D1-FC9A-4668-93C8-84CD4E170AFE}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9C0AC911-FDF6-44A9-8E02-FC53547E8EDC}" = dir=out | name=facebook |
"{9F4DDFCB-E09C-4AE1-A9CE-9300D58D50BE}" = dir=in | app=c:\program files\intel corporation\intel widi\next\wirelessdisplay.exe |
"{9F81747B-63E6-4586-AE13-5354EA7430C2}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{A0BC5464-7794-4E3E-99B1-D73AC3C312B7}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A2AA3299-F66A-4156-997C-1BE5FA8FF4FD}" = dir=in | app=c:\program files\intel corporation\intel widi\smartagenttest.exe |
"{A35DCFB1-7F73-4C24-AA9F-8480DB2B9604}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A63A9755-BB11-4890-815B-F8EAEE2D6E2C}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{A67A8854-1360-49AE-A5E0-E1E71255B409}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{AAE650EA-1406-4522-AD6A-6DCD9102BB9D}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{AD446AB0-6AE0-4569-9B3C-E67D3D39460B}" = dir=out | name=lenovo settings |
"{AFA20520-D2CB-4600-A6D4-433900C0FCF9}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{B04AEBB6-82D6-43E1-91E0-ECD5A6E9329C}" = dir=out | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B0A43279-576C-40A3-8F62-B8E9EF7A14AA}" = dir=out | name=lenovo settings |
"{B0D6FCAB-FC71-4EEF-BCE7-B95D36D1BB96}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{B1646844-3F2A-4484-B6A2-E698A1B1C248}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B2873919-1782-4E88-9837-7D1F642C327C}" = dir=out | name=windows_ie_ac_001 |
"{B6CF13A7-1FEE-4614-867D-3F57CF425063}" = dir=in | name=lenovo settings |
"{BB145DE1-22D7-4AE1-B02F-26E334BFDA3B}" = dir=out | name=@{microsoft.commsphone_1.10.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{C3EA7987-DC46-45A8-8C87-F3B9FD80633B}" = dir=out | name=candy crush soda saga |
"{C98504F1-AC02-44BA-BC1E-5508F71C4C2B}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{CAFDFA82-E23B-4186-9428-110B1A62570E}" = dir=in | name=lenovo settings |
"{D0486F45-7518-41B8-B23C-CB02CB532DFF}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{D3366B82-281C-49D1-AFAC-74E6A7BBEA89}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D3D68803-79B1-42C5-9A4B-AE671D8FFD55}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{D5FC6EC0-2ADC-44BA-A85E-E94F49850629}" = dir=out | name=xbox |
"{DABE8AAA-5B01-48FC-9736-B9A8B5FAE29A}" = dir=out | name=@{microsoft.people_10.1.3410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{E1C78162-C488-4E11-AC77-665EBD3DDE82}" = dir=out | name=microsoft solitaire collection |
"{E268914E-2671-47F3-B267-E1E8134AFB1E}" = dir=in | app=c:\program files\intel corporation\intel widi\widiappold.exe |
"{E2A3D620-CC24-48A4-978B-54CA89E823D6}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{E5E0328B-5CE8-48C9-B06A-1CE79A403C3E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7920.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{E866BDB7-B472-4203-9957-BFDE62A8C1D0}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7920.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{EB92014D-0EF7-49D8-BC02-85A9F2E7C0E0}" = dir=out | name=store purchase app |
"{ED581EE1-A3BE-44CE-B524-7537B939B6F5}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{EDD822E3-4D31-4C9A-8993-130F5D4EA58C}" = dir=in | name=@{microsoft.microsoftofficehub_17.7909.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{F3445B7E-EFE0-4A18-AF64-57C2906658C3}" = dir=out | name=minecraft: windows 10 edition |
"{F598EEEE-1D00-4040-8BA9-F62CDC160289}" = dir=in | name=@{microsoft.skypeapp_11.11.110.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{F63DFD56-370C-4981-9B6C-9AC3B00BB396}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{F6980AB0-E5E1-4ABC-85D4-0126B3C0F733}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{F6C25AAB-9D8F-4288-83DF-875F02636D6D}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{F9491B89-27E5-4B5E-B19E-AE4122B20B57}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{FA4BD3DF-39C4-4F17-993D-6511C3C0D44E}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{FAC32979-7346-4A39-A0BD-CF226197750A}" = dir=in | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{FBC6A358-13DB-4A42-9124-90C0B5C60155}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004A7DFF-F74D-4F85-A83C-F58943B4DDA6}" = Intel(R) ME UninstallLegacy
"{07a12c6f-97c2-4a0e-9dd6-50ffc08ff551}" = Intel(R) PRO/Wireless Driver
"{08515684-CE49-47EF-B509-326A2E91BC5C}_is1" = ThinkPad Settings Dependency
"{1A5AFA53-027D-40A8-B6FA-93446BE79CE8}" = Intel(R) Management Engine Components
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{2FB369C6-9264-472B-836A-DB2F6B2C9BE4}" = Intel® PROSet/Wireless WiFi Software
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{43E67915-502D-3B7E-8FCD-ABB40088E45C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{52753916-613B-4455-8022-A146CC17B1F6}" = Lenovo Solution Center
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}" = Intel(R) WiDi
"{69B404DD-8CB7-4EB5-A570-44744300AEE3}" = ESET Internet Security
"{7D84E343-A23D-451C-B123-0195B2D903A6}" = Intel® Trusted Connect Service Client
"{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}" = Dolby Digital Plus Home Theater
"{8547FD8F-3FE3-4ED9-BD1C-76DC1BD70D18}" = Intel(R) Management Engine Components
"{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}" = Lenovo QuickOptimizer
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AF27C33C-8D1F-49A4-9C7C-4535957F30E7}" = Intel(R) Management Engine Components
"{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}" = Lenovo BatteryGauge
"{C2E5CA37-C862-4A69-AC6D-24F450A20C16}" = Lenovo System Interface Foundation
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"AA9F09BEBC9865D97C7975018C64B175466BDA52" = Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0)
"CCleaner" = CCleaner
"Lenovo Scaling Utility" = Lenovo Scaling Utility
"OnScreenDisplay" = Lenovo オン スクリーン表示
"Power Management Driver" = Lenovo Power Management Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{4c8b7360-62a2-4339-b745-41323055d0bb}" = インテル® PROSet/Wireless ソフトウェア
"{66C3A3B4-D6FD-48EB-98AF-ABC65BBBC60A}" = インテル(R) ワイヤレス Bluetooth(R)
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{86905E62-645F-482E-A417-82C812ABD787}" = Intel(R) WiDi Software Asset Manager
"{8E1CACF5-2493-4950-9AD5-189903FE57E7}" = ThinkPad OneLink Dock
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = インテル® チップセット デバイス ソフトウェア
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D8102684-7BA1-4948-88B9-535F84E6E588}" = Thinkpad USB Ethernet Adapter Driver
"{DDAA788F-52E6-44EA-ADB8-92837B11BF26}" = Metric Collection SDK
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Integrated Camera
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2017/02/28 6:30:40 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0xf94 障害が発生しているアプリケーションの開始時刻: 0x01d291adb0fcbd02
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: bfc4eb9b-d235-407d-87fc-a1c7327446d7 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:30:41 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0xf94 障害が発生しているアプリケーションの開始時刻: 0x01d291adb0fcbd02
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: 61fe80bc-3427-4fb1-8c78-3db5f5c12978 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:04 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: db2bb4a6-38b8-47fd-b8ab-85bf853913aa 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:06 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: ec9d1fb4-cb7b-4518-ba29-07b4cf34ca95 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:07 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: 50ab5628-ad6e-4990-8106-a9c421c83a39 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:10 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: d0fad83a-d4fc-4a01-8953-64d0b321a616 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:11 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: 7642d2a3-0a24-48b0-93e3-4bb98cc6b09a 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 6:32:13 | Computer Name = DESKTOP-4SGAMEK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: microsoftedgecp.exe、バージョン: 11.0.14393.0、タイム スタンプ:
0x578997ee 障害が発生しているモジュール名: unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000604
障害オフセット:
0x0000000000000000 障害が発生しているプロセス ID: 0x1fd4 障害が発生しているアプリケーションの開始時刻: 0x01d291ade7902add
障害が発生しているアプリケーション
パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
障害が発生しているモジュール
パス: unknown レポート ID: 2461dac6-20ad-4233-99ee-078251082b0b 障害が発生しているパッケージの完全な名前: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
障害が発生しているパッケージに関連するアプリケーション
ID: MicrosoftEdge

Error - 2017/02/28 7:26:32 | Computer Name = DESKTOP-4SGAMEK | Source = SideBySide | ID = 16842785
Description = "C:\MMD\MikuMikuDance_v926x64\MikuMikuDance_v926x64\MikuMikuDance.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Microsoft.VC90.OpenMP,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2017/02/28 7:26:34 | Computer Name = DESKTOP-4SGAMEK | Source = SideBySide | ID = 16842785
Description = "C:\MMD\MikuMikuDance_v926x64\MikuMikuDance_v926x64\MikuMikuDance.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Microsoft.VC90.OpenMP,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2017/02/28 7:45:21 | Computer Name = DESKTOP-4SGAMEK | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システム ライター オブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。 。

[ System Events ]
Error - 2017/02/28 5:03:46 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10016
Description =

Error - 2017/02/28 5:04:12 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10016
Description =

Error - 2017/02/28 5:05:01 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10010
Description =

Error - 2017/02/28 5:05:33 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10016
Description =

Error - 2017/02/28 5:06:42 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10010
Description =

Error - 2017/02/28 5:10:30 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10010
Description =

Error - 2017/02/28 5:11:00 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10010
Description =

Error - 2017/02/28 5:54:47 | Computer Name = DESKTOP-4SGAMEK | Source = Service Control Manager | ID = 7030
Description = ESET Service サービスは、対話型サービスとしてマークされています。しかし、システムは対話型サービスを許可しないように構成されています。このサービスは正常に機能しない可能性があります。

Error - 2017/02/28 6:46:01 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10016
Description =

Error - 2017/02/28 7:58:01 | Computer Name = DESKTOP-4SGAMEK | Source = DCOM | ID = 10016
Description =


< End of report >

OTL logfile created on: 2017/02/28 22:32:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miroc\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 5.38 Gb Available Physical Memory | 68.29% Memory free
9.76 Gb Paging File | 7.47 Gb Available in Paging File | 76.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 197.62 Gb Free Space | 83.30% Space Free | Partition Type: NTFS
Drive D: | 29.81 Gb Total Space | 18.98 Gb Free Space | 63.67% Space Free | Partition Type: FAT32

Computer Name: DESKTOP-4SGAMEK | User Name: miroc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017/02/28 22:31:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miroc\Downloads\OTL.exe
PRC - [2017/02/28 18:09:08 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015/12/10 11:19:42 | 001,320,416 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
PRC - [2015/11/13 17:08:36 | 000,035,784 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
PRC - [2015/10/14 08:00:00 | 001,668,808 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2015/08/14 02:18:00 | 000,415,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2015/08/14 02:11:34 | 000,207,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2015/06/04 16:52:02 | 000,111,560 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:42 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:38 | 000,781,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:35 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:35 | 000,337,408 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:31 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:22 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:19 | 000,803,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:16 | 000,765,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:15 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:14 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:14 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:10 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:07 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:01 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:59 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:56 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:55 | 002,104,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:51 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:48 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:47 | 001,012,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:44 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:40 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:40 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:38 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:38 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:38 | 000,265,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:37 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:36 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:33 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:33 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:31 | 002,264,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:30 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:24 | 000,765,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:23 | 001,234,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/12/18 23:19:12 | 000,266,328 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV:[b]64bit:[/b] - [2016/12/12 16:21:20 | 000,184,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\ibtsiva.exe -- (ibtsiva)
SRV:[b]64bit:[/b] - [2016/11/23 00:43:18 | 000,382,456 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2016/10/11 12:58:18 | 002,815,520 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Internet Security\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_ed325)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2016/07/13 18:09:54 | 000,086,544 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:[b]64bit:[/b] - [2016/07/13 18:09:54 | 000,056,848 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWbioSyncSvc.exe -- (valWbioSyncSvc)
SRV:[b]64bit:[/b] - [2015/12/10 11:20:34 | 000,271,328 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe -- (LSCWinService)
SRV:[b]64bit:[/b] - [2015/11/13 17:08:36 | 000,035,784 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe -- (ImControllerService)
SRV:[b]64bit:[/b] - [2015/08/17 18:18:28 | 000,148,208 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:[b]64bit:[/b] - [2015/08/13 08:50:50 | 003,831,712 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2015/08/13 08:50:38 | 000,268,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2015/08/13 08:50:32 | 000,640,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2015/08/13 08:50:12 | 000,157,088 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2015/06/04 17:17:04 | 000,126,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:[b]64bit:[/b] - [2015/06/04 16:52:02 | 000,111,560 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:[b]64bit:[/b] - [2015/05/22 01:24:00 | 000,881,152 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2014/08/28 17:23:16 | 003,204,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe -- (Lenovo Instant On)
SRV - [2017/02/26 16:25:41 | 003,369,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\syswow64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2017/02/26 16:25:31 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\syswow64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/02/26 16:24:46 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\syswow64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017/02/26 16:24:36 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\syswow64\smphost.dll -- (smphost)
SRV - [2016/11/23 00:43:18 | 000,310,264 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\syswow64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016/07/16 20:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\syswow64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 20:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/10/23 10:38:18 | 000,119,464 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\SmartSense\SSSvc.exe -- (SSSvc)
SRV - [2015/10/14 08:00:00 | 001,668,808 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2015/08/14 02:18:00 | 000,415,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2015/08/14 02:11:34 | 000,207,648 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2015/06/23 23:14:42 | 000,019,088 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe -- (Intel(R)
SRV - [2015/06/18 23:21:46 | 000,882,000 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0211861488272760mcinst.exe -- (0211861488272760mcinstcleanup)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/02/26 16:25:42 | 000,220,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:42 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:29 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:26 | 000,045,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:12 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:10 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:04 | 000,544,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:01 | 000,247,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2017/02/26 16:25:00 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:56 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:55 | 000,062,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:43 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:39 | 000,198,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:37 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:36 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:33 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:31 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:30 | 000,376,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:28 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2017/02/26 16:24:23 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/12/18 23:18:48 | 000,930,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2016/12/18 23:18:18 | 000,072,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2016/12/18 23:18:12 | 000,069,208 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:[b]64bit:[/b] - [2016/12/14 01:29:44 | 000,203,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2016/12/12 16:21:20 | 000,253,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2016/12/03 00:31:20 | 007,254,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwtw04.sys -- (Netwtw04)
DRV:[b]64bit:[/b] - [2016/11/23 00:43:18 | 007,974,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,232,072 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,212,096 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,177,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,091,784 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,076,416 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,048,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekbdflt.sys -- (ekbdflt)
DRV:[b]64bit:[/b] - [2016/10/13 14:39:14 | 000,015,488 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\eelam.sys -- (eelam)
DRV:[b]64bit:[/b] - [2016/09/03 00:42:06 | 003,147,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:[b]64bit:[/b] - [2016/07/17 07:20:29 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016/07/17 07:20:23 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016/07/16 20:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2016/07/13 18:09:54 | 000,039,488 | ---- | M] (Synaptics Incorporated) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smi.sys -- (SMIDriver)
DRV:[b]64bit:[/b] - [2016/05/12 05:32:26 | 000,481,768 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2015/11/05 16:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/10/14 08:00:00 | 000,020,736 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:[b]64bit:[/b] - [2015/08/17 18:18:26 | 000,064,208 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:[b]64bit:[/b] - [2015/08/07 19:39:38 | 000,067,248 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynRMIHID.sys -- (SynRMIHID)
DRV:[b]64bit:[/b] - [2015/06/10 06:36:52 | 000,088,256 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelPcc.sys -- (IntelHSWPcc)
DRV:[b]64bit:[/b] - [2015/04/07 01:59:58 | 000,485,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d65x64.sys -- (e1dexpress)
DRV:[b]64bit:[/b] - [2014/02/03 09:54:26 | 000,025,856 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\InstantOn\InstantOn.sys -- (InstantOn)
DRV - [2016/07/16 20:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com/ [binary data]
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.lenovo.com/ [binary data]
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 24 00 00 00 B4 FD 6E 88 CF 01 2D AB F4 B6 60 FE 3C E7 13 4D D7 97 02 D0 F6 F9 9E EF 91 45 9A 11 D2 15 1C 56 B0 23 D6 83 02 00 00 00 0E 00 00 00 77 38 6C 73 72 77 72 37 51 71 49 25 33 64 [binary data]
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)



O1 HOSTS File: ([2015/10/30 16:21:30 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [RtsCM] C:\Windows\RtsCM64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-990994567-790204563-332684434-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-990994567-790204563-332684434-1001..\Run: [OneDrive] C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-990994567-790204563-332684434-1001..\RunOnce: [Uninstall 17.3.6381.0405] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405" File not found
O4 - HKU\S-1-5-21-990994567-790204563-332684434-1001..\RunOnce: [Uninstall 17.3.6381.0405\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:[b]64bit:[/b] - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41643f5c-fd1b-4019-b2df-e98ae3c9b9d2}: DhcpNameServer = 192.168.100.1 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5d06b58c-cc31-48e5-9f03-b217f429fcb2}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {31699572-6286-3C1C-A03C-511D59181038} - .NET Framework
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {71A5A636-652F-3BE0-BC14-02545E9F5EC7} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/02/28 22:04:40 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Apple Computer
[2017/02/28 20:46:04 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2017/02/28 20:46:04 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2017/02/28 20:46:04 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2017/02/28 20:46:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2017/02/28 20:46:03 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2017/02/28 20:46:03 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2017/02/28 20:46:03 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2017/02/28 20:46:03 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2017/02/28 20:46:03 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2017/02/28 20:46:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2017/02/28 20:46:03 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2017/02/28 20:46:03 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2017/02/28 20:46:03 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2017/02/28 20:46:03 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2017/02/28 20:46:02 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2017/02/28 20:46:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2017/02/28 20:46:02 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2017/02/28 20:46:02 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2017/02/28 20:46:02 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2017/02/28 20:46:02 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2017/02/28 20:46:02 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2017/02/28 20:46:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2017/02/28 20:46:02 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2017/02/28 20:46:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2017/02/28 20:46:01 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2017/02/28 20:46:01 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2017/02/28 20:46:01 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2017/02/28 20:46:01 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2017/02/28 20:46:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2017/02/28 20:46:01 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2017/02/28 20:46:00 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2017/02/28 20:46:00 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2017/02/28 20:46:00 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2017/02/28 20:46:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2017/02/28 20:46:00 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2017/02/28 20:46:00 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2017/02/28 20:46:00 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2017/02/28 20:46:00 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2017/02/28 20:45:59 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2017/02/28 20:45:59 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2017/02/28 20:45:59 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2017/02/28 20:45:59 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2017/02/28 20:45:59 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2017/02/28 20:45:59 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2017/02/28 20:45:59 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2017/02/28 20:45:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2017/02/28 20:45:59 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2017/02/28 20:45:59 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2017/02/28 20:45:58 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2017/02/28 20:45:58 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2017/02/28 20:45:58 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2017/02/28 20:45:58 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2017/02/28 20:45:58 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2017/02/28 20:45:58 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2017/02/28 20:45:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2017/02/28 20:45:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2017/02/28 20:45:57 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2017/02/28 20:45:57 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2017/02/28 20:45:57 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2017/02/28 20:45:57 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2017/02/28 20:45:57 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2017/02/28 20:45:57 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2017/02/28 20:45:57 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2017/02/28 20:45:57 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2017/02/28 20:45:57 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2017/02/28 20:45:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2017/02/28 20:45:56 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2017/02/28 20:45:56 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2017/02/28 20:45:56 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2017/02/28 20:45:56 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2017/02/28 20:45:56 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2017/02/28 20:45:56 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2017/02/28 20:45:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2017/02/28 20:45:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2017/02/28 20:45:56 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2017/02/28 20:45:56 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2017/02/28 20:45:55 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2017/02/28 20:45:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2017/02/28 20:45:55 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2017/02/28 20:45:55 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2017/02/28 20:45:55 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2017/02/28 20:45:55 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2017/02/28 20:45:55 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2017/02/28 20:45:55 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2017/02/28 20:45:55 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2017/02/28 20:45:55 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2017/02/28 20:45:54 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2017/02/28 20:45:54 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2017/02/28 20:45:54 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2017/02/28 20:45:54 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2017/02/28 20:45:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2017/02/28 20:45:54 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2017/02/28 20:45:54 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2017/02/28 20:45:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2017/02/28 20:45:53 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2017/02/28 20:45:53 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2017/02/28 20:45:53 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2017/02/28 20:45:53 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2017/02/28 20:45:53 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2017/02/28 20:45:53 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2017/02/28 20:45:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2017/02/28 20:45:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2017/02/28 20:45:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2017/02/28 20:45:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2017/02/28 20:45:52 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2017/02/28 20:45:52 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2017/02/28 20:45:52 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2017/02/28 20:45:52 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2017/02/28 20:45:52 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2017/02/28 20:45:52 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2017/02/28 20:45:51 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2017/02/28 20:45:51 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2017/02/28 20:45:51 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2017/02/28 20:45:51 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2017/02/28 20:45:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2017/02/28 20:45:51 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2017/02/28 20:45:51 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2017/02/28 20:45:51 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2017/02/28 20:45:50 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2017/02/28 20:45:50 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2017/02/28 20:45:50 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2017/02/28 20:45:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2017/02/28 20:45:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2017/02/28 20:45:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2017/02/28 20:45:50 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2017/02/28 20:45:50 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2017/02/28 20:45:50 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2017/02/28 20:45:50 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2017/02/28 20:45:49 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2017/02/28 20:45:49 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2017/02/28 20:45:49 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2017/02/28 20:45:49 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2017/02/28 20:45:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2017/02/28 20:45:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2017/02/28 20:45:48 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2017/02/28 20:45:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2017/02/28 20:45:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2017/02/28 20:45:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2017/02/28 20:45:48 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2017/02/28 20:45:48 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2017/02/28 20:45:47 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2017/02/28 20:45:47 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2017/02/28 20:45:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2017/02/28 20:45:47 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2017/02/28 20:45:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2017/02/28 20:45:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2017/02/28 20:45:46 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2017/02/28 20:45:46 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2017/02/28 20:45:46 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2017/02/28 20:45:46 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2017/02/28 20:45:46 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2017/02/28 20:45:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2017/02/28 20:45:46 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2017/02/28 20:45:46 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2017/02/28 20:45:45 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2017/02/28 20:45:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2017/02/28 20:45:45 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2017/02/28 20:45:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2017/02/28 20:45:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2017/02/28 20:45:45 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2017/02/28 20:45:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2017/02/28 20:45:45 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2017/02/28 20:45:44 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2017/02/28 20:45:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2017/02/28 20:45:43 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2017/02/28 20:45:43 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2017/02/28 20:45:43 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2017/02/28 20:45:43 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2017/02/28 20:45:43 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2017/02/28 20:45:43 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2017/02/28 20:45:43 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2017/02/28 20:45:43 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2017/02/28 20:45:42 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2017/02/28 20:45:42 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2017/02/28 20:45:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2017/02/28 20:45:42 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2017/02/28 20:45:42 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2017/02/28 20:45:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2017/02/28 20:45:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2017/02/28 20:45:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2017/02/28 20:45:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2017/02/28 20:45:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2017/02/28 20:31:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2017/02/28 20:15:48 | 000,000,000 | ---D | C] -- C:\MMD
[2017/02/28 19:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/02/28 19:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017/02/28 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\ESET
[2017/02/28 18:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2017/02/28 18:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2017/02/28 18:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2017/02/28 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\LSC
[2017/02/28 18:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2017/02/28 18:10:30 | 000,000,000 | ---D | C] -- C:\Users\miroc\OneDrive\ドキュメント\名称未設定フォルダー
[2017/02/28 18:10:30 | 000,000,000 | ---D | C] -- C:\Users\miroc\OneDrive\ドキュメント\東方
[2017/02/28 18:10:27 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2017/02/28 18:09:08 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Skype
[2017/02/28 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Macromedia
[2017/02/28 18:06:17 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\NetworkTiles
[2017/02/28 18:05:48 | 000,000,000 | R--D | C] -- C:\Users\miroc\OneDrive
[2017/02/28 18:05:33 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\MicrosoftEdge
[2017/02/28 18:04:21 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Comms
[2017/02/28 18:04:10 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Publishers
[2017/02/28 18:04:09 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\PackageStaging
[2017/02/28 18:03:56 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Lenovo
[2017/02/28 18:03:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2017/02/28 18:03:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017/02/28 18:03:50 | 000,000,000 | R--D | C] -- C:\Users\miroc\Searches
[2017/02/28 18:03:50 | 000,000,000 | R--D | C] -- C:\Users\miroc\Contacts
[2017/02/28 18:03:49 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Adobe
[2017/02/28 18:03:48 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\VirtualStore
[2017/02/28 18:03:47 | 000,000,000 | -HSD | C] -- C:\Users\miroc\IntelGraphicsProfiles
[2017/02/28 18:03:47 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\TileDataLayer
[2017/02/28 18:03:47 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Packages
[2017/02/28 18:03:46 | 000,000,000 | -H-D | C] -- C:\Users\miroc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/02/28 18:03:46 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Intel
[2017/02/28 18:03:46 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\ConnectedDevicesPlatform
[2017/02/28 18:00:51 | 000,000,000 | --SD | C] -- C:\Users\miroc\AppData\Roaming\Microsoft
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Videos
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Saved Games
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Pictures
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Music
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Links
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Favorites
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Downloads
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Documents
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\Desktop
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/02/28 18:00:51 | 000,000,000 | R--D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\スタート メニュー
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\AppData\Local\Temporary Internet Files
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\Templates
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\SendTo
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\Recent
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\PrintHood
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\NetHood
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\My Documents
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\Local Settings
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\AppData\Local\History
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\Cookies
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\Application Data
[2017/02/28 18:00:51 | 000,000,000 | -HSD | C] -- C:\Users\miroc\AppData\Local\Application Data
[2017/02/28 18:00:51 | 000,000,000 | -H-D | C] -- C:\Users\miroc\AppData
[2017/02/28 18:00:51 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Temp
[2017/02/28 18:00:51 | 000,000,000 | ---D | C] -- C:\Users\miroc\Roaming
[2017/02/28 18:00:51 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Local\Microsoft
[2017/02/28 18:00:51 | 000,000,000 | ---D | C] -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/02/28 18:00:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\デスクトップ
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\スタート メニュー
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2017/02/28 17:55:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2017/02/28 17:54:35 | 002,716,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PrintConfig.dll
[2017/02/28 17:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017/02/28 17:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2017/02/28 17:46:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DAX2
[2017/02/28 17:46:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2017/02/28 17:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2017/02/28 17:46:48 | 000,112,656 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2017/02/28 17:46:48 | 000,108,552 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2017/02/28 17:46:47 | 000,000,000 | ---D | C] -- C:\Intel
[2017/02/28 17:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2017/02/28 17:46:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2017/02/28 17:46:19 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2017/02/28 17:46:13 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2017/02/28 17:45:53 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Microsoft
[2017/02/28 17:45:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SleepStudy
[2017/02/28 17:45:53 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2017/02/28 16:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lenovo
[2017/02/28 16:14:19 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2017/02/28 16:14:19 | 000,000,000 | ---D | C] -- C:\Windows\InfusedApps
[2017/02/28 16:13:56 | 000,000,000 | ---D | C] -- C:\Windows.old
[2017/02/28 16:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2017/02/28 16:12:23 | 000,000,000 | ---D | C] -- C:\Windows\Setup
[2017/02/28 16:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2017/02/28 16:12:19 | 000,000,000 | ---D | C] -- C:\Windows\OCR
[2017/02/28 16:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017/02/28 16:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017/02/28 16:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017/02/28 16:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017/02/28 16:12:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\ja-JP
[2017/02/28 16:12:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\ja-JP
[2017/02/28 16:12:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja
[2017/02/28 16:12:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\ja-JP
[2017/02/28 16:12:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2017/02/28 16:12:01 | 000,000,000 | ---D | C] -- C:\Windows\ja-JP
[2017/02/28 16:12:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja
[2017/02/28 16:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2017/02/28 16:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2017/02/28 16:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2017/02/28 16:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2017/02/28 16:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2017/02/28 16:10:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2017/02/28 16:10:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\en-US
[2017/02/28 16:10:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2017/02/28 16:10:39 | 000,000,000 | ---D | C] -- C:\Windows\en-US
[2017/02/28 16:10:39 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker
[2017/02/28 16:10:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2017/02/28 16:09:21 | 000,828,408 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/02/28 16:09:21 | 000,176,632 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017/02/28 16:08:07 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2017/02/28 16:08:05 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Nui
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Nui
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\F12
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\F12
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\dsc
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\Downloaded Program Files
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\DiagSvcs
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\DiagSvcs
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Configuration
[2017/02/28 16:08:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Configuration
[2017/02/28 16:08:02 | 000,000,000 | R-SD | C] -- C:\Windows\Media
[2017/02/28 16:08:02 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts
[2017/02/28 16:08:02 | 000,000,000 | R-SD | C] -- C:\Windows\assembly
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\Windows\PrintDialog
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\Windows\Offline Web Pages
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\Windows\MiracastView
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\Windows\Microsoft.NET
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\Windows\ImmersiveControlPanel
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/02/28 16:08:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/02/28 16:08:02 | 000,000,000 | -HSD | C] -- C:\Program Files\Windows Sidebar
[2017/02/28 16:08:02 | 000,000,000 | -HSD | C] -- C:\Program Files (x86)\Windows Sidebar
[2017/02/28 16:08:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2017/02/28 16:08:02 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsApps
[2017/02/28 16:08:02 | 000,000,000 | -H-D | C] -- C:\ProgramData
[2017/02/28 16:08:02 | 000,000,000 | -H-D | C] -- C:\Windows\ELAMBKUP
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-TW
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-TW
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-HK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-HK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CN
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-CN
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WinMetadata
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinMetadata
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winevt
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsPowerShell
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WindowsPowerShell
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Photo Viewer
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Multimedia Platform
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Multimedia Platform
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Defender
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioPlugIns
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioDatabase
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Web
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WDI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wbem
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wbem
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Vss
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\USOPrivate
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uk-UA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\uk-UA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\twain_32
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr-TR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr-TR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\tracing
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\th-TH
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\th-TH
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Tasks
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Tasks
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\TAPI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\syswow64
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SystemResources
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SystemResetPlatform
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SystemApps
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\System
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Sysprep
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv-SE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv-SE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sru
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sru
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-RS
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-RS
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-CS
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-CS
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sppui
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sppui
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spool
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech_OneCore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech_OneCore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Speech_OneCore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\System\Speech
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Speech
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftwareDistribution
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SMI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl-SI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sl-SI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk-SK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sk-SK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SKB
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\ShellExperiences
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\setup
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\setup
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\security
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SecureBootUpdates
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\schemas
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SchCache
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru-RU
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru-RU
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro-RO
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ro-RO
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\restore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\restore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Resources
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Recovery
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Recovery
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RasToast
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RasToast
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ras
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ras
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-PT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-PT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-BR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-BR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ProximityToast
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Provisioning
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\prefetch
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\PointOfService
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl-PL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl-PL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\PLA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Performance
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\oobe
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oobe
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl-NL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl-NL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\networklist
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\networklist
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NDF
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NDF
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nb-NO
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nb-NO
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MUI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MUI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MsDtc
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MsDtc
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MSDRM
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MSDRM
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migwiz
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migwiz
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migration
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migration
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MailContactsCalendarSync
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MailContactsCalendarSync
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lv-LV
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lv-LV
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lt-LT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lt-LT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Logs
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LogFiles
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\LogFiles
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Licenses
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Licenses
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko-KR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko-KR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja-JP
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja-jp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it-IT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it-IT
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Ipmi
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Ipmi
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InputMethod
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\InputMethod
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\InputMethod
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\inetsrv
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IME
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\IME
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\icsxml
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\icsxml
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu-HU
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hu-HU
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hr-HR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hr-HR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Help
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he-IL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he-IL
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicyUsers
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicy
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Globalization
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\GameBarPresenceWriter
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-FR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-FR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-CA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-CA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi-FI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fi-FI
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\et-EE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\et-EE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\etc
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-MX
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-MX
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-ES
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-ES
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-US
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-US
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-GB
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-GB
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el-GR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\el-GR
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DriverStore
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\downlevel
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\downlevel
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dism
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Dism
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de-DE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de-DE
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\debug
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DDFs
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da-DK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da-DK
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Cursors
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs-CZ
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs-CZ
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\config
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Comms
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Com
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Com
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CodeIntegrity
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Bthprops
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Bthprops
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Branding
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Boot
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\Boot
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg-BG
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\bg-BG
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\bcastdvr
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar-SA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar-SA
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\AppReadiness
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AppLocker
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AppLocker
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\appcompat
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AdvancedInstallers
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AdvancedInstallers
[2017/02/28 16:08:02 | 000,000,000 | ---D | C] -- C:\Windows\addins
[2017/02/28 16:07:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF
[2017/02/28 16:07:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers
[2017/02/28 16:07:11 | 000,000,000 | ---D | C] -- C:\Windows\INF
[2017/02/28 16:04:04 | 000,000,000 | ---D | C] -- C:\Windows\CbsTemp
[2017/02/28 16:03:29 | 000,000,000 | R--D | C] -- C:\Users
[2017/02/28 16:03:29 | 000,000,000 | R--D | C] -- C:\Program Files
[2017/02/28 16:03:29 | 000,000,000 | R--D | C] -- C:\Program Files (x86)
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\WinSxS
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\System32
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SMI
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\servicing
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DriverStore
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\config
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2017/02/28 16:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CatRoot
[2017/02/28 15:59:41 | 000,000,000 | -H-D | C] -- C:\Recovery
[2017/02/28 15:59:28 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2017/02/26 21:58:34 | 002,365,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WudfUpdate_01011.dll
[2017/02/26 21:58:34 | 000,134,120 | ---- | C] (Lenovo Group Limited) -- C:\Windows\SysNative\drivers\UMDF\iMDriver.dll
[2017/02/26 16:36:04 | 001,804,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2017/02/26 16:36:03 | 000,072,792 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2017/02/26 16:36:03 | 000,069,208 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/02/28 21:10:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/02/28 20:14:13 | 001,579,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/02/28 20:14:13 | 000,745,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/02/28 20:14:13 | 000,535,088 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2017/02/28 20:14:13 | 000,148,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/02/28 20:14:13 | 000,147,970 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2017/02/28 19:34:03 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/02/28 18:54:47 | 000,002,128 | ---- | M] () -- C:\Users\Public\Desktop\インターネットバンキング保護.lnk
[2017/02/28 18:03:46 | 000,000,180 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017/02/28 17:59:50 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017/02/28 17:59:47 | 3385,344,000 | -HS- | M] () -- C:\hiberfil.sys
[2017/02/28 17:55:04 | 000,023,208 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2017/02/28 17:52:29 | 000,223,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/02/28 17:47:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_lvcmn_01_11_00.Wdf
[2017/02/28 17:46:52 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2017/02/28 17:46:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2017/02/28 17:46:47 | 000,000,200 | ---- | M] () -- C:\Windows\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2017/02/28 17:46:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\GfxValDisplayLog.bin
[2017/02/28 17:46:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2017/02/28 17:46:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf
[2017/02/28 16:11:55 | 000,144,476 | ---- | M] () -- C:\Windows\SysNative\perfi011.dat
[2017/02/28 16:11:55 | 000,033,362 | ---- | M] () -- C:\Windows\SysNative\perfd011.dat
[2017/02/28 16:06:58 | 000,215,943 | ---- | M] () -- C:\Windows\SysWow64\dssec.dat
[2017/02/28 16:06:58 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2017/02/28 16:06:58 | 000,000,741 | ---- | M] () -- C:\Windows\SysWow64\NOISE.DAT
[2017/02/28 16:06:57 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2017/02/28 16:06:57 | 000,215,943 | ---- | M] () -- C:\Windows\SysNative\dssec.dat
[2017/02/28 16:06:57 | 000,015,462 | ---- | M] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml
[2017/02/28 16:06:57 | 000,003,683 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam
[2017/02/28 16:06:57 | 000,000,858 | ---- | M] () -- C:\Windows\SysNative\DefaultQuestions.json
[2017/02/28 16:06:57 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\NOISE.DAT
[2017/02/28 16:06:56 | 000,296,742 | ---- | M] () -- C:\Windows\SysNative\perfi009.dat
[2017/02/28 16:06:56 | 000,033,362 | ---- | M] () -- C:\Windows\SysNative\perfd009.dat

（本文が英数字のみとなるのを避けます）

[2017/02/26 21:58:34 | 002,365,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WudfUpdate_01011.dll
[2017/02/26 21:58:34 | 000,134,120 | ---- | M] (Lenovo Group Limited) -- C:\Windows\SysNative\drivers\UMDF\iMDriver.dll
[2017/02/26 16:30:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\spaceport.sys.mui
[2017/02/26 16:29:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\spaceport.sys.mui
[2017/02/26 16:25:43 | 002,681,200 | ---- | M] () -- C:\Windows\SysNative\CoreUIComponents.dll
[2017/02/26 16:25:43 | 001,726,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Immersive.dll
[2017/02/26 16:25:43 | 001,358,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2017/02/26 16:25:43 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ddraw.dll
[2017/02/26 16:25:43 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2017/02/26 16:25:43 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininetlui.dll
[2017/02/26 16:25:42 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2017/02/26 16:25:42 | 000,447,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\das.dll
[2017/02/26 16:25:42 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2017/02/26 16:25:42 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Cortana.Desktop.dll
[2017/02/26 16:25:42 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2017/02/26 16:25:42 | 000,380,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2017/02/26 16:25:42 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2017/02/26 16:25:42 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcuiu.dll
[2017/02/26 16:25:42 | 000,220,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2017/02/26 16:25:42 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpninprc.dll
[2017/02/26 16:25:42 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dasHost.exe
[2017/02/26 16:25:42 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\deviceassociation.dll
[2017/02/26 16:25:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xinputhid.sys
[2017/02/26 16:25:41 | 003,617,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32kfull.sys
[2017/02/26 16:25:41 | 003,369,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.StateRepository.dll
[2017/02/26 16:25:41 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Radios.dll
[2017/02/26 16:25:41 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DisplayManager.dll
[2017/02/26 16:25:41 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2017/02/26 16:25:41 | 000,114,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32u.dll
[2017/02/26 16:25:41 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.StateRepositoryClient.dll
[2017/02/26 16:25:40 | 001,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ClipUp.exe
[2017/02/26 16:25:40 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2017/02/26 16:25:40 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2017/02/26 16:25:40 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OneDriveSettingSyncProvider.dll
[2017/02/26 16:25:40 | 000,379,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apprepsync.dll
[2017/02/26 16:25:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PlayToDevice.dll
[2017/02/26 16:25:40 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apprepapi.dll
[2017/02/26 16:25:39 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.AccountsControl.dll
[2017/02/26 16:25:39 | 000,640,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2017/02/26 16:25:38 | 007,217,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2017/02/26 16:25:38 | 003,769,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll
[2017/02/26 16:25:38 | 001,360,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetsrc.dll
[2017/02/26 16:25:38 | 000,869,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2017/02/26 16:25:38 | 000,781,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PhoneService.dll
[2017/02/26 16:25:38 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2017/02/26 16:25:38 | 000,711,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2017/02/26 16:25:38 | 000,691,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TokenBroker.dll
[2017/02/26 16:25:38 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettings.UserAccountsHandlers.dll
[2017/02/26 16:25:38 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\bcastdvr.exe
[2017/02/26 16:25:38 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LockAppBroker.dll
[2017/02/26 16:25:38 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2017/02/26 16:25:38 | 000,366,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2017/02/26 16:25:38 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credprovhost.dll
[2017/02/26 16:25:38 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VEStoreEventHandlers.dll
[2017/02/26 16:25:38 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\BcastDVRHelper.dll
[2017/02/26 16:25:38 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppCapture.dll
[2017/02/26 16:25:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2017/02/26 16:25:38 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll
[2017/02/26 16:25:37 | 007,468,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2017/02/26 16:25:37 | 004,312,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2017/02/26 16:25:37 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2017/02/26 16:25:37 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2017/02/26 16:25:37 | 000,544,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\uReFS.dll
[2017/02/26 16:25:37 | 000,509,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncHost.exe
[2017/02/26 16:25:37 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Geolocation.dll
[2017/02/26 16:25:37 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Usb.dll
[2017/02/26 16:25:37 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2017/02/26 16:25:37 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WwaApi.dll
[2017/02/26 16:25:37 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credprovs.dll
[2017/02/26 16:25:36 | 002,800,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2017/02/26 16:25:36 | 002,712,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2017/02/26 16:25:36 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll
[2017/02/26 16:25:36 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2017/02/26 16:25:36 | 000,603,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ContentDeliveryManager.Utilities.dll
[2017/02/26 16:25:36 | 000,378,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LockAppHost.exe
[2017/02/26 16:25:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll
[2017/02/26 16:25:36 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setupugc.exe
[2017/02/26 16:25:36 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[2017/02/26 16:25:36 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\updatepolicy.dll
[2017/02/26 16:25:36 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthExt.dll
[2017/02/26 16:25:36 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsiwmi.dll
[2017/02/26 16:25:35 | 002,277,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2017/02/26 16:25:35 | 002,183,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hevcdecoder.dll
[2017/02/26 16:25:35 | 001,201,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
[2017/02/26 16:25:35 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MbaeApiPublic.dll
[2017/02/26 16:25:35 | 000,620,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.dll
[2017/02/26 16:25:35 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GamePanel.exe
[2017/02/26 16:25:35 | 000,573,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NgcCtnrGidsHandler.dll
[2017/02/26 16:25:35 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2017/02/26 16:25:35 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\efswrt.dll
[2017/02/26 16:25:35 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\facecredentialprovider.dll
[2017/02/26 16:25:35 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdpsvc.dll
[2017/02/26 16:25:35 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdpusersvc.dll
[2017/02/26 16:25:35 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AboveLockAppHost.dll
[2017/02/26 16:25:35 | 000,252,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.Identity.Provider.dll
[2017/02/26 16:25:35 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinBioDataModel.dll
[2017/02/26 16:25:35 | 000,204,288 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll
[2017/02/26 16:25:35 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mdmregistration.dll
[2017/02/26 16:25:35 | 000,122,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2017/02/26 16:25:35 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2017/02/26 16:25:35 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinBioDataModelOOBE.exe
[2017/02/26 16:25:35 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\BackgroundMediaPolicy.dll
[2017/02/26 16:25:35 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2017/02/26 16:25:34 | 002,458,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2017/02/26 16:25:34 | 001,990,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll
[2017/02/26 16:25:34 | 001,077,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Editing.dll
[2017/02/26 16:25:34 | 000,828,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/02/26 16:25:34 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2017/02/26 16:25:34 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PlayToManager.dll
[2017/02/26 16:25:34 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TpmCoreProvisioning.dll
[2017/02/26 16:25:34 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DataExchange.dll
[2017/02/26 16:25:34 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017/02/26 16:25:34 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2017/02/26 16:25:33 | 001,992,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2017/02/26 16:25:33 | 001,364,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpncore.dll
[2017/02/26 16:25:33 | 001,274,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017/02/26 16:25:33 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MiracastReceiver.dll
[2017/02/26 16:25:33 | 001,040,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2017/02/26 16:25:33 | 001,004,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Input.Inking.dll
[2017/02/26 16:25:33 | 000,959,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\modernexecserver.dll
[2017/02/26 16:25:33 | 000,936,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MCRecvSrc.dll
[2017/02/26 16:25:33 | 000,674,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2017/02/26 16:25:33 | 000,628,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontdrvhost.exe
[2017/02/26 16:25:33 | 000,576,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2017/02/26 16:25:33 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers_StorageSense.dll
[2017/02/26 16:25:33 | 000,412,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2017/02/26 16:25:33 | 000,378,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2017/02/26 16:25:33 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SyncSettings.dll
[2017/02/26 16:25:33 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserMgrProxy.dll
[2017/02/26 16:25:33 | 000,263,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExSMime.dll
[2017/02/26 16:25:33 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VCardParser.dll
[2017/02/26 16:25:33 | 000,185,368 | ---- | M] () -- C:\Windows\SysWow64\weretw.dll
[2017/02/26 16:25:33 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettings.DeviceEncryptionHandlers.dll
[2017/02/26 16:25:33 | 000,152,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RTWorkQ.dll
[2017/02/26 16:25:33 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppointmentActivation.dll
[2017/02/26 16:25:33 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SpaceAgent.exe
[2017/02/26 16:25:33 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDataTimeUtil.dll
[2017/02/26 16:25:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAppInstaller.exe
[2017/02/26 16:25:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CastLaunch.dll
[2017/02/26 16:25:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.System.UserDeviceAssociation.dll
[2017/02/26 16:25:33 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ProvSysprep.dll
[2017/02/26 16:25:33 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AddressParser.dll
[2017/02/26 16:25:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\POSyncServices.dll
[2017/02/26 16:25:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDataPlatformHelperUtil.dll
[2017/02/26 16:25:33 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ContactActivation.dll
[2017/02/26 16:25:33 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDataTypeHelperUtil.dll
[2017/02/26 16:25:33 | 000,045,056 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2017/02/26 16:25:33 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDataLanguageUtil.dll
[2017/02/26 16:25:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExtrasXmlParser.dll
[2017/02/26 16:25:33 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDataAccessRes.dll
[2017/02/26 16:25:32 | 003,244,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2017/02/26 16:25:32 | 002,138,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\InputService.dll
[2017/02/26 16:25:32 | 001,320,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2017/02/26 16:25:32 | 001,277,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2017/02/26 16:25:32 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2017/02/26 16:25:32 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TextInputFramework.dll
[2017/02/26 16:25:32 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2017/02/26 16:25:32 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2017/02/26 16:25:32 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2017/02/26 16:25:32 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Core.TextInput.dll
[2017/02/26 16:25:32 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2017/02/26 16:25:32 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.SerialCommunication.dll
[2017/02/26 16:25:32 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2017/02/26 16:25:32 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slc.dll
[2017/02/26 16:25:32 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BitLockerDeviceEncryption.exe
[2017/02/26 16:25:32 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\InputLocaleManager.dll
[2017/02/26 16:25:32 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2017/02/26 16:25:32 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EditBufferTestHook.dll
[2017/02/26 16:25:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\eappprxy.dll
[2017/02/26 16:25:32 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WordBreakers.dll
[2017/02/26 16:25:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smphost.dll
[2017/02/26 16:25:31 | 003,194,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdp.dll
[2017/02/26 16:25:31 | 002,206,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2017/02/26 16:25:31 | 001,980,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2017/02/26 16:25:31 | 000,963,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WebcamUi.dll
[2017/02/26 16:25:31 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppcext.dll
[2017/02/26 16:25:31 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RTMediaFrame.dll
[2017/02/26 16:25:31 | 000,322,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2017/02/26 16:25:31 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Internal.Management.dll
[2017/02/26 16:25:31 | 000,178,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudExperienceHostUser.dll
[2017/02/26 16:25:31 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ACPBackgroundManagerPolicy.dll
[2017/02/26 16:25:31 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XamlTileRender.dll
[2017/02/26 16:25:31 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Printers.dll
[2017/02/26 16:25:31 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slcext.dll
[2017/02/26 16:25:30 | 008,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Chakra.dll
[2017/02/26 16:25:30 | 001,081,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Chakradiag.dll
[2017/02/26 16:25:30 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2017/02/26 16:25:30 | 000,412,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2017/02/26 16:25:30 | 000,396,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2017/02/26 16:25:30 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wifiprofilessettinghandler.dll
[2017/02/26 16:25:30 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Chakrathunk.dll
[2017/02/26 16:25:30 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll
[2017/02/26 16:25:30 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WiFiConfigSP.dll
[2017/02/26 16:25:30 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvcpal.dll
[2017/02/26 16:25:30 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2017/02/26 16:25:29 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ngccredprov.dll
[2017/02/26 16:25:29 | 000,527,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll
[2017/02/26 16:25:29 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2017/02/26 16:25:29 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2017/02/26 16:25:29 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Playback.MediaPlayer.dll
[2017/02/26 16:25:29 | 000,131,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys
[2017/02/26 16:25:28 | 005,723,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\windows.storage.dll
[2017/02/26 16:25:28 | 000,861,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncCore.dll
[2017/02/26 16:25:28 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetworkBindingEngineMigPlugin.dll
[2017/02/26 16:25:28 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2017/02/26 16:25:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2017/02/26 16:25:27 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.BlockedShutdown.dll
[2017/02/26 16:25:27 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EAMProgressHandler.dll
[2017/02/26 16:25:27 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CbtBackgroundManagerPolicy.dll
[2017/02/26 16:25:26 | 001,738,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2017/02/26 16:25:26 | 001,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVP9DEC.dll
[2017/02/26 16:25:26 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpnapps.dll
[2017/02/26 16:25:26 | 000,760,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2017/02/26 16:25:26 | 000,685,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dsregcmd.exe
[2017/02/26 16:25:26 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2017/02/26 16:25:26 | 000,404,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dsreg.dll
[2017/02/26 16:25:26 | 000,374,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2017/02/26 16:25:26 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2017/02/26 16:25:26 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDeviceRegistration.dll
[2017/02/26 16:25:26 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Core.dll
[2017/02/26 16:25:26 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDeviceRegistration.Ngc.dll
[2017/02/26 16:25:26 | 000,045,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\iorate.sys
[2017/02/26 16:25:25 | 002,095,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/02/26 16:25:25 | 001,228,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2017/02/26 16:25:25 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nettrace.dll
[2017/02/26 16:25:25 | 000,998,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2017/02/26 16:25:25 | 000,856,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2017/02/26 16:25:25 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2017/02/26 16:25:25 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vmrdvcore.dll
[2017/02/26 16:25:25 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.LowLevel.dll
[2017/02/26 16:25:25 | 000,318,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017/02/26 16:25:25 | 000,265,728 | ---- | M] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll
[2017/02/26 16:25:25 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSrvPolicyManager.dll
[2017/02/26 16:25:25 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2017/02/26 16:25:25 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthBroker.dll
[2017/02/26 16:25:24 | 005,611,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2017/02/26 16:25:24 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Web.Http.dll
[2017/02/26 16:25:24 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2017/02/26 16:25:24 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\offlinesam.dll
[2017/02/26 16:25:24 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2017/02/26 16:25:24 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2017/02/26 16:25:24 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cmifw.dll
[2017/02/26 16:25:24 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netiougc.exe
[2017/02/26 16:25:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\stdole2.tlb
[2017/02/26 16:25:23 | 002,646,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2017/02/26 16:25:23 | 002,424,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Perception.dll
[2017/02/26 16:25:23 | 001,128,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2017/02/26 16:25:23 | 001,022,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxPackaging.dll
[2017/02/26 16:25:23 | 000,762,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017/02/26 16:25:23 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2017/02/26 16:25:23 | 000,408,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2017/02/26 16:25:23 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\container.dll
[2017/02/26 16:25:23 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\easwrt.dll
[2017/02/26 16:25:23 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spaceman.exe
[2017/02/26 16:25:22 | 007,792,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BingMaps.dll
[2017/02/26 16:25:22 | 007,655,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mos.dll
[2017/02/26 16:25:22 | 004,612,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2017/02/26 16:25:22 | 003,434,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapRouter.dll
[2017/02/26 16:25:22 | 002,947,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapGeocoder.dll
[2017/02/26 16:25:22 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JpMapControl.dll
[2017/02/26 16:25:22 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapsStore.dll
[2017/02/26 16:25:22 | 000,945,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebFilter.dll
[2017/02/26 16:25:22 | 000,936,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NMAA.dll
[2017/02/26 16:25:22 | 000,905,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapControlCore.dll
[2017/02/26 16:25:22 | 000,868,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2017/02/26 16:25:22 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2017/02/26 16:25:22 | 000,820,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BingOnlineServices.dll
[2017/02/26 16:25:22 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D12.dll
[2017/02/26 16:25:22 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapConfiguration.dll
[2017/02/26 16:25:22 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2017/02/26 16:25:22 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MosResource.dll
[2017/02/26 16:25:22 | 000,366,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NmaDirect.dll
[2017/02/26 16:25:22 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\moshostcore.dll
[2017/02/26 16:25:22 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CryptoWinRT.dll
[2017/02/26 16:25:22 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfksproxy.dll
[2017/02/26 16:25:22 | 000,248,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\policymanager.dll
[2017/02/26 16:25:22 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Family.Client.dll
[2017/02/26 16:25:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapsBtSvc.dll
[2017/02/26 16:25:22 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft-Windows-MapControls.dll
[2017/02/26 16:25:22 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapsCSP.dll
[2017/02/26 16:25:22 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MosStorage.dll
[2017/02/26 16:25:22 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MosHostClient.dll
[2017/02/26 16:25:22 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\moshost.dll
[2017/02/26 16:25:22 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapstoasttask.dll
[2017/02/26 16:25:22 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapsupdatetask.dll
[2017/02/26 16:25:22 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nativemap.dll
[2017/02/26 16:25:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MapsBtSvcProxy.dll
[2017/02/26 16:25:22 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft-Windows-MosTrace.dll
[2017/02/26 16:25:22 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft-Windows-MosHost.dll
[2017/02/26 16:25:21 | 002,208,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.3D.dll
[2017/02/26 16:25:21 | 001,691,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2017/02/26 16:25:21 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.Maps.dll
[2017/02/26 16:25:21 | 001,272,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Bluetooth.dll
[2017/02/26 16:25:21 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Import.dll
[2017/02/26 16:25:21 | 000,670,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.PointOfService.dll
[2017/02/26 16:25:21 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2017/02/26 16:25:21 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.LockScreen.dll
[2017/02/26 16:25:21 | 000,254,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2017/02/26 16:25:21 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dlnashext.dll
[2017/02/26 16:25:21 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dialclient.dll
[2017/02/26 16:25:21 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.HostName.dll
[2017/02/26 16:25:21 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/02/26 16:25:20 | 005,398,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2017/02/26 16:25:20 | 002,740,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2017/02/26 16:25:20 | 002,009,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SRHInproc.dll
[2017/02/26 16:25:20 | 001,220,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2017/02/26 16:25:20 | 001,217,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2017/02/26 16:25:20 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Speech.dll
[2017/02/26 16:25:20 | 001,067,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll
[2017/02/26 16:25:20 | 001,002,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SRH.dll
[2017/02/26 16:25:20 | 000,907,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EditionUpgradeManagerObj.dll
[2017/02/26 16:25:20 | 000,840,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcRefreshTask.dll
[2017/02/26 16:25:20 | 000,690,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieproxy.dll
[2017/02/26 16:25:20 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Speech.UXRes.dll
[2017/02/26 16:25:20 | 000,552,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2017/02/26 16:25:20 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmkvsrcsnk.dll
[2017/02/26 16:25:20 | 000,471,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DscCore.dll
[2017/02/26 16:25:20 | 000,303,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2017/02/26 16:25:20 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcTok.exe
[2017/02/26 16:25:20 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2017/02/26 16:25:20 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2017/02/26 16:25:20 | 000,160,768 | ---- | M] () -- C:\Windows\SysNative\EditionUpgradeHelper.dll
[2017/02/26 16:25:20 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscinterop.dll
[2017/02/26 16:25:20 | 000,146,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudExperienceHostCommon.dll
[2017/02/26 16:25:20 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2017/02/26 16:25:20 | 000,101,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceReactivation.dll
[2017/02/26 16:25:20 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ConfigureExpandedStorage.dll
[2017/02/26 16:25:19 | 009,125,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2017/02/26 16:25:19 | 000,803,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FrameServer.dll
[2017/02/26 16:25:19 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ShareHost.dll
[2017/02/26 16:25:19 | 000,483,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.dll
[2017/02/26 16:25:19 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FSClient.dll
[2017/02/26 16:25:19 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfsensorgroup.dll
[2017/02/26 16:25:19 | 000,075,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfaudiocnv.dll
[2017/02/26 16:25:19 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LaunchWinApp.exe
[2017/02/26 16:25:18 | 017,184,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2017/02/26 16:25:18 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll
[2017/02/26 16:25:18 | 001,883,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017/02/26 16:25:18 | 001,631,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.Resources.dll
[2017/02/26 16:25:18 | 001,349,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017/02/26 16:25:18 | 001,163,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2017/02/26 16:25:18 | 001,046,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017/02/26 16:25:18 | 000,996,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SecConfig.efi
[2017/02/26 16:25:18 | 000,885,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2017/02/26 16:25:18 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PlayToReceiver.dll
[2017/02/26 16:25:18 | 000,198,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2017/02/26 16:25:18 | 000,078,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2017/02/26 16:25:18 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\delegatorprovider.dll
[2017/02/26 16:25:18 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi_passthru.dll
[2017/02/26 16:25:17 | 005,384,192 | ---- | M] (Microsoft) -- C:\Windows\SysNative\dbgeng.dll
[2017/02/26 16:25:17 | 003,116,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSAJApi.dll
[2017/02/26 16:25:17 | 001,694,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2017/02/26 16:25:17 | 001,656,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2017/02/26 16:25:17 | 000,811,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll
[2017/02/26 16:25:17 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2017/02/26 16:25:17 | 000,650,240 | ---- | M] (Microsoft) -- C:\Windows\SysNative\DbgModel.dll
[2017/02/26 16:25:17 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.BioFeedback.dll
[2017/02/26 16:25:17 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Gaming.XboxLive.Storage.dll
[2017/02/26 16:25:17 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Phoneutil.dll
[2017/02/26 16:25:17 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/02/26 16:25:17 | 000,218,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LsaIso.exe
[2017/02/26 16:25:17 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll
[2017/02/26 16:25:17 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NPSM.dll
[2017/02/26 16:25:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2017/02/26 16:25:17 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017/02/26 16:25:16 | 003,753,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bootux.dll
[2017/02/26 16:25:16 | 003,059,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2017/02/26 16:25:16 | 001,710,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2017/02/26 16:25:16 | 001,348,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wifinetworkmanager.dll
[2017/02/26 16:25:16 | 001,322,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpx.dll
[2017/02/26 16:25:16 | 001,255,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AzureSettingSyncProvider.dll
[2017/02/26 16:25:16 | 000,939,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2017/02/26 16:25:16 | 000,871,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2017/02/26 16:25:16 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2017/02/26 16:25:16 | 000,715,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wsp_sr.dll
[2017/02/26 16:25:16 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2017/02/26 16:25:16 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Wallet.dll
[2017/02/26 16:25:16 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.WiFiDirect.dll
[2017/02/26 16:25:16 | 000,489,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetSetupShim.dll
[2017/02/26 16:25:16 | 000,423,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wifitask.exe
[2017/02/26 16:25:16 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ClipboardServer.dll
[2017/02/26 16:25:16 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wificonnapi.dll
[2017/02/26 16:25:16 | 000,128,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2017/02/26 16:25:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetCfgNotifyObjectHost.exe
[2017/02/26 16:25:16 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\BluetoothApis.dll
[2017/02/26 16:25:15 | 001,415,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32full.dll
[2017/02/26 16:25:15 | 001,247,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll
[2017/02/26 16:25:15 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PhoneProviders.dll
[2017/02/26 16:25:15 | 000,665,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GenValObj.exe
[2017/02/26 16:25:15 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\StoreAgent.dll
[2017/02/26 16:25:15 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usocore.dll
[2017/02/26 16:25:15 | 000,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DMRServer.dll
[2017/02/26 16:25:15 | 000,506,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2017/02/26 16:25:15 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fhsettingsprovider.dll
[2017/02/26 16:25:15 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fhcfg.dll
[2017/02/26 16:25:15 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aadcloudap.dll
[2017/02/26 16:25:15 | 000,336,896 | ---- | M] () -- C:\Windows\SysWow64\msinfo32.exe
[2017/02/26 16:25:15 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptngc.dll
[2017/02/26 16:25:15 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers_WorkAccess.dll
[2017/02/26 16:25:15 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlancfg.dll
[2017/02/26 16:25:15 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\InstallAgentUserBroker.exe
[2017/02/26 16:25:15 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2017/02/26 16:25:15 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GlobCollationHost.dll
[2017/02/26 16:25:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\InstallAgent.exe
[2017/02/26 16:25:14 | 004,136,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.StateRepository.dll
[2017/02/26 16:25:14 | 001,429,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2017/02/26 16:25:14 | 001,336,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wsecedit.dll
[2017/02/26 16:25:14 | 000,841,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LicenseManager.dll
[2017/02/26 16:25:14 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FlightSettings.dll
[2017/02/26 16:25:14 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuuhext.dll
[2017/02/26 16:25:14 | 000,338,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fhcpl.dll
[2017/02/26 16:25:14 | 000,326,656 | ---- | M] () -- C:\Windows\SysNative\wc_storage.dll
[2017/02/26 16:25:14 | 000,279,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdeunlock.exe
[2017/02/26 16:25:14 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/02/26 16:25:14 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DisplayManager.dll
[2017/02/26 16:25:14 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.StateRepositoryClient.dll
[2017/02/26 16:25:14 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpoext.dll
[2017/02/26 16:25:14 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.StateRepositoryBroker.dll
[2017/02/26 16:25:14 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TpmTasks.dll
[2017/02/26 16:25:14 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cmimcext.sys
[2017/02/26 16:25:13 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.AccountsControl.dll
[2017/02/26 16:25:13 | 000,782,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WWAHost.exe
[2017/02/26 16:25:13 | 000,755,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2017/02/26 16:25:13 | 000,747,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Ocr.dll
[2017/02/26 16:25:13 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PlayToDevice.dll
[2017/02/26 16:25:13 | 000,381,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2017/02/26 16:25:13 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\domgmt.dll
[2017/02/26 16:25:13 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2017/02/26 16:25:13 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CloudBackupSettings.dll
[2017/02/26 16:25:13 | 000,075,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\remoteaudioendpoint.dll
[2017/02/26 16:25:12 | 003,400,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2017/02/26 16:25:12 | 001,637,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/02/26 16:25:12 | 001,600,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2017/02/26 16:25:12 | 001,454,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetsrc.dll
[2017/02/26 16:25:12 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.Phone.dll
[2017/02/26 16:25:12 | 001,106,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wsp_health.dll
[2017/02/26 16:25:12 | 000,992,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2017/02/26 16:25:12 | 000,908,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2017/02/26 16:25:12 | 000,875,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TokenBroker.dll
[2017/02/26 16:25:12 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.Web.Core.dll
[2017/02/26 16:25:12 | 000,709,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2017/02/26 16:25:12 | 000,605,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcastdvr.exe
[2017/02/26 16:25:12 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LockAppBroker.dll
[2017/02/26 16:25:12 | 000,434,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2017/02/26 16:25:12 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BcastDVRHelper.dll
[2017/02/26 16:25:12 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppCapture.dll
[2017/02/26 16:25:12 | 000,108,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2017/02/26 16:25:12 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2017/02/26 16:25:11 | 001,755,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceFlows.DataModel.dll
[2017/02/26 16:25:11 | 000,584,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncHost.exe
[2017/02/26 16:25:10 | 004,673,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2017/02/26 16:25:10 | 003,405,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2017/02/26 16:25:10 | 003,056,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2017/02/26 16:25:10 | 002,538,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2017/02/26 16:25:10 | 001,811,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ResetEngine.dll
[2017/02/26 16:25:10 | 001,082,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2017/02/26 16:25:10 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RemoteNaturalLanguage.dll
[2017/02/26 16:25:10 | 000,717,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2017/02/26 16:25:10 | 000,682,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2017/02/26 16:25:10 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uReFS.dll
[2017/02/26 16:25:10 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2017/02/26 16:25:10 | 000,540,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2017/02/26 16:25:10 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Search.ProtocolHandler.MAPI2.dll
[2017/02/26 16:25:10 | 000,379,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CredProvDataModel.dll
[2017/02/26 16:25:10 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemreset.exe
[2017/02/26 16:25:10 | 000,349,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2017/02/26 16:25:10 | 000,262,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Storage.ApplicationData.dll
[2017/02/26 16:25:10 | 000,236,488 | ---- | M] () -- C:\Windows\SysNative\weretw.dll
[2017/02/26 16:25:10 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2017/02/26 16:25:10 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2017/02/26 16:25:10 | 000,118,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys
[2017/02/26 16:25:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzautoupdate.dll
[2017/02/26 16:25:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/02/26 16:25:10 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\offreg.dll
[2017/02/26 16:25:10 | 000,041,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SysResetErr.exe
[2017/02/26 16:25:10 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/02/26 16:25:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ResetEngine.exe
[2017/02/26 16:25:09 | 002,746,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2017/02/26 16:25:09 | 001,300,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll
[2017/02/26 16:25:09 | 001,078,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll
[2017/02/26 16:25:09 | 000,587,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2017/02/26 16:25:09 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpAXHolder.dll
[2017/02/26 16:25:09 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\daxexec.dll
[2017/02/26 16:25:09 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcuiu.dll
[2017/02/26 16:25:09 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2017/02/26 16:25:09 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iscsiwmi.dll
[2017/02/26 16:25:09 | 000,050,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2017/02/26 16:25:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ffbroker.dll
[2017/02/26 16:25:08 | 006,474,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mspaint.exe
[2017/02/26 16:25:08 | 000,845,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeApiPublic.dll
[2017/02/26 16:25:08 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2017/02/26 16:25:08 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BackgroundMediaPolicy.dll
[2017/02/26 16:25:07 | 002,828,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2017/02/26 16:25:07 | 001,402,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Editing.dll
[2017/02/26 16:25:07 | 001,086,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Vpn.dll
[2017/02/26 16:25:07 | 000,819,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppContracts.dll
[2017/02/26 16:25:07 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.dll
[2017/02/26 16:25:07 | 000,775,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GamePanel.exe
[2017/02/26 16:25:07 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2017/02/26 16:25:07 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\efswrt.dll
[2017/02/26 16:25:07 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dmenrollengine.dll
[2017/02/26 16:25:07 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PimIndexMaintenance.dll
[2017/02/26 16:25:07 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ErrorDetails.dll
[2017/02/26 16:25:07 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncPolicy.dll
[2017/02/26 16:25:07 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ErrorDetailsUpdate.dll
[2017/02/26 16:25:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cmintegrator.dll
[2017/02/26 16:25:06 | 002,389,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smartscreen.exe
[2017/02/26 16:25:06 | 001,266,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Input.Inking.dll
[2017/02/26 16:25:06 | 000,873,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aadtb.dll
[2017/02/26 16:25:06 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EmailApis.dll
[2017/02/26 16:25:06 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ContactApis.dll
[2017/02/26 16:25:06 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppointmentApis.dll
[2017/02/26 16:25:06 | 000,567,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ChatApis.dll
[2017/02/26 16:25:06 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TpmCoreProvisioning.dll
[2017/02/26 16:25:06 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Gaming.Input.dll
[2017/02/26 16:25:06 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataAccountApis.dll
[2017/02/26 16:25:06 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\updatehandlers.dll
[2017/02/26 16:25:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Shell.dll
[2017/02/26 16:25:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2017/02/26 16:25:05 | 008,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2017/02/26 16:25:05 | 002,289,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2017/02/26 16:25:05 | 000,966,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2017/02/26 16:25:05 | 000,749,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2017/02/26 16:25:05 | 000,602,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NetSetupEngine.dll
[2017/02/26 16:25:05 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2017/02/26 16:25:05 | 000,529,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2017/02/26 16:25:05 | 000,445,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2017/02/26 16:25:05 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icsvc.dll
[2017/02/26 16:25:05 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2017/02/26 16:25:05 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEnroller.exe
[2017/02/26 16:25:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\biwinrt.dll
[2017/02/26 16:25:05 | 000,111,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NetSetupApi.dll
[2017/02/26 16:25:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2017/02/26 16:25:05 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2017/02/26 16:25:05 | 000,036,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2017/02/26 16:25:04 | 001,305,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wsp_fs.dll
[2017/02/26 16:25:04 | 001,122,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2017/02/26 16:25:04 | 000,544,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2017/02/26 16:25:04 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cloudAP.dll
[2017/02/26 16:25:04 | 000,163,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RTWorkQ.dll
[2017/02/26 16:25:03 | 006,654,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017/02/26 16:25:03 | 002,852,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2017/02/26 16:25:03 | 000,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2017/02/26 16:25:03 | 000,360,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2017/02/26 16:25:03 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\deviceaccess.dll
[2017/02/26 16:25:03 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Devices.dll
[2017/02/26 16:25:01 | 005,110,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdp.dll
[2017/02/26 16:25:01 | 002,820,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\InputService.dll
[2017/02/26 16:25:01 | 002,481,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2017/02/26 16:25:01 | 001,702,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2017/02/26 16:25:01 | 000,674,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2017/02/26 16:25:01 | 000,600,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2017/02/26 16:25:01 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2017/02/26 16:25:01 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TextInputFramework.dll
[2017/02/26 16:25:01 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Internal.Management.dll
[2017/02/26 16:25:01 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2017/02/26 16:25:01 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2017/02/26 16:25:01 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Core.TextInput.dll
[2017/02/26 16:25:01 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthLEEnum.sys
[2017/02/26 16:25:01 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2017/02/26 16:25:01 | 000,142,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\migisol.dll
[2017/02/26 16:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2017/02/26 16:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2017/02/26 16:25:01 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\InputLocaleManager.dll
[2017/02/26 16:25:01 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2017/02/26 16:25:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EditBufferTestHook.dll
[2017/02/26 16:25:01 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eappprxy.dll
[2017/02/26 16:25:01 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\StorageUsage.dll
[2017/02/26 16:25:01 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WordBreakers.dll
[2017/02/26 16:25:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgentc.exe
[2017/02/26 16:25:00 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdiWiFi.sys
[2017/02/26 16:25:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2017/02/26 16:24:59 | 001,507,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32kbase.sys
[2017/02/26 16:24:59 | 001,293,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPDMC.exe
[2017/02/26 16:24:59 | 000,691,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2017/02/26 16:24:59 | 000,658,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms2.sys
[2017/02/26 16:24:59 | 000,401,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmm

[2017/02/26 16:24:55 | 000,418,304 | ---- | M] () -- C:\Windows\SysNative\Windows.Perception.Stub.dll
[2017/02/26 16:24:55 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Midi.dll
[2017/02/26 16:24:55 | 000,121,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2017/02/26 16:24:55 | 000,062,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2017/02/26 16:24:55 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhvr.sys
[2017/02/26 16:24:54 | 002,510,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetworkMobileSettings.dll
[2017/02/26 16:24:54 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Web.Http.dll
[2017/02/26 16:24:54 | 001,112,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppxPackaging.dll
[2017/02/26 16:24:54 | 000,980,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetcore.dll
[2017/02/26 16:24:54 | 000,866,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Cred.dll
[2017/02/26 16:24:54 | 000,827,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2017/02/26 16:24:54 | 000,687,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvproc.dll
[2017/02/26 16:24:54 | 000,634,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2017/02/26 16:24:54 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2017/02/26 16:24:54 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.AllJoyn.dll
[2017/02/26 16:24:54 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\container.dll
[2017/02/26 16:24:54 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetworkUXBroker.dll
[2017/02/26 16:24:54 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2017/02/26 16:24:54 | 000,157,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CloudStorageWizard.exe
[2017/02/26 16:24:54 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\stdole2.tlb
[2017/02/26 16:24:53 | 001,069,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2017/02/26 16:24:53 | 001,006,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\D3D12.dll
[2017/02/26 16:24:53 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CryptoWinRT.dll
[2017/02/26 16:24:53 | 000,266,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\policymanager.dll
[2017/02/26 16:24:53 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\C_G18030.DLL
[2017/02/26 16:24:53 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2017/02/26 16:24:53 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\C_IS2022.DLL
[2017/02/26 16:24:53 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\c_GSM7.DLL
[2017/02/26 16:24:52 | 007,814,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017/02/26 16:24:52 | 006,284,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2017/02/26 16:24:52 | 000,949,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.PointOfService.dll
[2017/02/26 16:24:52 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2017/02/26 16:24:52 | 000,828,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2017/02/26 16:24:52 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.SmartCards.dll
[2017/02/26 16:24:52 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2017/02/26 16:24:52 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2017/02/26 16:24:52 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.HostName.dll
[2017/02/26 16:24:52 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.CredDialogController.dll
[2017/02/26 16:24:52 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dialclient.dll
[2017/02/26 16:24:52 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dmcertinst.exe
[2017/02/26 16:24:52 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininetlui.dll
[2017/02/26 16:24:51 | 002,166,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\combase.dll
[2017/02/26 16:24:51 | 001,243,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.FaceAnalysis.dll
[2017/02/26 16:24:51 | 000,965,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2017/02/26 16:24:51 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WinTypes.dll
[2017/02/26 16:24:51 | 000,633,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2017/02/26 16:24:51 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SensorService.dll
[2017/02/26 16:24:51 | 000,409,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2017/02/26 16:24:51 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dlnashext.dll
[2017/02/26 16:24:51 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wincorlib.dll
[2017/02/26 16:24:51 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.dll
[2017/02/26 16:24:51 | 000,241,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudExperienceHost.dll
[2017/02/26 16:24:51 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapisrv.dll
[2017/02/26 16:24:51 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvenotify.exe
[2017/02/26 16:24:51 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WinRtTracing.dll
[2017/02/26 16:24:51 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\offlinelsa.dll
[2017/02/26 16:24:51 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/02/26 16:24:51 | 000,083,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2017/02/26 16:24:50 | 003,203,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2017/02/26 16:24:50 | 003,105,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2017/02/26 16:24:50 | 001,643,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Speech.dll
[2017/02/26 16:24:50 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2017/02/26 16:24:50 | 001,343,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsrcsnk.dll
[2017/02/26 16:24:50 | 000,870,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfmkvsrcsnk.dll
[2017/02/26 16:24:50 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ShareHost.dll
[2017/02/26 16:24:50 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Speech.UXRes.dll
[2017/02/26 16:24:50 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MDEServer.exe
[2017/02/26 16:24:50 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NetworkCollectionAgent.dll
[2017/02/26 16:24:50 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dafBth.dll
[2017/02/26 16:24:50 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2017/02/26 16:24:50 | 000,172,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017/02/26 16:24:50 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sendmail.dll
[2017/02/26 16:24:50 | 000,109,056 | ---- | M] () -- C:\Windows\SysWow64\chartv.dll
[2017/02/26 16:24:50 | 000,109,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfaudiocnv.dll
[2017/02/26 16:24:50 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BluetoothApis.dll
[2017/02/26 16:24:50 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpremove.exe
[2017/02/26 16:24:50 | 000,031,232 | ---- | M] () -- C:\Windows\SysWow64\efsext.dll
[2017/02/26 16:24:49 | 019,422,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\edgehtml.dll
[2017/02/26 16:24:49 | 002,846,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll
[2017/02/26 16:24:49 | 002,678,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2017/02/26 16:24:49 | 001,220,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Audio.dll
[2017/02/26 16:24:49 | 000,715,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2017/02/26 16:24:49 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2017/02/26 16:24:49 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/02/26 16:24:49 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpnprv.dll
[2017/02/26 16:24:49 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LogonController.dll
[2017/02/26 16:24:49 | 000,461,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2017/02/26 16:24:49 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2017/02/26 16:24:49 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2017/02/26 16:24:49 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PlayToReceiver.dll
[2017/02/26 16:24:49 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2017/02/26 16:24:49 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PrintWSDAHost.dll
[2017/02/26 16:24:49 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\delegatorprovider.dll
[2017/02/26 16:24:49 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi_passthru.dll
[2017/02/26 16:24:48 | 003,733,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_47.dll
[2017/02/26 16:24:48 | 001,312,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SensorDataService.exe
[2017/02/26 16:24:48 | 000,646,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2017/02/26 16:24:48 | 000,598,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Web.dll
[2017/02/26 16:24:48 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Gaming.XboxLive.Storage.dll
[2017/02/26 16:24:48 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2017/02/26 16:24:48 | 000,349,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provengine.dll
[2017/02/26 16:24:48 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Internal.Bluetooth.dll
[2017/02/26 16:24:48 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provhandlers.dll
[2017/02/26 16:24:48 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KnobsCore.dll
[2017/02/26 16:24:48 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provops.dll
[2017/02/26 16:24:48 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provisioningcsp.dll
[2017/02/26 16:24:48 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\indexeddbserver.dll
[2017/02/26 16:24:48 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RelPost.exe
[2017/02/26 16:24:48 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NPSM.dll
[2017/02/26 16:24:48 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MediaFoundation.DefaultPerceptionProvider.dll
[2017/02/26 16:24:48 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KnobsCsp.dll
[2017/02/26 16:24:48 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017/02/26 16:24:48 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NFCProvisioningPlugin.dll
[2017/02/26 16:24:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provdatastore.dll
[2017/02/26 16:24:48 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BarcodeProvisioningPlugin.dll
[2017/02/26 16:24:48 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ProvPluginEng.dll
[2017/02/26 16:24:48 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provtool.exe
[2017/02/26 16:24:48 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RemovableMediaProvisioningPlugin.dll
[2017/02/26 16:24:48 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2017/02/26 16:24:47 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers_nt.dll
[2017/02/26 16:24:47 | 004,423,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2017/02/26 16:24:47 | 001,851,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017/02/26 16:24:47 | 001,535,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SpeechPal.dll
[2017/02/26 16:24:47 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XblAuthManager.dll
[2017/02/26 16:24:47 | 000,940,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wsp_sr.dll
[2017/02/26 16:24:47 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2017/02/26 16:24:47 | 000,435,095 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml
[2017/02/26 16:24:47 | 000,292,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2017/02/26 16:24:47 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fveui.dll
[2017/02/26 16:24:47 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2017/02/26 16:24:47 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Picker.dll
[2017/02/26 16:24:47 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdeui.dll
[2017/02/26 16:24:46 | 012,342,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2017/02/26 16:24:46 | 009,260,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2017/02/26 16:24:46 | 004,148,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2017/02/26 16:24:46 | 001,586,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll
[2017/02/26 16:24:46 | 001,572,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32full.dll
[2017/02/26 16:24:46 | 000,796,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2017/02/26 16:24:46 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\StoreAgent.dll
[2017/02/26 16:24:46 | 000,587,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2017/02/26 16:24:46 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CoreMessaging.dll
[2017/02/26 16:24:46 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.InkControls.dll
[2017/02/26 16:24:46 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptngc.dll
[2017/02/26 16:24:46 | 000,369,664 | ---- | M] () -- C:\Windows\SysNative\msinfo32.exe
[2017/02/26 16:24:46 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2017/02/26 16:24:46 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GlobCollationHost.dll
[2017/02/26 16:24:46 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\InstallAgentUserBroker.exe
[2017/02/26 16:24:46 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\InstallAgent.exe
[2017/02/26 16:24:46 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2017/02/26 16:24:46 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017/02/26 16:24:46 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Energy.dll
[2017/02/26 16:24:46 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cmifw.dll
[2017/02/26 16:24:46 | 000,092,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2017/02/26 16:24:46 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2017/02/26 16:24:46 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\encapi.dll
[2017/02/26 16:24:45 | 005,682,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2017/02/26 16:24:45 | 002,484,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2017/02/26 16:24:45 | 002,048,496 | ---- | M] () -- C:\Windows\SysWow64\CoreUIComponents.dll
[2017/02/26 16:24:45 | 001,858,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2017/02/26 16:24:45 | 001,556,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Immersive.dll
[2017/02/26 16:24:45 | 001,362,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2017/02/26 16:24:45 | 001,258,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LicenseManager.dll
[2017/02/26 16:24:45 | 000,975,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2017/02/26 16:24:45 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SpaceControl.dll
[2017/02/26 16:24:45 | 000,549,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2017/02/26 16:24:45 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2017/02/26 16:24:45 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/02/26 16:24:45 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mdmregistration.dll
[2017/02/26 16:24:45 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dialserver.dll
[2017/02/26 16:24:45 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2017/02/26 16:24:45 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2017/02/26 16:24:45 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2017/02/26 16:24:44 | 005,511,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2017/02/26 16:24:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2017/02/26 16:24:44 | 001,080,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Ocr.dll
[2017/02/26 16:24:44 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2017/02/26 16:24:44 | 000,857,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WWAHost.exe
[2017/02/26 16:24:44 | 000,681,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ClipSp.sys
[2017/02/26 16:24:44 | 000,590,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2017/02/26 16:24:44 | 000,534,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2017/02/26 16:24:44 | 000,417,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2017/02/26 16:24:44 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2017/02/26 16:24:44 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2017/02/26 16:24:44 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudBackupSettings.dll
[2017/02/26 16:24:44 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCensus.exe
[2017/02/26 16:24:44 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2017/02/26 16:24:44 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncSettings.dll
[2017/02/26 16:24:44 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2017/02/26 16:24:44 | 000,087,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remoteaudioendpoint.dll
[2017/02/26 16:24:44 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\deviceassociation.dll
[2017/02/26 16:24:43 | 002,999,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32kfull.sys
[2017/02/26 16:24:43 | 002,083,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceFlows.DataModel.dll
[2017/02/26 16:24:43 | 001,908,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AzureSettingSyncProvider.dll
[2017/02/26 16:24:43 | 001,546,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wsp_health.dll
[2017/02/26 16:24:43 | 001,369,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.Phone.dll
[2017/02/26 16:24:43 | 001,099,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hvix64.exe
[2017/02/26 16:24:43 | 001,066,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2017/02/26 16:24:43 | 000,987,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hvax64.exe
[2017/02/26 16:24:43 | 000,942,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hvloader.efi
[2017/02/26 16:24:43 | 000,807,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hvloader.exe
[2017/02/26 16:24:43 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2017/02/26 16:24:43 | 000,631,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WlanMediaManager.dll
[2017/02/26 16:24:43 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers_Bluetooth.dll
[2017/02/26 16:24:43 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2017/02/26 16:24:43 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepsync.dll
[2017/02/26 16:24:43 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ConsoleLogon.dll
[2017/02/26 16:24:43 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32k.sys
[2017/02/26 16:24:43 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.WiFi.dll
[2017/02/26 16:24:43 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Radios.dll
[2017/02/26 16:24:43 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepapi.dll
[2017/02/26 16:24:43 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Family.Authentication.dll
[2017/02/26 16:24:43 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browserbroker.dll
[2017/02/26 16:24:43 | 000,079,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32u.dll
[2017/02/26 16:24:43 | 000,073,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hvservice.sys
[2017/02/26 16:24:43 | 000,020,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdhvcom.dll
[2017/02/26 16:24:42 | 001,477,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wsecedit.dll
[2017/02/26 16:24:42 | 000,983,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RemoteNaturalLanguage.dll
[2017/02/26 16:24:42 | 000,632,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2017/02/26 16:24:42 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2017/02/26 16:24:42 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\energy.dll
[2017/02/26 16:24:42 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2017/02/26 16:24:42 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CredProvDataModel.dll
[2017/02/26 16:24:42 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AccountsRt.dll
[2017/02/26 16:24:42 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\OneDriveSettingSyncProvider.dll
[2017/02/26 16:24:42 | 000,328,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Storage.ApplicationData.dll
[2017/02/26 16:24:42 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlancfg.dll
[2017/02/26 16:24:42 | 000,276,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2017/02/26 16:24:42 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dafpos.dll
[2017/02/26 16:24:42 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/02/26 16:24:42 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2017/02/26 16:24:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/02/26 16:24:42 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/02/26 16:24:41 | 006,664,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2017/02/26 16:24:41 | 003,132,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2017/02/26 16:24:41 | 002,812,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll
[2017/02/26 16:24:41 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppContracts.dll
[2017/02/26 16:24:41 | 000,924,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2017/02/26 16:24:41 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2017/02/26 16:24:41 | 000,460,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\daxexec.dll
[2017/02/26 16:24:41 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Geolocation.dll
[2017/02/26 16:24:41 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Usb.dll
[2017/02/26 16:24:41 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2017/02/26 16:24:41 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\credprovhost.dll
[2017/02/26 16:24:41 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\credprovs.dll
[2017/02/26 16:24:40 | 001,966,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\hevcdecoder.dll
[2017/02/26 16:24:40 | 001,145,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EmailApis.dll
[2017/02/26 16:24:40 | 001,107,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aadtb.dll
[2017/02/26 16:24:40 | 001,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ContactApis.dll
[2017/02/26 16:24:40 | 000,770,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppointmentApis.dll
[2017/02/26 16:24:40 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ChatApis.dll
[2017/02/26 16:24:40 | 000,650,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RDXService.dll
[2017/02/26 16:24:40 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Gaming.Input.dll
[2017/02/26 16:24:40 | 000,495,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DataSenseHandlers.dll
[2017/02/26 16:24:40 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dmenrollengine.dll
[2017/02/26 16:24:40 | 000,425,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2017/02/26 16:24:40 | 000,318,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LockAppHost.exe
[2017/02/26 16:24:40 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll
[2017/02/26 16:24:40 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetworkDesktopSettings.dll
[2017/02/26 16:24:40 | 000,168,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\skci.dll
[2017/02/26 16:24:40 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ErrorDetails.dll
[2017/02/26 16:24:40 | 000,141,824 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\DscCoreConfProv.dll
[2017/02/26 16:24:40 | 000,128,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tm.sys
[2017/02/26 16:24:40 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IdCtrls.dll
[2017/02/26 16:24:40 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2017/02/26 16:24:40 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[2017/02/26 16:24:40 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\updatepolicy.dll
[2017/02/26 16:24:40 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ErrorDetailsUpdate.dll
[2017/02/26 16:24:39 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WebcamUi.dll
[2017/02/26 16:24:39 | 000,594,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2017/02/26 16:24:39 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2017/02/26 16:24:39 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2017/02/26 16:24:39 | 000,387,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2017/02/26 16:24:39 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AboveLockAppHost.dll
[2017/02/26 16:24:39 | 000,198,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2017/02/26 16:24:39 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\biwinrt.dll
[2017/02/26 16:24:39 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2017/02/26 16:24:39 | 000,044,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2017/02/26 16:24:38 | 008,155,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Protection.PlayReady.dll
[2017/02/26 16:24:38 | 001,883,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wsp_fs.dll
[2017/02/26 16:24:38 | 001,853,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll
[2017/02/26 16:24:38 | 001,472,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2017/02/26 16:24:38 | 001,460,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2017/02/26 16:24:38 | 001,418,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2017/02/26 16:24:38 | 000,907,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2017/02/26 16:24:38 | 000,848,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetSetupEngine.dll
[2017/02/26 16:24:38 | 000,455,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\securekernel.exe
[2017/02/26 16:24:38 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2017/02/26 16:24:38 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PlayToManager.dll
[2017/02/26 16:24:38 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icsvcext.dll
[2017/02/26 16:24:38 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.pcshell.dll
[2017/02/26 16:24:38 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PsmServiceExtHost.dll
[2017/02/26 16:24:38 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetSetupSvc.dll
[2017/02/26 16:24:38 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DataExchange.dll
[2017/02/26 16:24:38 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.Identity.Provider.dll
[2017/02/26 16:24:38 | 000,148,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetSetupApi.dll
[2017/02/26 16:24:38 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ImplatSetup.dll
[2017/02/26 16:24:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VPNv2CSP.dll
[2017/02/26 16:24:37 | 000,983,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ngcsvc.dll
[2017/02/26 16:24:37 | 000,911,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2017/02/26 16:24:37 | 000,795,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MiracastReceiver.dll
[2017/02/26 16:24:37 | 000,758,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/02/26 16:24:37 | 000,671,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2017/02/26 16:24:37 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MCRecvSrc.dll
[2017/02/26 16:24:37 | 000,545,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontdrvhost.exe
[2017/02/26 16:24:37 | 000,460,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Midi.dll
[2017/02/26 16:24:37 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NgcCtnr.dll
[2017/02/26 16:24:37 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2017/02/26 16:24:37 | 000,315,744 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2017/02/26 16:24:37 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2017/02/26 16:24:37 | 000,258,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xboxgip.sys
[2017/02/26 16:24:37 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ExSMime.dll
[2017/02/26 16:24:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserMgrProxy.dll
[2017/02/26 16:24:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EnterpriseModernAppMgmtCSP.dll
[2017/02/26 16:24:37 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\VCardParser.dll
[2017/02/26 16:24:37 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2017/02/26 16:24:37 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FontProvider.dll
[2017/02/26 16:24:37 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppointmentActivation.dll
[2017/02/26 16:24:37 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataTimeUtil.dll
[2017/02/26 16:24:37 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.System.UserDeviceAssociation.dll
[2017/02/26 16:24:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\POSyncServices.dll
[2017/02/26 16:24:37 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataPlatformHelperUtil.dll
[2017/02/26 16:24:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AddressParser.dll
[2017/02/26 16:24:37 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ContactActivation.dll
[2017/02/26 16:24:37 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataTypeHelperUtil.dll
[2017/02/26 16:24:37 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataLanguageUtil.dll
[2017/02/26 16:24:37 | 000,037,376 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2017/02/26 16:24:37 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ExtrasXmlParser.dll
[2017/02/26 16:24:37 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UserDataAccessRes.dll
[2017/02/26 16:24:36 | 002,710,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2017/02/26 16:24:36 | 002,026,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/02/26 16:24:36 | 001,555,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPDMC.exe
[2017/02/26 16:24:36 | 000,886,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2017/02/26 16:24:36 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ActivationManager.dll
[2017/02/26 16:24:36 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll
[2017/02/26 16:24:36 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ahcache.sys
[2017/02/26 16:24:36 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2017/02/26 16:24:36 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credprovslegacy.dll
[2017/02/26 16:24:36 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2017/02/26 16:24:36 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RjvMDMConfig.dll
[2017/02/26 16:24:36 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncPolicy.dll
[2017/02/26 16:24:36 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
[2017/02/26 16:24:36 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\smphost.dll
[2017/02/26 16:24:35 | 006,044,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Chakra.dll
[2017/02/26 16:24:35 | 004,748,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/02/26 16:24:35 | 004,596,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xpsrchvw.exe
[2017/02/26 16:24:35 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/02/26 16:24:35 | 000,725,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSVideoDSP.dll
[2017/02/26 16:24:35 | 000,701,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll
[2017/02/26 16:24:35 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcext.dll
[2017/02/26 16:24:35 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RTMediaFrame.dll
[2017/02/26 16:24:35 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2017/02/26 16:24:35 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shutdownux.dll
[2017/02/26 16:24:35 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CloudExperienceHostUser.dll
[2017/02/26 16:24:35 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.SerialCommunication.dll
[2017/02/26 16:24:35 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Chakrathunk.dll
[2017/02/26 16:24:35 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dab.dll
[2017/02/26 16:24:35 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReportingCSP.dll
[2017/02/26 16:24:35 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.exe
[2017/02/26 16:24:35 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OnDemandConnRouteHelper.dll
[2017/02/26 16:24:35 | 000,038,400 | ---- | M] () -- C:\Windows\SysWow64\dtdump.exe
[2017/02/26 16:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slcext.dll
[2017/02/26 16:24:34 | 001,368,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SharedStartModel.dll
[2017/02/26 16:24:34 | 000,822,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Chakradiag.dll
[2017/02/26 16:24:34 | 000,518,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ngccredprov.dll
[2017/02/26 16:24:34 | 000,433,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll
[2017/02/26 16:24:34 | 000,361,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2017/02/26 16:24:34 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.SmartCards.Phone.dll
[2017/02/26 16:24:34 | 000,313,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2017/02/26 16:24:34 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll
[2017/02/26 16:24:34 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2017/02/26 16:24:33 | 004,131,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2017/02/26 16:24:33 | 001,456,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2017/02/26 16:24:33 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\enterprisecsps.dll
[2017/02/26 16:24:33 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2017/02/26 16:24:33 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2017/02/26 16:24:33 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wpnapps.dll
[2017/02/26 16:24:33 | 000,651,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.AllJoyn.dll
[2017/02/26 16:24:33 | 000,582,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2017/02/26 16:24:33 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2017/02/26 16:24:33 | 000,279,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2017/02/26 16:24:33 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2017/02/26 16:24:33 | 000,244,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2017/02/26 16:24:33 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Web.Diagnostics.dll
[2017/02/26 16:24:33 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ScDeviceEnum.dll
[2017/02/26 16:24:33 | 000,187,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2017/02/26 16:24:33 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2017/02/26 16:24:33 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NfcRadioMedia.dll
[2017/02/26 16:24:33 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LicenseManagerSvc.dll
[2017/02/26 16:24:32 | 001,467,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2017/02/26 16:24:32 | 001,388,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Cred.dll
[2017/02/26 16:24:32 | 001,071,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetcore.dll
[2017/02/26 16:24:32 | 000,762,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2017/02/26 16:24:32 | 000,729,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2017/02/26 16:24:32 | 000,691,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvproc.dll
[2017/02/26 16:24:32 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2017/02/26 16:24:32 | 000,389,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2017/02/26 16:24:32 | 000,340,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017/02/26 16:24:32 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieproxy.dll
[2017/02/26 16:24:32 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\offlinesam.dll
[2017/02/26 16:24:32 | 000,168,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017/02/26 16:24:32 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BthRadioMedia.dll
[2017/02/26 16:24:31 | 003,541,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2017/02/26 16:24:31 | 002,913,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\combase.dll
[2017/02/26 16:24:31 | 002,264,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2017/02/26 16:24:31 | 001,690,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.onecore.dll
[2017/02/26 16:24:31 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinTypes.dll
[2017/02/26 16:24:31 | 000,956,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.desktop.dll
[2017/02/26 16:24:31 | 000,912,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.SmartCards.dll
[2017/02/26 16:24:31 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincorlib.dll
[2017/02/26 16:24:31 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2017/02/26 16:24:31 | 000,358,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.dll
[2017/02/26 16:24:31 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.CredDialogController.dll
[2017/02/26 16:24:31 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2017/02/26 16:24:31 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\C_G18030.DLL
[2017/02/26 16:24:31 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXApplicabilityBlob.dll
[2017/02/26 16:24:31 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2017/02/26 16:24:31 | 000,119,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wcifs.sys
[2017/02/26 16:24:31 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\findnetprinters.dll
[2017/02/26 16:24:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2017/02/26 16:24:31 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\C_IS2022.DLL
[2017/02/26 16:24:31 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\c_GSM7.DLL
[2017/02/26 16:24:30 | 006,109,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mos.dll
[2017/02/26 16:24:30 | 002,360,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MapRouter.dll
[2017/02/26 16:24:30 | 002,107,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MapGeocoder.dll
[2017/02/26 16:24:30 | 001,656,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Perception.dll
[2017/02/26 16:24:30 | 001,507,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.FaceAnalysis.dll
[2017/02/26 16:24:30 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017/02/26 16:24:30 | 000,838,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JpMapControl.dll
[2017/02/26 16:24:30 | 000,761,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NMAA.dll
[2017/02/26 16:24:30 | 000,715,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MapControlCore.dll
[2017/02/26 16:24:30 | 000,560,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppReadiness.dll
[2017/02/26 16:24:30 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\BingOnlineServices.dll
[2017/02/26 16:24:30 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MosResource.dll
[2017/02/26 16:24:30 | 000,376,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2017/02/26 16:24:30 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DeveloperOptionsSettingsHandlers.dll
[2017/02/26 16:24:30 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NmaDirect.dll
[2017/02/26 16:24:30 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MapsBtSvc.dll
[2017/02/26 16:24:30 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\offlinelsa.dll
[2017/02/26 16:24:30 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Microsoft-Windows-MapControls.dll
[2017/02/26 16:24:30 | 000,090,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2017/02/26 16:24:30 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MosHostClient.dll
[2017/02/26 16:24:30 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017/02/26 16:24:30 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Microsoft-Windows-MosTrace.dll
[2017/02/26 16:24:30 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Microsoft-Windows-MosHost.dll
[2017/02/26 16:24:29 | 005,375,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\BingMaps.dll
[2017/02/26 16:24:29 | 003,299,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2017/02/26 16:24:29 | 001,847,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfsrcsnk.dll
[2017/02/26 16:24:29 | 001,609,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2017/02/26 16:24:29 | 001,534,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.3D.dll
[2017/02/26 16:24:29 | 000,525,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PrintDialogs.dll
[2017/02/26 16:24:29 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2017/02/26 16:24:29 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esentutl.exe
[2017/02/26 16:24:29 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MapConfiguration.dll
[2017/02/26 16:24:29 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2017/02/26 16:24:29 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MusNotification.exe
[2017/02/26 16:24:29 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfksproxy.dll
[2017/02/26 16:24:29 | 000,130,048 | ---- | M] () -- C:\Windows\SysNative\chartv.dll
[2017/02/26 16:24:29 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\HttpsDataSource.dll
[2017/02/26 16:24:29 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MosStorage.dll
[2017/02/26 16:24:29 | 000,039,424 | ---- | M] () -- C:\Windows\SysNative\efsext.dll
[2017/02/26 16:24:28 | 001,892,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2017/02/26 16:24:28 | 001,232,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.Maps.dll
[2017/02/26 16:24:28 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Audio.dll
[2017/02/26 16:24:28 | 001,196,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2017/02/26 16:24:28 | 000,958,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll
[2017/02/26 16:24:28 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LogonController.dll
[2017/02/26 16:24:28 | 000,632,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2017/02/26 16:24:28 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Import.dll
[2017/02/26 16:24:28 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2017/02/26 16:24:28 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2017/02/26 16:24:28 | 000,454,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2017/02/26 16:24:28 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rascustom.dll
[2017/02/26 16:24:28 | 000,187,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudStorageWizard.exe
[2017/02/26 16:24:28 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\capimg.sys
[2017/02/26 16:24:28 | 000,116,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CloudExperienceHostCommon.dll
[2017/02/26 16:24:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscinterop.dll
[2017/02/26 16:24:27 | 022,571,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\edgehtml.dll
[2017/02/26 16:24:27 | 004,474,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_47.dll
[2017/02/26 16:24:27 | 000,831,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2017/02/26 16:24:27 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Web.dll
[2017/02/26 16:24:27 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d8.dll
[2017/02/26 16:24:27 | 000,471,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Internal.Bluetooth.dll
[2017/02/26 16:24:27 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\indexeddbserver.dll
[2017/02/26 16:24:27 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FSClient.dll
[2017/02/26 16:24:27 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsensorgroup.dll
[2017/02/26 16:24:27 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2017/02/26 16:24:27 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2017/02/26 16:24:27 | 000,026,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2017/02/26 16:24:26 | 013,864,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2017/02/26 16:24:26 | 007,623,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2017/02/26 16:24:26 | 004,708,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2017/02/26 16:24:26 | 001,589,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2017/02/26 16:24:26 | 001,117,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2017/02/26 16:24:26 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WpcWebFilter.dll
[2017/02/26 16:24:26 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.dll
[2017/02/26 16:24:26 | 000,366,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RDXTaskFactory.dll
[2017/02/26 16:24:26 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Picker.dll
[2017/02/26 16:24:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2017/02/26 16:24:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LaunchWinApp.exe
[2017/02/26 16:24:25 | 004,557,824 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\dbgeng.dll
[2017/02/26 16:24:25 | 001,631,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.Resources.dll
[2017/02/26 16:24:25 | 000,899,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Bluetooth.dll
[2017/02/26 16:24:25 | 000,512,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSAudDecMFT.dll
[2017/02/26 16:24:25 | 000,461,312 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\DbgModel.dll
[2017/02/26 16:24:25 | 000,372,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.MediaControl.dll
[2017/02/26 16:24:25 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Family.SyncEngine.dll
[2017/02/26 16:24:25 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.BioFeedback.dll
[2017/02/26 16:24:25 | 000,167,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2017/02/26 16:24:24 | 013,431,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2017/02/26 16:24:24 | 009,260,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2017/02/26 16:24:24 | 002,422,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAJApi.dll
[2017/02/26 16:24:24 | 001,557,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2017/02/26 16:24:24 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/02/26 16:24:24 | 000,765,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CoreMessaging.dll
[2017/02/26 16:24:24 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NetworkCollectionAgent.dll
[2017/02/26 16:24:24 | 000,641,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.InkControls.dll
[2017/02/26 16:24:24 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Phoneutil.dll
[2017/02/26 16:24:24 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.WiFi.dll
[2017/02/26 16:24:24 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ClipboardServer.dll
[2017/02/26 16:24:24 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Energy.dll
[2017/02/26 16:24:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\encapi.dll
[2017/02/26 16:24:23 | 002,049,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2017/02/26 16:24:23 | 001,234,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dosvc.dll
[2017/02/26 16:24:23 | 001,157,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2017/02/26 16:24:23 | 000,746,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2017/02/26 16:24:23 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Wallet.dll
[2017/02/26 16:24:23 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.WiFiDirect.dll
[2017/02/26 16:24:23 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NetSetupShim.dll
[2017/02/26 16:24:23 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2017/02/26 16:24:23 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2017/02/26 16:24:23 | 000,082,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stornvme.sys
[2017/02/26 16:24:23 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NetCfgNotifyObjectHost.exe
[2017/02/26 16:24:23 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2017/02/26 16:24:23 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2017/02/26 16:24:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2017/02/26 16:24:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2017/02/26 16:24:22 | 002,611,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/02/28 19:34:03 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/02/28 18:54:47 | 000,002,128 | ---- | C] () -- C:\Users\Public\Desktop\インターネットバンキング保護.lnk
[2017/02/28 18:10:30 | 000,000,120 | R--- | C] () -- C:\Users\miroc\OneDrive\ドキュメント\マイ ノートブック.url
[2017/02/28 18:05:49 | 000,002,304 | ---- | C] () -- C:\Users\miroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2017/02/28 18:00:51 | 000,000,352 | ---- | C] () -- C:\Users\miroc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/02/28 18:00:51 | 000,000,334 | ---- | C] () -- C:\Users\miroc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/02/28 17:56:12 | 000,148,829 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2017/02/28 17:56:12 | 000,148,829 | ---- | C] () -- C:\Windows\SysNative\license.rtf
[2017/02/28 17:55:04 | 000,023,208 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2017/02/28 17:52:23 | 3385,344,000 | -HS- | C] () -- C:\hiberfil.sys
[2017/02/28 17:51:31 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017/02/28 17:47:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_lvcmn_01_11_00.Wdf
[2017/02/28 17:46:52 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2017/02/28 17:46:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2017/02/28 17:46:47 | 000,000,200 | ---- | C] () -- C:\Windows\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2017/02/28 17:46:47 | 000,000,180 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017/02/28 17:46:47 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\GfxValDisplayLog.bin
[2017/02/28 17:46:43 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2017/02/28 17:46:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2017/02/28 17:46:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf
[2017/02/28 17:45:52 | 000,223,424 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/02/28 17:45:41 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2017/02/28 16:15:26 | 000,043,256 | ---- | C] () -- C:\Windows\SysNative\oemlogo.bmp
[2017/02/28 16:12:08 | 000,535,088 | ---- | C] () -- C:\Windows\SysNative\perfh011.dat
[2017/02/28 16:12:08 | 000,147,970 | ---- | C] () -- C:\Windows\SysNative\perfc011.dat
[2017/02/28 16:12:08 | 000,144,476 | ---- | C] () -- C:\Windows\SysNative\perfi011.dat
[2017/02/28 16:12:08 | 000,033,362 | ---- | C] () -- C:\Windows\SysNative\perfd011.dat
[2017/02/28 16:09:29 | 000,745,002 | ---- | C] () -- C:\Windows\SysNative\perfh009.dat
[2017/02/28 16:09:29 | 000,296,742 | ---- | C] () -- C:\Windows\SysNative\perfi009.dat
[2017/02/28 16:09:29 | 000,148,400 | ---- | C] () -- C:\Windows\SysNative\perfc009.dat
[2017/02/28 16:09:29 | 000,033,362 | ---- | C] () -- C:\Windows\SysNative\perfd009.dat
[2017/02/28 16:08:07 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2017/02/28 16:08:07 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2017/02/28 16:08:06 | 000,003,683 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam
[2017/02/28 16:08:05 | 000,215,943 | ---- | C] () -- C:\Windows\SysNative\dssec.dat
[2017/02/28 16:08:05 | 000,015,462 | ---- | C] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml
[2017/02/28 16:08:05 | 000,000,858 | ---- | C] () -- C:\Windows\SysNative\DefaultQuestions.json
[2017/02/28 16:08:05 | 000,000,741 | ---- | C] () -- C:\Windows\SysNative\NOISE.DAT
[2016/07/16 20:43:04 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2016/07/16 20:43:00 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll
[2016/07/16 20:42:56 | 000,185,368 | ---- | C] () -- C:\Windows\SysWow64\weretw.dll
[2016/07/16 20:42:55 | 002,048,496 | ---- | C] () -- C:\Windows\SysWow64\CoreUIComponents.dll
[2016/07/16 20:42:55 | 000,167,640 | ---- | C] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 20:42:55 | 000,038,400 | ---- | C] () -- C:\Windows\SysWow64\dtdump.exe
[2016/07/16 20:42:54 | 000,265,728 | ---- | C] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll
[2016/07/16 20:42:53 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2016/07/16 20:42:49 | 000,304,640 | ---- | C] () -- C:\Windows\SysWow64\HrtfApo.dll
[2016/07/16 20:42:48 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

（英数字のみ　避け）

[2016/07/16 20:42:46 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\chartv.dll
[2016/07/16 20:42:46 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\efsext.dll
[2016/07/16 20:42:45 | 000,336,896 | ---- | C] () -- C:\Windows\SysWow64\msinfo32.exe
[2016/07/16 20:42:43 | 000,002,307 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2016/07/16 20:42:12 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2017/02/28 18:13:48 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017/02/26 16:24:57 | 007,222,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/02/26 16:25:28 | 005,723,344 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 20:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 20:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 20:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2017/02/28 18:10:27 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp
[2017/02/28 18:54:45 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/02/28 16:15:24 | 000,000,000 | -H-D | M] -- C:\Recovery
[2017/02/28 18:25:25 | 000,000,000 | -H-D | M] -- C:\OneDriveTemp\S-1-5-21-990994567-790204563-332684434-1001
[2017/02/28 17:48:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2017/02/28 19:19:48 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2017/02/28 17:48:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel\WiFi\bin\WLANProfiles
[2017/02/28 17:48:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\Settings
[2017/02/28 17:48:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\RetailDemo
[2017/02/28 17:52:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/30 18:05:57 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2016/03/11 12:47:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming\Intel\Wireless\Settings
[2017/02/28 16:13:56 | 000,000,000 | -H-D | M] -- C:\Recovery\Customizations
[2017/02/28 15:59:46 | 000,000,000 | -H-D | M] -- C:\Recovery\OEM
[2017/02/28 17:55:33 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2017/02/28 17:48:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\Settings
[2017/02/28 17:48:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\RetailDemo
[2017/02/28 17:52:34 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/30 18:05:57 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2017/02/28 16:08:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2016/03/11 12:47:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Roaming\Intel\Wireless\Settings
[2017/02/28 16:15:26 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2017/02/28 16:15:26 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData
[2017/02/28 18:00:04 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Intel\Wireless\Settings
[2017/02/28 18:00:00 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Intel\Wireless\WLANProfiles
[2017/02/28 18:00:12 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/02/28 18:00:51 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\IECompatCache
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\IECompatUaCache
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCookies\DNTException
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2017/02/28 18:03:49 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2017/02/28 18:54:43 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Local\Temp\eset.temp\{02D83BBE-B548-DD43-5397-20CD0507F2D9}
[2017/02/28 18:03:46 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Roaming\Intel\Wireless\Settings
[2017/02/28 18:03:46 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Roaming\Intel\Wireless\WLANProfiles
[2017/02/28 18:04:09 | 000,000,000 | -H-D | M] -- C:\Users\miroc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/02/28 18:03:50 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2017/02/28 19:34:03 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2017/02/28 17:54:55 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2016/03/11 12:47:35 | 000,000,000 | -H-D | M] -- C:\Users\Public\Roaming\Intel\Wireless\Settings
[2017/02/28 18:55:01 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2017/02/28 20:45:18 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2017/02/28 17:45:54 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2017/02/28 18:04:02 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2017/02/28 17:50:58 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\WLANProfiles

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG MZHPV256HDGL-000L1
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: TDK LoR TF10 USB Device
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 237.00GB
Starting Offset: 290455552
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,000.00MB
Starting Offset: 255011586048
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 30.00GB
Starting Offset: 4128768
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2017/02/26 16:25:25 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:22 | 001,052,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,795,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2016/07/16 20:42:55 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\syswow64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:17 | 000,453,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2016/07/16 20:42:46 | 000,347,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\syswow64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:10 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,888,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,360,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2016/07/16 20:42:55 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\syswow64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,264,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:18 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2016/07/16 20:42:46 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\syswow64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:33 | 000,541,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:11 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:43 | 000,368,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:25 | 000,787,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2016/07/16 20:42:04 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:31 | 000,647,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,888,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:50 | 000,057,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:18 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,305,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:40 | 000,617,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2016/07/16 20:43:04 | 000,566,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\syswow64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,948,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,309,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2016/07/16 20:43:02 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\syswow64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:42 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:40 | 000,358,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:15 | 001,443,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:44 | 000,944,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:44 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:47 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:47 | 001,708,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,893,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:50 | 000,646,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2016/07/16 20:42:45 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:31 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:27 | 002,314,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2017/02/26 16:25:30 | 002,368,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2017/02/26 16:24:39 | 000,283,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:41:44 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< End of report >

23:03:51に張ったログと　23：05：28に張ったログの間に入れてください。すみません。



[2017/02/26 16:24:59 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ActivationManager.dll
[2017/02/26 16:24:59 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2017/02/26 16:24:59 | 000,160,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CloudExperienceHostBroker.dll
[2017/02/26 16:24:58 | 002,512,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2017/02/26 16:24:58 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.BackgroundMediaPlayback.dll
[2017/02/26 16:24:58 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2017/02/26 16:24:58 | 000,702,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Playback.MediaPlayer.dll
[2017/02/26 16:24:57 | 007,222,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\windows.storage.dll
[2017/02/26 16:24:57 | 002,476,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2017/02/26 16:24:57 | 001,176,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017/02/26 16:24:57 | 001,062,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncCore.dll
[2017/02/26 16:24:57 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esentutl.exe
[2017/02/26 16:24:57 | 000,298,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2017/02/26 16:24:57 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2017/02/26 16:24:57 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\credprovslegacy.dll
[2017/02/26 16:24:56 | 003,520,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsrchvw.exe
[2017/02/26 16:24:56 | 002,914,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2017/02/26 16:24:56 | 002,214,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017/02/26 16:24:56 | 001,020,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usermgr.dll
[2017/02/26 16:24:56 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSVP9DEC.dll
[2017/02/26 16:24:56 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/02/26 16:24:56 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
[2017/02/26 16:24:56 | 000,509,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2017/02/26 16:24:56 | 000,480,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dsreg.dll
[2017/02/26 16:24:56 | 000,432,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2017/02/26 16:24:56 | 000,424,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2017/02/26 16:24:56 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.BlockedShutdown.dll
[2017/02/26 16:24:56 | 000,368,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OneBackupHandler.dll
[2017/02/26 16:24:56 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2017/02/26 16:24:56 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers_Flights.dll
[2017/02/26 16:24:56 | 000,206,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017/02/26 16:24:56 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDeviceRegistration.dll
[2017/02/26 16:24:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AuthBroker.dll
[2017/02/26 16:24:56 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EDPCleanup.exe
[2017/02/26 16:24:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UserDeviceRegistration.Ngc.dll
[2017/02/26 16:24:56 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.exe
[2017/02/26 16:24:56 | 000,074,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpci.sys
[2017/02/26 16:24:55 | 006,574,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2017/02/26 16:24:55 | 003,893,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2017/02/26 16:24:55 | 002,104,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll
[2017/02/26 16:24:55 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LocationFramework.dll
[2017/02/26 16:24:55 | 001,639,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2017/02/26 16:24:55 | 000,862,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2017/02/26 16:24:55 | 000,637,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2017/02/26 16:24:55 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationController.dll
[2017/02/26 16:24:55 | 000,568,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.LowLevel.dll
[2017/02/26 16:24:55 | 000,521,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MusUpdateHandlers.dll
[2017/02/26 16:24:55 | 000,468,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll


以上です

今夜もレスが遅くなってすみません。
さっきまで風呂入ってました（←うちの風呂には由○かおるはいません

OTLスキャンログを見せてもらいました。
どうもまだマカフィーが残って動いているようですね。
そのままだと現在お使いのESETと競合しての不具合起きるおそれもあるので、それも掃除しますか。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}
IE - HKLM\..\SearchScopes,DefaultScope = {0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}
IE - HKLM\..\SearchScopes\{0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 24 00 00 00 B4 FD 6E 88 CF 01 2D AB F4 B6 60 FE 3C E7 13 4D D7 97 02 D0 F6 F9 9E EF 91 45 9A 11 D2 15 1C 56 B0 23 D6 83 02 00 00 00 0E 00 00 00 77 38 6C 73 72 77 72 37 51 71 49 25 33 64 [binary data]

:Files
C:\Program Files\Common Files\McAfee

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

PCの動きは、まったく問題ありません

以下ログです

All processes killed
========== OTL ==========
Error: No service named mfemms was found to stop!
Service\Driver key mfemms not found.
File C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe not found.
Error: No service named mfefire was found to stop!
Service\Driver key mfefire not found.
File C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BA5F99D-F7F5-477C-8CF7-C08A3F53F423}\ not found.
HKU\S-1-5-21-990994567-790204563-332684434-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
========== FILES ==========
C:\Program Files\Common Files\McAfee\vscore_15_4_1 folder moved successfully.
C:\Program Files\Common Files\McAfee\platform\msm folder moved successfully.
C:\Program Files\Common Files\McAfee\platform\McSvcHost folder moved successfully.
C:\Program Files\Common Files\McAfee\platform\Core folder moved successfully.
C:\Program Files\Common Files\McAfee\platform\CommonBuild folder moved successfully.
C:\Program Files\Common Files\McAfee\platform folder moved successfully.
C:\Program Files\Common Files\McAfee\OOBE folder moved successfully.
C:\Program Files\Common Files\McAfee\mhn folder moved successfully.
C:\Program Files\Common Files\McAfee\mcproxy folder moved successfully.
C:\Program Files\Common Files\McAfee\hackerwatch folder moved successfully.
C:\Program Files\Common Files\McAfee\Casper\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\Casper\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\Casper folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\xs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\tie\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\tie folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkntfs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\39.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\rtkevt folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\profiler folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti\1.32.197.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\gti folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.20.351.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\digisig folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\avengine\5700.7163 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64\avengine folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\xs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\tie\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\tie folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkntfs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\39.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\rtkevt folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\profiler folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti\1.32.197.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\gti folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.20.351.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.146.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.13.117.8 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\digisig folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\avengine\5700.7163 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86\avengine folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\scanners folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\xs\4.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\xs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.270.5\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.270.5\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.270.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.193.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.193.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler\1.1.193.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\profiler folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\trs\258.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\trs folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\rtk\1023.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\rtk folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\prf\236.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\prf folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\min\7917.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\min folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\med\2506.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\med folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\exp\21.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine\exp folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\avengine folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\update\2368.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\update\0.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\update folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1984.5\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1984.5\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1984.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\123.6\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\123.6\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\123.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.991.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.991.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.991.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.1163.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.1163.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.304.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.304.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.205.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.205.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.32.205.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.31.162.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.31.162.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.30.345.41\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.30.345.41\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.30.345.41 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.204.6\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.204.6\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.203.6\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.203.6\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.186.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.186.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.175.1\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.175.1\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.146.4\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.146.4\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.146.4 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.117.16\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.117.16\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.13.117.16 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.117.2\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.117.2\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.117.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.113.3\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.113.3\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.113.3 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.112.2\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.112.2\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.12.112.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.1.226.5\x86_64 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.1.226.5\x86 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal\1.1.226.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\normal folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1984.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\123.10 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.40.991.2 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.40.1163.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.32.304.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.32.205.9 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.31.162.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.30.345.43 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.204.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.203.6 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.186.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.175.1 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.146.4 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.13.117.16 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.12.117.9 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\1.11.226.18 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content\0.5 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\content folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\contain\1054.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\contain\1052.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\contain\1048.0 folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore\contain folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content\amcore folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent\content folder moved successfully.
C:\Program Files\Common Files\McAfee\amcontent folder moved successfully.
C:\Program Files\Common Files\McAfee\ActWiz folder moved successfully.
C:\Program Files\Common Files\McAfee folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: defaultuser0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 588289 bytes

User: miroc
->Temp folder emptied: 167540027 bytes
->Temporary Internet Files folder emptied: 14720359 bytes
->Flash cache emptied: 14661 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 903638 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 175.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 03012017_220415

Files\Folders moved on Reboot...
C:\Users\miroc\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

おはようございます。
処置後のログを見せてもらいました。

どうやら対象のエントリはみな掃除できたようですね。
successfully（処置成功）になってます。

>PCの動きは、まったく問題ありません

動作もまともになっているようですね。
マカフィーの削除もできたということでいいでしょう。

ではここで全体の再確認します。
またHJTログと、CCでインストール情報と各タブのログを取り直して、それらをまた見せてください。

これでまだおかしな痕跡か、症状がなければヤマも越えられそうです

hijackthisのログです

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:21, on 2017/03/02
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\miroc\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKCU\..\Run: [OneDrive] "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: McAfee Application Installer Cleanup (0211861488272760) (0211861488272760mcinstcleanup) - Unknown owner - C:\Windows\TEMP\021186~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Internet Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @oem26.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundataion Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @oem53.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem53.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\Windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8116 bytes

(ここまで)




CCインストール情報のログです

3D Builder Microsoft Corporation 2017/02/28 12.0.3131.0
Candy Crush Soda Saga king.com 2017/02/28 1.84.700.0
CCleaner Piriform 2017/02/28 5.27
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2016/03/11 2.80 MB 7.6.3.1
ESET Internet Security ESET, spol. s r.o. 2017/02/28 131 MB 10.0.369.3
Facebook Facebook Inc 2017/02/28 77.754.22711.0
Groove ミュージック Microsoft Corporation 2017/02/28 10.17012.10301.0
Houzz Houzz Inc. 2017/02/28 1.1.18.0
Integrated Camera Realtek Semiconductor Corp. 2017/02/28 19.5 MB 10.0.10240.11126
Intel(R) Management Engine Components Intel Corporation 2016/03/11 11.0.0.1163
Intel(R) Processor Graphics Intel Corporation 2017/02/28 10.18.15.4256
Intel(R) WiDi Intel Corporation 2016/03/11 51.4 MB 6.0.44.0
Lenovo BatteryGauge Lenovo 2016/03/11 3.98 MB 1.0.021.00
Lenovo Companion LENOVO INC. 2017/02/28 3.66.1.0
Lenovo Power Management Driver Lenovo 2017/02/28 10.2 MB 1.67.10.20
Lenovo QuickOptimizer Lenovo 2016/03/11 12.3 MB 1.0.019.00
Lenovo Settings LENOVO INCORPORATED. 2017/02/28 3.148.0.0
Lenovo Solution Center Lenovo 2016/03/11 145 MB 3.2.002.00
Lenovo System Interface Foundation Lenovo 2017/03/02 8.72 MB 1.0.070.04
Lenovo アカウント・ポータル LENOVO INCORPORATED. 2017/02/28 2.0.32.0
LINE LINE Corporation 2017/02/28 5.4.7.0
Microsoft OneDrive Microsoft Corporation 2017/03/01 84.8 MB 17.3.6798.0207
Microsoft Solitaire Collection Microsoft Studios 2017/02/28 3.15.2140.0
Microsoft Sticky Notes Microsoft Corporation 2017/02/28 1.6.2.0
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2017/02/28 7.59 MB 9.0.21022
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2017/02/28 1.47 MB 10.0.30319
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/02/28 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/02/28 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/02/28 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2017/02/28 19.5 MB 14.0.24215.1
Minecraft: Windows 10 Edition Microsoft Studios 2017/02/28 1.0.312.0
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2017/02/28 4.0.18.0
OneNote Microsoft Corporation 2017/02/28 17.7870.57621.0
People Microsoft Corporation 2017/02/28 10.1.3410.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/02/28 6.0.1.7554
Royal Revolt 2 flaregames GmbH 2017/02/28 2.7.0.2
Runtime x64 for Power Manager 2016/03/11
Runtime x86 for Power Manager 2017/03/02
Skype プレビュー Skype 2017/02/28 11.11.110.0
Store Purchase App Microsoft Corporation 2017/02/28 11608.1000.2431.0
Synaptics Pointing Device Driver Synaptics Incorporated 2017/02/28 46.4 MB 19.0.17.27
ThinkPad OneLink Dock Lenovo 2016/03/11 45.9 MB 1.08.35
Thinkpad USB Ethernet Adapter Driver Lenovo 2016/03/11 10.1.506.2015
Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0) Synaptics FP Sensors 2017/02/28 11/27/2015 4.5.503.0
Xbox Microsoft Corporation 2017/02/28 24.26.14000.0
Xbox Identity Provider Microsoft Corporation 2017/02/28 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/28 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/02/28 10.1701.10103.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2016/03/11 2.57 MB 17.1.1525.1443
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2017/02/28 303 MB 18.20.0
カメラ Microsoft Corporation 2017/02/28 2017.125.40.0
ストア Microsoft Corporation 2017/02/28 11610.1001.25.0
ニュース Microsoft Corporation 2017/02/28 4.18.41.0
ヒント Microsoft Corporation 2017/02/28 4.5.6.0
フィードバック Hub Microsoft Corporation 2017/02/28 1.1612.10312.0
フォト Microsoft Corporation 2017/02/28 17.214.10010.0
ボイス レコーダー Microsoft Corporation 2017/02/28 10.1702.301.0
マップ Microsoft Corporation 2017/02/28 5.1611.3342.0
メッセージング Microsoft Corporation 2017/02/28 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/02/28 17.7920.40507.0
天気 Microsoft Corporation 2017/02/28 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2017/02/28 17.7909.7600.0
映画 & テレビ Microsoft Corporation 2017/02/28 10.17012.10301.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2017/02/28 1.1607.6.0
電卓 Microsoft Corporation 2017/02/28 10.1702.312.0
電話 Microsoft Corporation 2017/02/28 1.10.23004.0

（ここまで）



CC　スタートアップ　Windows　のログです

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
有効 HKLM:Run RtsCM RTSCM64.EXE

（ここまで）


CCスタートアップ　スケジュールされたタスク　のログです

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 Task RtHDVBg_LENOVO_MICPKEY Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
有効 Task RTKCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 Task RtsCM Realtek Semiconductor Corp. %windir%\RtsCM64.exe

（ここまで）


CC　スタートアップ　コンテキストメニュー　のログです

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll

（ここまで）



CC　ブラウザプラグイン　InternerExplorer　のログです

（ここまで）※なにもかかれていませんでした


以上です。

作業と報告、ご苦労様です。
現在のログを見せてもらいました。
特に問題なところもなさそうですね。

ではあとは最後の様子見しましょう。
念のため1週間様子見した後、そこでまた今回と同じHJTログと、CCでインストール情報と各タブのログも取り直して、それらを様子見中の状態報告とともにレスください。

よほどのことでもなければこの時点で再発もないはずですが、ごくごくたまに凶悪なマルウェア感染でリカバリ後でも残っているモノもありました。
それも含めてひとつでも見落としがあるとここまで頑張って作業してくれたMLSさんの努力も無に帰すといけないので、最後まで見ていきましょう。
「蟻の穴から堤も崩れる」のたとえはPCセキュリティ上でも現実で起きることです。

ここまでくれば特に気負わなくてもいいので、怪しいサイトなどを閲覧しない程度だけ気を付けてあとは普段通りにPCを使いながら様子見してください

悪代官様に会えて良かったです。
orbitumだけでなく、freemake、mcafeeの処理まで親切に教えていただいて本当に感謝しています！
orbitumを入れたとき、もうこのPCはだめなのかと思っていました。

一週間後、またよろしくお願いします。

少し遅くなりました　汗
状況報告します。よろしくお願いします

HJTのログ

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:17, on 2017/03/12
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\miroc\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKCU\..\Run: [OneDrive] "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: McAfee Application Installer Cleanup (0211861488272760) (0211861488272760mcinstcleanup) - Unknown owner - C:\Windows\TEMP\021186~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Internet Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @oem26.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundataion Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @oem53.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem53.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\Windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10236 bytes

（ここまで）

CC インストール情報

3D Builder Microsoft Corporation 2017/02/28 12.0.3131.0
Candy Crush Soda Saga king.com 2017/03/02 1.84.701.0
CCleaner Piriform 2017/03/02 19.4 MB 5.27
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2016/03/11 5.61 MB 7.6.3.1
ESET Internet Security ESET, spol. s r.o. 2017/02/28 263 MB 10.0.369.3
Facebook Facebook Inc 2017/03/12 81.789.17803.0
Game Maker 8.0 2017/03/08
GIMP 2.8.20 The GIMP Team 2017/03/08 285 MB 2.8.20
Groove ミュージック Microsoft Corporation 2017/03/08 10.17012.10311.0
Houzz Houzz Inc. 2017/02/28 1.1.18.0
Integrated Camera Realtek Semiconductor Corp. 2017/02/28 19.5 MB 10.0.10240.11126
Intel(R) Management Engine Components Intel Corporation 2016/03/11 11.0.0.1163
Intel(R) Processor Graphics Intel Corporation 2017/02/28 10.18.15.4256
Intel(R) WiDi Intel Corporation 2016/03/11 73.6 MB 6.0.44.0
Lenovo BatteryGauge Lenovo 2016/03/11 7.96 MB 1.0.021.00
Lenovo Companion LENOVO INC. 2017/03/12 3.70.1.0
Lenovo Power Management Driver Lenovo 2017/02/28 10.2 MB 1.67.10.20
Lenovo QuickOptimizer Lenovo 2016/03/11 23.2 MB 1.0.019.00
Lenovo Settings LENOVO INCORPORATED. 2017/02/28 3.148.0.0
Lenovo Solution Center Lenovo 2016/03/11 217 MB 3.2.002.00
Lenovo System Interface Foundation Lenovo 2017/03/02 13.0 MB 1.0.070.04
Lenovo アカウント・ポータル LENOVO INCORPORATED. 2017/02/28 2.0.32.0
LINE LINE Corporation 2017/02/28 5.4.7.0
Microsoft Office Professional Plus 2016 - ja-jp Microsoft Corporation 2017/03/06 1.30 GB 16.0.7766.2060
Microsoft OneDrive Microsoft Corporation 2017/03/01 84.8 MB 17.3.6798.0207
Microsoft Solitaire Collection Microsoft Studios 2017/02/28 3.15.2140.0
Microsoft Sticky Notes Microsoft Corporation 2017/02/28 1.6.2.0
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2017/02/28 1.10 MB 9.0.21022
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2017/02/28 2.95 MB 10.0.30319
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/02/28 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/02/28 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/02/28 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2017/02/28 19.5 MB 14.0.24215.1
Minecraft: Windows 10 Edition Microsoft Studios 2017/03/12 1.0.411.0
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2017/02/28 4.0.18.0
OneNote Microsoft Corporation 2017/03/12 17.7967.57501.0
People Microsoft Corporation 2017/03/08 10.2.431.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/03/02 17.3 MB 6.0.1.7554
Royal Revolt 2 flaregames GmbH 2017/03/09 3.0.0.0
Runtime x64 for Power Manager 2016/03/11
Runtime x86 for Power Manager 2017/03/02
Skype プレビュー Skype 2017/02/28 11.11.110.0
Store Purchase App Microsoft Corporation 2017/02/28 11608.1000.2431.0
Synaptics Pointing Device Driver Synaptics Incorporated 2017/02/28 46.4 MB 19.0.17.27
ThinkPad OneLink Dock Lenovo 2016/03/11 39.7 MB 1.08.35
Thinkpad USB Ethernet Adapter Driver Lenovo 2016/03/11 1.37 MB 10.1.506.2015
Windows ドライバ パッケージ - Synaptics FP Sensors (WUDFRd) Biometric (11/27/2015 4.5.503.0) Synaptics FP Sensors 2017/02/28 11/27/2015 4.5.503.0
Xbox Microsoft Corporation 2017/02/28 24.26.14000.0
Xbox Identity Provider Microsoft Corporation 2017/02/28 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/28 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/03/02 10.1702.452.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2016/03/11 5.14 MB 17.1.1525.1443
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2017/03/02 208 MB 18.20.0
カメラ Microsoft Corporation 2017/02/28 2017.125.40.0
ストア Microsoft Corporation 2017/03/09 11701.1001.79.0
ニュース Microsoft Corporation 2017/02/28 4.18.41.0
ヒント Microsoft Corporation 2017/02/28 4.5.6.0
フィードバック Hub Microsoft Corporation 2017/02/28 1.1612.10312.0
フォト Microsoft Corporation 2017/02/28 17.214.10010.0
ボイス レコーダー Microsoft Corporation 2017/02/28 10.1702.301.0
マップ Microsoft Corporation 2017/02/28 5.1611.3342.0
メッセージング Microsoft Corporation 2017/02/28 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/03/08 17.8004.42017.0
天気 Microsoft Corporation 2017/02/28 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2017/02/28 17.7909.7600.0
映画 & テレビ Microsoft Corporation 2017/02/28 10.17012.10301.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2017/02/28 1.1607.6.0
電卓 Microsoft Corporation 2017/02/28 10.1702.312.0
電話 Microsoft Corporation 2017/02/28 1.10.23004.0

（ここまで）


CC　スタートアップ　Windows

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\miroc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
有効 HKLM:Run RtsCM RTSCM64.EXE

（ここまで）



CC　スタートアップ　スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon Intel Corporation "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 Task RtHDVBg_LENOVO_MICPKEY Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
有効 Task RTKCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 Task RtsCM Realtek Semiconductor Corp. %windir%\RtsCM64.exe

（ここまで）



CC　スタートアップ　コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Internet Security\shellExt.dll

（ここまで）



CC　ブラウザプラグイン　InternerExplorer

無効 Extension Lync Click to Call Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
無効 Extension Lync Click to Call Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
無効 Helper Lync Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
無効 Helper Lync Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
有効 Helper Microsoft OneDrive for Business Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
有効 Helper Microsoft OneDrive for Business Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL

（ここまで）



以上です。
よろしくお願いします。

こんばんは。
様子見後の報告ですね。
その後異常は出てませんでしたか？

ログもみせてもらいましたが、ログ上では特に怪しいものはなさそうです。
リカバリ後の修正もできたようです。

他に異常も出てなければ本題の処置は終了と言うことでいいでしょう。
作業に使った各ツールは準備時の説明に沿って片付けてください。

異常は治まっても以後の再被害を防ぐための自衛はここからが始まりです。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

ここ2年ほどでPCセキュリティ上の危険は爆発的に増大しました。
「ランサムウェア」と称される「人質型マルウェア」の増加がその筆頭です。
この種のマルウェアにやられるとそのPC内のファイルのほとんどが拡張子変更や圧縮ファイルに書き換えられ、ほとんどの機能が使えなくなるという代物です。
それを解除するためにはかけられたロック（暗号化）を解除するためのパスワードをを購入することが必要とPC上に表示され、そのパスワードを入力することでPC機能と書き換えられた全ファイルの復号化（修復）できるという手口です。

その後大手セキュリティベンダーでも対策が練られ、いくつかのランサムウェア感染では大手ベンダーの配布する復号化ツールを使うことで復旧も可能になりましたがこれもすべての事例で有効ではなく、またかろうじてPC機能を取り戻すことができてもそのあとの危険性が残っているおそれも大なので処置後にリカバリ推奨という点も共通しています。

こういう被害はいまや大手企業や官公庁内のPCだけが狙われる事件ではなく、一般の個人ユーザー間でも大量発生しており、日本国内でも同様です。

深刻な感染被害に遭ったら当掲示板や他の相談サイトに助けを求めることもできません。
何より『本物の危険マルウェア』は入りこんだPCの設定も改ざんして、大手セキュリティベンダーや解決策を示すサイトへのアクセスをブロックすることも多いのです。
前述の大手ベンダー製の復号化ツールもダウンロードさえできなくなるわけです。

こういう被害に遭った際に、被害を最小限に食い止めるために必要なデータのバックアップは日ごろからこまめにとっておくよう推奨します。
バックアップがあればリカバリ後でもデータの継続使用は容易です。
また感染ではなく故障などのハード的な要因でPC内のデータが救出もできなくなった時にも買い替えor代用PCでデータの運用も引き続きできます。

なお、リカバリ前のPCで入力したことのある各種パスワードももう変更はできたかと思いますが、まだ変更していないパスがあればお忘れなく。

PCセキュリティの上では覚えておくべきことは山ほどありますが、最初から全部頭に詰め込む必要もありません。
わかる範囲からひとつずつ消化して、PC環境とセキュリティ意識を再構築していってください。

慣れない作業を長期間頑張ってくれてお疲れ様でした。
以後は安全で快適なPCライフを

異常がないようで、安心しました！！
これからはダウンロード、インストールするとき今まで以上に注意を払います。
（こんな怖い思いは、もうこりごりです…）

悪代官様のおかげで、被害を受けることなく処理できたみたいです。本当に感謝します。ありがとうございました！