悪代官の伏魔殿掲示板

browsermodfilterというファイル

初めまして、ｍｋｍと申します。
Cドライブの容量が何もしていなくてもどんどん消費されていく現象が発生し、怪しいファイルを探していたらbrowsermodfilterというファイルにたどり着きました。
アドウェアらしいのですが、詳しくはわかりません。対処法をご存知でしたら教えていただきたいです。

以下、ログです。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:45:23, on 2016/10/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

FIREFOX: 46.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\tkm\Desktop\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft アカウントサインインヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: BunBackup.lnk = C:\Program Files\Nagatsuki\BunBackup\BunBackup.exe
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: OneNote に送る(&N) - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンクノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンクノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira スケジューラ (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: EaseUS Agentサービス (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: インテル(R) ラピッド・ストレージ・テクノロジー (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: オンスクリーン表示 (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: UCManSvc - Paltiosoft Inc. - C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15434 bytes

Adobe AIR Adobe Systems Incorporated 2016/10/13 18.0.0.144
Adobe Flash Player 23 ActiveX Adobe Systems Incorporated 2016/10/11 18.7 MB 23.0.0.185
Adobe Reader 9.4.0 - Japanese Adobe Systems Incorporated 2015/11/10 264 MB 9.4.0
Amazon Kindle Amazon 2016/05/02 1.15.0.43061
Avira Antivirus Avira Operations GmbH & Co. KG 2016/10/11 317 MB 15.0.22.54
Avira Browser Safety Avira Operations GmbH & Co KG 2016/04/11 11.2 MB 1.4.5.509
Avira Launcher Avira Operations GmbH & Co. KG 2016/09/09 12.5 MB 1.2.70.16079
Avira Launcher Avira Operations GmbH & Co. KG 2016/09/20 12.5 MB 1.2.71.9779
Avira Phantom VPN Avira Operations GmbH & Co. KG 2016/09/21 9.23 MB 1.6.1.17854
Conexant 20672 SmartAudio HD Conexant 2016/04/13 8.32.23.5
Corel Burn.Now Lenovo Edition Corel Corporation 2015/11/10 81.0 MB 4.5.0
Corel DVD MovieWriter Lenovo Edition Corel Corporation 2015/11/10 320 MB 7.0.0
Corel WinDVD Corel Inc. 2015/11/10 300 MB 10.0.5.890
Create Recovery Media Lenovo Group Limited 2015/11/10 8.05 MB 1.20.0.00
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 2015/11/10 1.00
Evernote v. 4.2.3 Evernote Corp. 2015/11/10 139 MB 4.2.3.15
FXDD Malta - MetaTrader 4 MetaQuotes Software Corp. 2016/04/10 6.00
Google Chrome Google Inc. 2015/11/10 53.0.2785.143
Google Drive Google, Inc. 2016/08/18 35.1 MB 1.31.2873.2758
Google Toolbar for Internet Explorer Google Inc. 2016/04/30 7.5.7619.1252
Google Update Helper 2015/11/10
Intel(R) Control Center Intel Corporation 2016/04/13 1.2.1.1007
Intel(R) Identity Protection Technology 1.1.2.0 Intel Corporation 2015/11/10 1.13 MB 1.1.2.0
Intel(R) Management Engine Components Intel Corporation 2016/04/13 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 2016/04/13 8.15.10.2321
Intel(R) Rapid Storage Technology Intel Corporation 2016/04/13 11.6.0.1030
Lenovo Auto Scroll Utility 2015/11/10 1.11
Lenovo Registration Lenovo Inc. 2015/11/10 4.13 MB 1.0.4
Lenovo System Interface Driver 2015/11/10 1.05
Lenovo User Guide 会社名 2015/11/10 606 KB 1.0.0008.00
Lenovo Warranty Information Lenovo 2015/11/10 861 KB 1.0.0005.00
LINE LINE Corporation 2016/09/08 4.9.0.1147
MetaTrader 4 MetaQuotes Software Corp. 2016/07/03 6.00
Microsoft .NET Framework 4.6.1 Microsoft Corporation 2016/04/10 38.8 MB 4.6.01055
Microsoft .NET Framework 4.6.1 (日本語) Microsoft Corporation 2016/04/14 2.93 MB 4.6.01055
Microsoft Office Professional Plus 2010 Microsoft Corporation 2016/04/14 14.0.7015.1000
Microsoft OneDrive Microsoft Corporation 2016/05/15 26.7 MB 17.0.4035.0328
Microsoft Silverlight Microsoft Corporation 2016/10/13 199 MB 5.1.50901.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2015/11/10 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2016/04/13 294 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/04/21 3.00 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2016/04/21 242 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/11/10 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2015/11/10 784 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/04/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/11/10 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/11/10 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/04/14 594 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/04/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/04/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation 2016/04/21 11.0.51106.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/04/21 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 2016/10/12 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2016/04/18 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2016/05/20 20.7 MB 14.0.23506.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2016/04/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2016/04/13 10.0.50903
Mozilla Firefox 46.0.1 (x86 ja) Mozilla 2016/05/26 91.5 MB 46.0.1
Mp3tag v2.75 Florian Heidenreich 2016/04/13 v2.75
MPC-HC 1.7.10 (64-bit) MPC-HC Team 2016/09/07 43.6 MB 1.7.10
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2016/04/10 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2016/04/10 1.33 MB 4.20.9876.0
Nave The BK - nvplayer ver 0.6.22 - Limited S.E.E.R.A 2016/09/10 6.54 MB 0.6.22- Limited
Niconico Live Encoder niwango, inc. 2016/09/26 2.0.4
NVIDIA 3D Vision ドライバー 354.45 NVIDIA Corporation 2016/04/14 354.45
NVIDIA HD オーディオドライバー 1.2.23.3 NVIDIA Corporation 2015/11/10 1.2.23.3
NVIDIA nView 146.78 NVIDIA Corporation 2016/04/14 146.78
NVIDIA グラフィックスドライバー 354.45 NVIDIA Corporation 2016/04/14 354.45
QUAD-CAPTURE Driver Roland Corporation 2016/04/10
RapidBoot Lenovo 2015/11/10 589 KB 1.11
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 2015/11/10 1.00
Rescue and Recovery Lenovo Group Limited 2016/04/12 111 MB 4.50.0025.00
RICOH_Media_Driver_v2.14.18.01 RICOH 2015/11/10 2.14.18.01
sdrt(5.0, 64bit) パルティオソフト株式会社 2016/05/11 3.93 MB 5.0.3.0
Skype(TM) 7.26 Skype Technologies S.A. 2016/08/13 231 MB 7.26.101
Sony Media Library Earth 9.3.01 Sony Corporation 2016/04/13 50.5 MB 9.3.01.03100
System Update Lenovo 2015/11/10 11.8 MB 4.01.0015
ThinkPad FullScreen Magnifier 2015/11/10 2.40
ThinkPad UltraNav Driver 2016/04/14 46.4 MB 16.2.19.7
ThinkPad UltraNav ユーティリティ Lenovo 2015/11/10 2.13.0
ThinkPad 省電力マネージャー 2015/11/10 3.63
ThinkVantage System Update 2016/04/13
ThinkVantage ハードディスク・アクティブプロテクション・システム Lenovo 2015/11/10 15.6 MB 1.73
VIP Access VeriSign 2015/11/10 18.9 MB 2.0.2.140
WinCDEmu Bazis 2016/09/18 3.6
Windows Live Essentials Microsoft Corporation 2016/05/15 16.4.3528.0331
Windows ドライバパッケージ - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) Intel 2015/11/10 12/21/2010 11.8.84.0
Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011) Intel 2015/11/10 09/10/2010 9.2.0.1011
Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011) Intel 2016/04/13 09/10/2010 9.2.0.1011
Windows ドライバパッケージ - Intel System (11/20/2010 9.2.0.1016) Intel 2015/11/10 11/20/2010 9.2.0.1016
Windows ドライバパッケージ - Intel USB (12/21/2010 9.2.0.1021) Intel 2015/11/10 12/21/2010 9.2.0.1021
Windows ドライバパッケージ - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) Lenovo 2015/11/10 05/11/2009 4.1.0.1
Windows ドライバパッケージ - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) Lenovo 2015/11/10 11/11/2010 1.61.00.11
Windows ドライバパッケージ - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) Synaptics 2015/11/10 05/19/2011 15.3.8.0
WinRAR 5.31 (64-bit) win.rar GmbH 2016/04/10 5.31.0
x-アプリ 6.0.04 Sony Corporation 2016/09/06 83.3 MB 10.0.04
インテル(R) PROSet/Wireless WiFi ソフトウェア Intel Corporation 2015/11/10 84.5 MB 14.2.0000
オンスクリーン表示 2015/11/10 6.60.03
キングソフト辞書キングソフト株式会社 2015/11/10 2011.05.11.1.1

よろしくお願いいたします

ｍｋｍ
2016/10/13 (Thu) 11:48:58

返信フォームへ

ソフト電池がいますね

こんにちは。
ここの管理人の悪代官というケチな遊び人です（←それポジション違う

説明とログを見せてもらいました。

>browsermodfilter

その検出名とすると検出したセキュリティソフトはWindowsDefenderですか？
aviraもお使いのようなのでaviraで検出されたかもしれませんが。

どちらで検出されたにしても、ログを見たところ問題点はいくつか見えてます。
例えば下記アプリですが
>sdrt(5.0, 64bit) パルティオソフト株式会社 2016/05/11 3.93 MB 5.0.3.0

これは「ソフト電池」とも呼ばれるアプリで、アドウェアの一種と言われてます。
これがWDで前述の「browsermodfilter」として検出されたかもしれませんが、これひとつだけ削除すれば解決する状態でもありません。
ひとつずつ慎重に解析したうえで、正しい手順で処置しましょう。
全部片付くまでにはどうしてもそれなりの手間は避けられないので、時間はかかってもいいですから落ち着いてひとつずつ慎重に進めてください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

少なくとも下記のアプリは旧バージョンです。
>Adobe Flash Player 23 ActiveX Adobe Systems Incorporated 2016/10/11 18.7 MB 23.0.0.185

>Mozilla Firefox 46.0.1 (x86 ja) Mozilla 2016/05/26 91.5 MB 46.0.1

>Skype(TM) 7.26 Skype Technologies S.A. 2016/08/13 231 MB 7.26.101

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

GUを使って下記をアンインストールしてください。
>Adobe Reader 9.4.0 - Japanese Adobe Systems Incorporated 2015/11/10 264 MB 9.4.0

>sdrt(5.0, 64bit) パルティオソフト株式会社 2016/05/11 3.93 MB 5.0.3.0

pdfアプリが必要なら、下記を入れておくといいでしょう。
http://www.forest.impress.co.jp/library/software/pdfxchedit/

今度はPCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>Amazon Kindle Amazon 2016/05/02 1.15.0.43061

>WinRAR 5.31 (64-bit) win.rar GmbH 2016/04/10 5.31.0

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

悪代官
2016/10/13 (Thu) 16:01:39

返信フォームへ

Re: browsermodfilterというファイル

作業しましたのでログを貼らせていただきます。
最終的に謎の使用量をなくしたいのですが可能でしょうか？

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:14:52, on 2016/10/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\tkm\Desktop\HijackThis.exe

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft アカウントサインインヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: BunBackup.lnk = C:\Program Files\Nagatsuki\BunBackup\BunBackup.exe
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: OneNote に送る(&N) - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンクノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンクノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira スケジューラ (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: EaseUS Agentサービス (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: インテル(R) ラピッド・ストレージ・テクノロジー (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: オンスクリーン表示 (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14651 bytes

Adobe AIR Adobe Systems Incorporated 2016/10/13 18.0.0.144
Adobe Flash Player 23 ActiveX Adobe Systems Incorporated 2016/10/13 18.7 MB 23.0.0.185
Avira Antivirus Avira Operations GmbH & Co. KG 2016/10/11 317 MB 15.0.22.54
Avira Browser Safety Avira Operations GmbH & Co KG 2016/04/11 11.2 MB 1.4.5.509
Avira Launcher Avira Operations GmbH & Co. KG 2016/09/09 12.5 MB 1.2.70.16079
Avira Launcher Avira Operations GmbH & Co. KG 2016/09/20 12.5 MB 1.2.71.9779
Avira Phantom VPN Avira Operations GmbH & Co. KG 2016/09/21 9.23 MB 1.6.1.17854
Conexant 20672 SmartAudio HD Conexant 2016/04/13 8.32.23.5
Corel Burn.Now Lenovo Edition Corel Corporation 2015/11/10 81.0 MB 4.5.0
Corel DVD MovieWriter Lenovo Edition Corel Corporation 2015/11/10 320 MB 7.0.0
Corel WinDVD Corel Inc. 2015/11/10 300 MB 10.0.5.890
Create Recovery Media Lenovo Group Limited 2015/11/10 8.05 MB 1.20.0.00
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 2015/11/10 1.00
Evernote v. 4.2.3 Evernote Corp. 2015/11/10 139 MB 4.2.3.15
FXDD Malta - MetaTrader 4 MetaQuotes Software Corp. 2016/04/10 6.00
Google Chrome Google Inc. 2015/11/10 53.0.2785.143
Google Drive Google, Inc. 2016/08/18 35.1 MB 1.31.2873.2758
Google Toolbar for Internet Explorer Google Inc. 2016/04/30 7.5.7619.1252
Google Update Helper 2015/11/10
Intel(R) Control Center Intel Corporation 2016/04/13 1.2.1.1007
Intel(R) Identity Protection Technology 1.1.2.0 Intel Corporation 2015/11/10 1.13 MB 1.1.2.0
Intel(R) Management Engine Components Intel Corporation 2016/04/13 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 2016/04/13 8.15.10.2321
Intel(R) Rapid Storage Technology Intel Corporation 2016/04/13 11.6.0.1030
Lenovo Auto Scroll Utility 2015/11/10 1.11
Lenovo Registration Lenovo Inc. 2015/11/10 4.13 MB 1.0.4
Lenovo System Interface Driver 2015/11/10 1.05
Lenovo User Guide 会社名 2015/11/10 606 KB 1.0.0008.00
Lenovo Warranty Information Lenovo 2015/11/10 861 KB 1.0.0005.00
LINE LINE Corporation 2016/09/08 4.9.0.1147
MetaTrader 4 MetaQuotes Software Corp. 2016/07/03 6.00
Microsoft .NET Framework 4.6.1 Microsoft Corporation 2016/04/10 38.8 MB 4.6.01055
Microsoft .NET Framework 4.6.1 (日本語) Microsoft Corporation 2016/04/14 2.93 MB 4.6.01055
Microsoft Office Professional Plus 2010 Microsoft Corporation 2016/04/14 14.0.7015.1000
Microsoft OneDrive Microsoft Corporation 2016/05/15 26.7 MB 17.0.4035.0328
Microsoft Silverlight Microsoft Corporation 2016/10/13 199 MB 5.1.50901.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2015/11/10 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2016/04/13 294 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/04/21 3.00 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2016/04/21 242 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/11/10 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2015/11/10 784 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/04/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/11/10 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/11/10 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/04/14 594 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/04/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/04/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation 2016/04/21 11.0.51106.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/04/21 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 2016/10/12 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2016/04/18 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2016/05/20 20.7 MB 14.0.23506.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2016/04/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2016/04/13 10.0.50903
Mp3tag v2.75 Florian Heidenreich 2016/04/13 v2.75
MPC-HC 1.7.10 (64-bit) MPC-HC Team 2016/09/07 43.6 MB 1.7.10
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2016/04/10 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2016/04/10 1.33 MB 4.20.9876.0
Nave The BK - nvplayer ver 0.6.22 - Limited S.E.E.R.A 2016/09/10 6.54 MB 0.6.22- Limited
Niconico Live Encoder niwango, inc. 2016/09/26 2.0.4
NVIDIA 3D Vision ドライバー 354.45 NVIDIA Corporation 2016/04/14 354.45
NVIDIA HD オーディオドライバー 1.2.23.3 NVIDIA Corporation 2015/11/10 1.2.23.3
NVIDIA nView 146.78 NVIDIA Corporation 2016/04/14 146.78
NVIDIA グラフィックスドライバー 354.45 NVIDIA Corporation 2016/04/14 354.45
QUAD-CAPTURE Driver Roland Corporation 2016/04/10
RapidBoot Lenovo 2015/11/10 589 KB 1.11
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 2015/11/10 1.00
Rescue and Recovery Lenovo Group Limited 2016/04/12 111 MB 4.50.0025.00
RICOH_Media_Driver_v2.14.18.01 RICOH 2015/11/10 2.14.18.01
Sony Media Library Earth 9.3.01 Sony Corporation 2016/04/13 50.5 MB 9.3.01.03100
System Update Lenovo 2015/11/10 11.8 MB 4.01.0015
ThinkPad FullScreen Magnifier 2015/11/10 2.40
ThinkPad UltraNav Driver 2016/04/14 46.4 MB 16.2.19.7
ThinkPad UltraNav ユーティリティ Lenovo 2015/11/10 2.13.0
ThinkPad 省電力マネージャー 2015/11/10 3.63
ThinkVantage System Update 2016/04/13
ThinkVantage ハードディスク・アクティブプロテクション・システム Lenovo 2015/11/10 15.6 MB 1.73
VIP Access VeriSign 2015/11/10 18.9 MB 2.0.2.140
WinCDEmu Bazis 2016/09/18 3.6
Windows Live Essentials Microsoft Corporation 2016/05/15 16.4.3528.0331
Windows ドライバパッケージ - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) Intel 2015/11/10 12/21/2010 11.8.84.0
Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011) Intel 2015/11/10 09/10/2010 9.2.0.1011
Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011) Intel 2016/04/13 09/10/2010 9.2.0.1011
Windows ドライバパッケージ - Intel System (11/20/2010 9.2.0.1016) Intel 2015/11/10 11/20/2010 9.2.0.1016
Windows ドライバパッケージ - Intel USB (12/21/2010 9.2.0.1021) Intel 2015/11/10 12/21/2010 9.2.0.1021
Windows ドライバパッケージ - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) Lenovo 2015/11/10 05/11/2009 4.1.0.1
Windows ドライバパッケージ - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) Lenovo 2015/11/10 11/11/2010 1.61.00.11
Windows ドライバパッケージ - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) Synaptics 2015/11/10 05/19/2011 15.3.8.0
x-アプリ 6.0.04 Sony Corporation 2016/09/06 83.3 MB 10.0.04
インテル(R) PROSet/Wireless WiFi ソフトウェア Intel Corporation 2015/11/10 84.5 MB 14.2.0000
オンスクリーン表示 2015/11/10 6.60.03
キングソフト辞書キングソフト株式会社 2015/11/10 2011.05.11.1.1

有効 HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
有効 HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
有効 HKLM:Run Avira SystrayStartTrigger Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
有効 HKLM:Run BCSSync Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
有効 HKLM:Run EaseUS EPM tray CHENGDU YIWO Tech Development Co., Ltd C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
有効 HKLM:Run ForteConfig Fortemedia Inc C:\Program Files\Conexant\ForteConfig\fmapp.exe
有効 HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IME14 JPN Setup Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
有効 HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
有効 HKLM:Run Lenovo Registration Lenovo, Inc. C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
有効 HKLM:Run LENOVO.TPKNRRES Lenovo Group Limited C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run nwiz NVIDIA Corporation "C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run SmartAudio Conexant systems, Inc. C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
有効 HKLM:Run TpShocks Lenovo. TpShocks.exe
有効 Startup User BunBackup.lnk C:\Program Files\Nagatsuki\BunBackup\BunBackup.exe

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task AutoKMS C:\Windows\AutoKMS\AutoKMS.exe
有効 Task Avira Browser Safety Updater Task Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe"
有効 Task DiskUpdate C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task {7FC55015-BFD0-4E1C-A225-5FBED5FEAF8D} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "E:\AiR\Cakewalk MP3 Encoder.exe" -d E:\AiR

有効 Directory GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 Directory Mp3tagShell Florian Heidenreich C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
有効 Directory SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Directory SkyDriveEx Microsoft Corporation C:\Users\tkm\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
有効 Drive Mp3tagShell Florian Heidenreich C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
有効 Drive SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Drive WinCDEmu SysProgs.org C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
有効 File 00avast
有効 File GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 File Mp3tagShell Florian Heidenreich C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
有効 File Shell Extension for Malware scanning Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Antivirus\shlext64.dll
有効 File SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 File SkyDriveEx Microsoft Corporation C:\Users\tkm\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
有効 File WinCDEmu SysProgs.org C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
有効 Folder Shell Extension for Malware scanning Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Antivirus\shlext64.dll

有効 Extension Avira Browser Safety Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll
有効 Extension Evernote 4 に追加 res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
有効 Extension OneNote に送る Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
有効 Extension OneNote に送る Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
有効 Extension OneNote リンクノート(K) Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
有効 Extension OneNote リンクノート(K) Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
無効 Helper AviraBrowserSafety.BrowserSafety Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
無効 Helper Groove GFS Browser Helper Microsoft Corporation C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
無効 Helper Groove GFS Browser Helper Microsoft Corporation C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
有効 Helper Microsoft アカウントサインインヘルパー Microsoft Corp. C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
無効 Helper Symantec VIP Access Add-On Symantec Corporation C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
無効 Helper Symantec VIP Access Add-On Symantec Corporation C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll
有効 Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

有効 App Gmail 8.1 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App TweetDeck by Twitter 3.10 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.10_0
有効 App YouTube 4.2.8 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
無効 Extension AdBlock 3.3.2 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.3.2_0
有効 Extension Adblock Plus 1.12.2 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.2_0
無効 Extension Application Launcher for Drive (by Google) 3.2 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0
無効 Extension Avira Browser Safety 1.12.1 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.12.1_0
無効 Extension Avira SafeSearch Plus 1.4.2 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.2_0
無効 Extension Google オフラインドキュメント 1.4 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Stylish 1.5.2 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.5.2_0
有効 Extension Text URL Linker 1.3.0 デフォルトのプロフィール C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd\1.3.0_0

ｍｋｍ
2016/10/13 (Thu) 20:18:30

返信フォームへ

BunBackupが動いてますが

作業と報告、ご苦労様です。
続きのログも見せてもらいました。

>最終的に謎の使用量をなくしたいのですが可能でしょうか？

それですが、同期バックアップ用アプリの「BunBackup」を現在お使いですか？
その痕跡がスタートアップに見えてます。
>有効 Startup User BunBackup.lnk C:\Program Files\Nagatsuki\BunBackup\BunBackup.exe

インストール情報には該当アプリは見えませんが、これの使用の有無を次回レスで教えてください。
以前使っていたがアンインストールしたorまったく入れた覚えはないなら処置することになるでしょう。

それでは他に見えている部分も処置しましょう。
また説明に沿って続きの作業をお願いします。

先の手順でまたCCを起動して「スケジュールされたタスク」内の下記を「無効」にしたあと続けて「エントリの削除」してください。
有効 Task {7FC55015-BFD0-4E1C-A225-5FBED5FEAF8D} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "E:\AiR\Cakewalk MP3 Encoder.exe" -d E:\AiR

無効にできないときはそのまま削除でもいいです。

CCを終了したら次は下記のツールを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除したあと、PCをセーフモードで再起動してしてください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
またセーフモード起動してからMBAM起動してスキャンしてください。
MBAM起動したら「スキャン」タブで「カスタムスキャン」選択後、Cドライブを含む全ドライブを選択してください。
それとルートキットスキャンの項目もチェック入れておいてください。

この形でスキャンすると時間はかかりますができるだけ細かくスキャンするためです。

両ツールのスキャンの順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、画面右下にその結果を知らせるメッセージが出るので、それを押すとその結果が表示されるはずです。
そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください

悪代官
2016/10/13 (Thu) 20:37:24

返信フォームへ

Re: browsermodfilterというファイル

BunBackupは外付けHDDに音楽フォルダバックアップするのに月1程度で使用しています。

以下ログです。
# AdwCleaner v6.021 - ログファイルの作成日 13/10/2016 作成時間 21:21:34
# ToolsLibによる 06/10/2016 の更新日
# データベース : 2016-10-11.1 [ローカル]
# オペレーティングシステム : Windows 7 Professional Service Pack 1 (X64)
# ユーザー名 : tkm - TKM-THINK
# 実行場所 : C:\Users\tkm\Desktop\AdwCleaner.exe
# モード：安全
# サポート : https://toolslib.net/forum

***** [ サービス ] *****

***** [ フォルダ ] *****

***** [ ファイル ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ ショートカット ] *****

***** [ スケジュール済みタスク ] *****

***** [ レジストリ ] *****

***** [ ブラウザ ] *****

[-] [C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：minecraftpreview.softonic.jp
[-] [C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：gimp.softonic.jp
[-] [C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：delta-search.com
[-] [C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：yessearches.com
[-] [C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：yessearches

*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5962 バイト] - [13/10/2016 12:38:21]
C:\AdwCleaner\AdwCleaner[C2].txt - [1622 バイト] - [13/10/2016 21:21:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [6175 バイト] - [13/10/2016 12:06:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [5911 バイト] - [13/10/2016 12:37:46]
C:\AdwCleaner\AdwCleaner[S2].txt - [2361 バイト] - [13/10/2016 21:20:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1930 バイト] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

スキャン日付: 2016/10/13
スキャン時刻: 21:32
ログファイル: realt.txt
管理者: はい

バージョン: 2.2.1.1043
マルウェアデータベース: v2016.10.13.07
ルートキットデータベース: v2016.09.26.02
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効

OS: Windows 7 Service Pack 1
CPU: x64
ファイルシステム: NTFS
ユーザー: tkm

スキャン形式: カスタムスキャン
結果: 完了しました
スキャンされたオブジェクト数: 682262
経過時間: 2 時間, 42 分, 3 秒

メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効

プロセス: 0
（なし悪意のある項目を検出）

モジュール: 0
（なし悪意のある項目を検出）

レジストリキー: 1
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, 隔離, [9a21910713879b9ba751c3e5699b4fb1],

レジストリ値: 4
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEqA3ImAXYtC0..&v=20160412&uid=D04E3D4BAE74DE7840BDC87DD73E1962&ptid=dam&mode=ffsengext, 隔離, [9a21910713879b9ba751c3e5699b4fb1]
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEqA3ImAXYtC0..&v=20160412&uid=D04E3D4BAE74DE7840BDC87DD73E1962&ptid=dam&mode=ffsengext, 隔離, [19a21583fd9dab8b6b8df5b332d27a86]
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?uid=D04E3D4BAE74DE7840BDC87DD73E1962&ptid=dam&q={searchTerms}&ts=AHEqA3ImAXYtC0..&v=20160412&mode=ffsengext, 隔離, [13a8b3e59703162047b178307c884db3]
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?uid=D04E3D4BAE74DE7840BDC87DD73E1962&ptid=dam&ts=AHEqA3ImAXYtC0..&v=20160412&mode=ffexttoolbar&q=, 隔離, [f8c32f695842033339bfc4e4758fdb25]

レジストリデータ: 0
（なし悪意のある項目を検出）

フォルダー: 0
（なし悪意のある項目を検出）

ファイル: 0
（なし悪意のある項目を検出）

物理セクタ: 0
（なし悪意のある項目を検出）

(end)

HJTのログはこれであっているのでしょうか？
ログを保存ではなくSave Resultで保存したのですが。

ｍｋｍ
2016/10/14 (Fri) 00:26:57

返信フォームへ

yessearchesがお仕置きされてますね

レスが遅くなってすみません。
先程まで風呂入ってました（←うちの風呂には由美○おるはいません

>BunBackupは外付けHDDに音楽フォルダバックアップするのに月1程度で使用しています

はい、わかりました。ではそこはいいでしょう。

両ツールのログを見せてもらいました。ログもそれでいいです。

ACとMBAMでまた悪評高いyessearches.comも見つかりましたね。
迷惑系プログラム絡みのサイトの分際でyesを名乗るとは、GoGoな美少女戦隊を応援する全国の大きなお友達が許しません。
夢見るオタクの底力、受けてみなさいっっっ！（←ヲマエが地獄の底に落ちろ

現在どこまで異常が沈静化してるかはともかく、この時点でもまだ「解決」じゃないので、もう少し踏み込んで調べましょう。
今度はまた別のツールで解析します。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

悪代官
2016/10/14 (Fri) 18:40:13

返信フォームへ

Re: browsermodfilterというファイル

OTLみてorzを思い出しました。

OTL logfile created on: 2016/10/15 1:16:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tkm\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.81 Gb Available Physical Memory | 73.63% Memory free
15.78 Gb Paging File | 13.43 Gb Available in Paging File | 85.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.31 Gb Total Space | 3.85 Gb Free Space | 1.97% Space Free | Partition Type: NTFS
Drive D: | 501.86 Gb Total Space | 281.19 Gb Free Space | 56.03% Space Free | Partition Type: NTFS

Computer Name: TKM-THINK | User Name: tkm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/10/15 01:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tkm\Desktop\OTL.exe
PRC - [2016/10/11 19:04:33 | 000,475,232 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe
PRC - [2016/10/11 19:04:25 | 000,917,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
PRC - [2016/10/11 19:04:25 | 000,475,232 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe
PRC - [2016/08/24 16:03:26 | 000,162,040 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
PRC - [2016/08/24 16:03:06 | 000,346,928 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
PRC - [2016/07/29 09:34:22 | 023,375,200 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2016/07/29 06:26:14 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2015/12/22 11:31:28 | 001,804,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/12/10 06:14:28 | 000,249,384 | ---- | M] () -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
PRC - [2015/12/10 06:14:26 | 000,036,904 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2015/11/05 20:31:45 | 000,417,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015/09/16 13:07:26 | 002,089,056 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
PRC - [2012/09/01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/04 15:37:18 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/07/25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2011/07/12 17:17:06 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2011/07/12 16:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011/07/12 16:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/06/29 22:07:30 | 000,082,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2011/05/31 10:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011/05/31 10:48:34 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011/05/31 10:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2011/05/26 08:21:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/14 20:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/01/17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/01/17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/08/31 14:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/01/10 12:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/10/15 01:11:35 | 001,176,576 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._core_.pyd
MOD - [2016/10/15 01:11:35 | 001,067,008 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._controls_.pyd
MOD - [2016/10/15 01:11:35 | 000,816,128 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._windows_.pyd
MOD - [2016/10/15 01:11:35 | 000,806,400 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._gdi_.pyd
MOD - [2016/10/15 01:11:35 | 000,733,184 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._misc_.pyd
MOD - [2016/10/15 01:11:35 | 000,525,208 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\windows._lib_cacheinvalidation.pyd
MOD - [2016/10/15 01:11:35 | 000,123,392 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._wizard.pyd
MOD - [2016/10/15 01:11:35 | 000,078,848 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._animate.pyd
MOD - [2016/10/15 01:11:35 | 000,077,312 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\wx._html2.pyd
MOD - [2016/10/15 01:11:34 | 000,686,080 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\unicodedata.pyd
MOD - [2016/10/15 01:11:34 | 000,682,496 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\pysqlite2._sqlite.pyd
MOD - [2016/10/15 01:11:34 | 000,364,544 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\pythoncom27.dll
MOD - [2016/10/15 01:11:34 | 000,320,512 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32com.shell.shell.pyd
MOD - [2016/10/15 01:11:34 | 000,167,936 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32gui.pyd
MOD - [2016/10/15 01:11:34 | 000,127,488 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\pyexpat.pyd
MOD - [2016/10/15 01:11:34 | 000,119,808 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32file.pyd
MOD - [2016/10/15 01:11:34 | 000,108,544 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32security.pyd
MOD - [2016/10/15 01:11:34 | 000,098,816 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32api.pyd
MOD - [2016/10/15 01:11:34 | 000,088,064 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\usb_ext.pyd
MOD - [2016/10/15 01:11:34 | 000,038,912 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32inet.pyd
MOD - [2016/10/15 01:11:34 | 000,035,840 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32process.pyd
MOD - [2016/10/15 01:11:34 | 000,025,600 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32pdh.pyd
MOD - [2016/10/15 01:11:34 | 000,024,064 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32pipe.pyd
MOD - [2016/10/15 01:11:34 | 000,022,528 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32ts.pyd
MOD - [2016/10/15 01:11:34 | 000,020,480 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_yappi.pyd
MOD - [2016/10/15 01:11:34 | 000,018,432 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32event.pyd
MOD - [2016/10/15 01:11:34 | 000,017,920 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\thumbnails_ext.pyd
MOD - [2016/10/15 01:11:34 | 000,017,408 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32profile.pyd
MOD - [2016/10/15 01:11:34 | 000,012,800 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\common.time34.pyd
MOD - [2016/10/15 01:11:34 | 000,011,264 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\win32crypt.pyd
MOD - [2016/10/15 01:11:34 | 000,010,240 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\select.pyd
MOD - [2016/10/15 01:11:34 | 000,007,168 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\hashobjs_ext.pyd
MOD - [2016/10/15 01:11:33 | 001,208,320 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_ssl.pyd
MOD - [2016/10/15 01:11:33 | 000,776,704 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_hashlib.pyd
MOD - [2016/10/15 01:11:33 | 000,128,512 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_elementtree.pyd
MOD - [2016/10/15 01:11:33 | 000,110,080 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\pywintypes27.dll
MOD - [2016/10/15 01:11:33 | 000,088,064 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_ctypes.pyd
MOD - [2016/10/15 01:11:33 | 000,046,080 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_socket.pyd
MOD - [2016/10/15 01:11:33 | 000,036,864 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_psutil_windows.pyd
MOD - [2016/10/15 01:11:33 | 000,027,136 | R--- | M] () -- C:\Users\tkm\AppData\Local\Temp\_MEI46842\_multiprocessing.pyd
MOD - [2016/09/30 07:17:03 | 001,102,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\f8d6a438115c41b9d36ccf028a587ee7\System.ServiceModel.Web.ni.dll
MOD - [2016/09/30 07:16:04 | 000,390,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d96afde98ff042c60ec2bcc263523b0d\System.Xml.Linq.ni.dll
MOD - [2016/09/30 07:16:02 | 002,937,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\d233e4fb86b0e5bcf492ae9c83eccda3\System.IdentityModel.ni.dll
MOD - [2016/09/30 07:16:00 | 019,426,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8676775baf1a8be93ca19fee47bbc178\System.ServiceModel.ni.dll
MOD - [2016/09/30 07:15:48 | 000,027,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\ac78924be44362b7b5163275b5f8d292\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2016/09/30 07:15:46 | 000,020,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\6e3417782ecacce17c948cabfe6254a0\IAStorCommon.ni.dll
MOD - [2016/09/30 07:15:44 | 000,357,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\0c8ffaa663035346708e8863630e2422\IAStorUtil.ni.dll
MOD - [2016/09/29 18:11:23 | 019,076,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\7a088fde14f3460d7d9d1e2e82c38b7e\PresentationFramework.ni.dll
MOD - [2016/09/29 18:11:14 | 001,062,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\469d056f073ad7218fd3e7f0b759c966\System.ComponentModel.Composition.ni.dll
MOD - [2016/09/29 18:11:10 | 011,559,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7b018c575afd61aad9d3d41b8dc7493c\PresentationCore.ni.dll
MOD - [2016/09/29 18:11:10 | 002,532,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\e0de457d0f4e66191e3a226d4f9d8db3\System.Data.Linq.ni.dll
MOD - [2016/09/29 18:11:09 | 001,876,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\90fea095821aa9078526989e41d80453\System.Xaml.ni.dll
MOD - [2016/09/29 18:11:05 | 000,117,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\350d44c7b6eaefc88dc9831907bfc91e\SMDiagnostics.ni.dll
MOD - [2016/09/29 18:11:04 | 000,786,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\4dd6e7e64ab4c1c134c205523a555095\System.ServiceModel.Internals.ni.dll
MOD - [2016/09/29 18:11:00 | 007,840,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\495bfc0a630cfade1bf12c348dfcf200\System.Data.ni.dll
MOD - [2016/09/29 18:10:59 | 003,974,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\88f6b5cc67a2c0706fe69363b54896da\WindowsBase.ni.dll
MOD - [2016/09/29 18:10:58 | 012,940,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\94faed00766279b97a2dc10751ec67d3\System.Windows.Forms.ni.dll
MOD - [2016/09/29 18:10:55 | 000,974,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\126601833ad2cca08c64b55b21c1eb3f\System.Configuration.ni.dll
MOD - [2016/09/29 18:10:54 | 002,772,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e5ba7dac0e9fc7e7e935616f918028c9\System.Runtime.Serialization.ni.dll
MOD - [2016/09/29 18:10:53 | 007,500,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\5ec5502d84cbd3b60ae74dbec13c3255\System.Core.ni.dll
MOD - [2016/09/29 18:10:51 | 007,378,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3857e3b9565b1793e6c765e9a9d22e7f\System.Xml.ni.dll
MOD - [2016/09/29 18:10:47 | 001,624,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6683f014808596eebc3479cb91ecb183\System.Drawing.ni.dll
MOD - [2016/09/29 18:10:47 | 000,706,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\68b4e4388790729e6077369259bee0d1\System.Transactions.ni.dll
MOD - [2016/09/29 18:10:45 | 000,218,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\19bc448d8961409bd87a7ba4f6961f51\System.ServiceProcess.ni.dll
MOD - [2016/09/29 18:10:44 | 009,983,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\28fa249c86a588f177f4d8096fd38a34\System.ni.dll
MOD - [2016/09/29 18:10:39 | 018,111,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d93be7426927e96be9d0a9f0be9c843f\mscorlib.ni.dll
MOD - [2015/12/22 11:33:42 | 000,020,808 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/09/30 15:13:03 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2016/09/06 08:33:42 | 000,710,144 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Windows\SysNative\LPlatSvc.exe -- (LPlatSvc)
SRV:[b]64bit:[/b] - [2016/09/06 08:33:40 | 000,180,736 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:[b]64bit:[/b] - [2015/07/23 09:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/07/27 21:04:48 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2011/07/27 20:44:18 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2011/07/12 16:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:[b]64bit:[/b] - [2011/07/12 16:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:[b]64bit:[/b] - [2011/07/12 16:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:[b]64bit:[/b] - [2011/07/12 16:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:[b]64bit:[/b] - [2011/07/08 17:53:20 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:[b]64bit:[/b] - [2011/05/31 10:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:[b]64bit:[/b] - [2011/05/31 10:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:[b]64bit:[/b] - [2010/12/17 08:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:[b]64bit:[/b] - [2010/12/15 16:46:46 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/10/13 18:12:33 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/10/11 19:04:33 | 000,475,232 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\sched.exe -- (AntiVirSchedulerService)
SRV - [2016/10/11 19:04:28 | 001,489,240 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe -- (AntiVirWebService)
SRV - [2016/10/11 19:04:26 | 001,086,040 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe -- (AntiVirMailService)
SRV - [2016/10/11 19:04:25 | 000,475,232 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe -- (AntiVirService)
SRV - [2016/08/31 16:57:16 | 000,256,488 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe -- (AviraPhantomVPN)
SRV - [2016/08/24 16:03:06 | 000,346,928 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
SRV - [2016/08/05 15:09:56 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016/06/15 12:04:00 | 000,131,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2)
SRV - [2016/03/10 02:06:54 | 000,173,920 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2015/12/10 06:14:26 | 000,036,904 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2015/11/05 20:31:45 | 000,417,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/09/01 03:03:00 | 000,478,056 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2011/09/01 03:03:00 | 000,173,416 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2011/09/01 03:03:00 | 000,087,400 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2011/07/25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011/06/29 22:07:30 | 000,082,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2011/05/26 08:21:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/14 20:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/01/17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/01/17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/31 14:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008/01/10 12:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/10/13 12:43:49 | 000,028,272 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:[b]64bit:[/b] - [2016/10/11 19:04:34 | 000,177,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2016/10/11 19:04:34 | 000,145,536 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2016/09/06 08:33:40 | 000,082,232 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:[b]64bit:[/b] - [2016/06/02 17:46:54 | 000,079,696 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:[b]64bit:[/b] - [2016/04/13 13:49:31 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:[b]64bit:[/b] - [2016/04/13 13:49:16 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2016/04/12 20:09:36 | 000,040,760 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:[b]64bit:[/b] - [2016/02/23 10:48:42 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2016/02/06 04:03:08 | 000,147,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/12/22 11:36:28 | 000,040,080 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2015/12/22 11:35:10 | 000,308,368 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:[b]64bit:[/b] - [2015/12/10 06:10:58 | 000,192,552 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:[b]64bit:[/b] - [2015/12/10 06:10:58 | 000,060,968 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:[b]64bit:[/b] - [2015/12/10 06:10:58 | 000,048,168 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:[b]64bit:[/b] - [2015/12/10 06:10:58 | 000,018,472 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:[b]64bit:[/b] - [2015/11/11 06:42:59 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/11/11 06:42:59 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/10/29 10:55:26 | 000,506,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2014/11/18 14:39:06 | 000,018,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2014/11/18 14:39:06 | 000,010,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2013/10/03 02:27:04 | 000,304,512 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RDWM1117.sys -- (RDID1117)
DRV:[b]64bit:[/b] - [2013/10/02 11:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/04/24 01:23:00 | 000,460,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/06/04 19:40:42 | 001,580,704 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/09/01 03:03:00 | 000,031,344 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:[b]64bit:[/b] - [2011/09/01 03:03:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:[b]64bit:[/b] - [2011/08/09 03:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV:[b]64bit:[/b] - [2011/08/03 17:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2011/07/08 17:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:[b]64bit:[/b] - [2011/05/30 09:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:[b]64bit:[/b] - [2011/05/25 17:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:[b]64bit:[/b] - [2011/03/06 20:52:22 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/12/15 16:45:16 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:[b]64bit:[/b] - [2010/12/15 16:43:00 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/09/07 14:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/11 09:33:56 | 000,118,016 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LenovoRd.sys -- (LenovoRd)
DRV - [2014/11/18 14:39:08 | 000,014,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2014/11/18 14:39:08 | 000,010,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/u/0/h/gino0jpiu9ev/?zy=g&f=1
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 9A 96 70 CC 31 25 D2 01 [binary data]
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2016/10/14 17:14:47 | 000,000,000 | ---D | M]

[2016/05/26 23:40:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tkm\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd\1.3.0_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.2_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.5.2_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.12.1_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.3.2_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.10_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.2_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_1\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_1\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\tkm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_0\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1909570062-342096325-1576643011-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1909570062-342096325-1576643011-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1909570062-342096325-1576643011-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\tkm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BunBackup.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEFE660D-7AE8-49F8-8F24-07F83610DA21}: DhcpNameServer = 192.168.11.1
O18:[b]64bit:[/b] - Protocol\Handler\abs - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6cdcb9d2-1a9c-11e6-ad04-f0def179923a}\Shell - "" = AutoRun
O33 - MountPoints2\{6cdcb9d2-1a9c-11e6-ad04-f0def179923a}\Shell\AutoRun\command - "" = E:\startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/10/15 01:15:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tkm\Desktop\OTL.exe
[2016/10/14 20:22:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2016/10/13 20:52:00 | 000,000,000 | ---D | C] -- C:\Users\tkm\Desktop\diskinfo3.1.3.0
[2016/10/13 20:48:58 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/10/13 20:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/10/13 20:48:25 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2016/10/13 20:48:25 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2016/10/13 20:48:25 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016/10/13 20:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/10/13 20:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/10/13 20:14:27 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\tkm\Desktop\HijackThis.exe
[2016/10/13 13:02:10 | 000,000,000 | ---D | C] -- C:\Users\tkm\Desktop\history
[2016/10/13 12:44:04 | 000,000,000 | ---D | C] -- C:\Users\tkm\AppData\Roaming\Geek Uninstaller
[2016/10/13 12:43:56 | 000,000,000 | ---D | C] -- C:\Users\tkm\Desktop\geek
[2016/10/13 12:04:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/10/13 12:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016/10/13 11:25:41 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2016/10/13 11:25:41 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2016/10/13 11:19:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/10/13 10:51:02 | 006,048,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016/10/13 10:51:02 | 005,548,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016/10/13 10:51:01 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2016/10/13 10:51:01 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016/10/13 10:51:01 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016/10/13 10:51:00 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/10/13 10:51:00 | 003,944,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/10/13 10:51:00 | 002,131,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016/10/13 10:51:00 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016/10/13 10:51:00 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2016/10/13 10:50:59 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016/10/13 10:50:59 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016/10/13 10:50:59 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016/10/13 10:50:59 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2016/10/13 10:50:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2016/10/13 10:50:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2016/10/13 10:50:58 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016/10/13 10:50:58 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016/10/13 10:50:58 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2016/10/13 10:50:58 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016/10/13 10:50:58 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2016/10/13 10:50:57 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016/10/13 10:50:57 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016/10/13 10:50:57 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016/10/13 10:50:57 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016/10/13 10:50:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\INETRES.dll
[2016/10/13 10:50:56 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016/10/13 10:50:56 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016/10/13 10:50:56 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016/10/13 10:50:56 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016/10/13 10:50:56 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016/10/13 10:50:56 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016/10/13 10:50:56 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/10/13 10:50:56 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016/10/13 10:50:56 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016/10/13 10:50:56 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/10/13 10:50:56 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016/10/13 10:50:56 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016/10/13 10:50:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016/10/13 10:50:56 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016/10/13 10:50:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016/10/13 10:50:56 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016/10/13 10:50:56 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016/10/13 10:50:56 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016/10/13 10:50:56 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016/10/13 10:50:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016/10/13 10:50:56 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2016/10/13 10:50:56 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016/10/13 10:50:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016/10/13 10:50:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016/10/13 10:50:56 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016/10/13 10:50:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016/10/13 10:50:56 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016/10/13 10:50:56 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/10/13 10:50:56 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016/10/13 10:50:56 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016/10/13 10:50:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016/10/13 10:50:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016/10/13 10:50:56 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016/10/13 10:50:56 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016/10/13 10:50:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016/10/13 10:50:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016/10/13 10:50:56 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016/10/13 10:50:56 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016/10/13 10:50:56 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016/10/13 10:50:56 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016/10/13 10:50:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016/10/13 10:50:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016/10/13 10:50:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016/10/13 10:50:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016/10/13 10:50:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016/10/13 10:50:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016/10/13 10:50:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016/10/13 10:50:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016/10/13 10:50:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016/10/13 10:50:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016/10/13 10:50:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016/10/13 10:50:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016/10/13 10:50:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016/10/13 10:50:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016/10/13 10:50:55 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2016/10/13 10:50:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016/10/13 10:50:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016/10/13 10:50:55 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2016/10/13 10:50:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016/10/13 10:50:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016/10/13 10:50:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2016/10/13 10:50:55 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016/10/13 10:50:55 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016/10/13 10:50:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016/10/13 10:50:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2016/10/13 10:50:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016/10/13 10:50:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016/10/13 10:50:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016/10/13 10:50:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/10/13 10:50:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016/10/13 10:50:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016/10/13 10:50:55 | 000,006,144 | -H-- | C] (Microsoft

ｍｋｍ
2016/10/15 (Sat) 01:41:07

返信フォームへ

Re: browsermodfilterというファイル

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/10/14 20:22:25 | 2058,801,151 | -HS- | C] () -- C:\hiberfil.sys
[2016/10/13 20:48:28 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/10/13 20:46:38 | 003,874,368 | ---- | C] () -- C:\Users\tkm\Desktop\AdwCleaner.exe
[2016/10/13 12:00:40 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016/10/13 10:48:59 | 004,703,710 | ---- | C] () -- C:\Users\tkm\Desktop\16家族心理学Chap1-5 (1).pdf
[2016/10/13 10:48:51 | 004,703,710 | ---- | C] () -- C:\Users\tkm\Desktop\16家族心理学Chap1-5.pdf
[2016/10/12 09:26:03 | 000,093,227 | ---- | C] () -- C:\Users\tkm\Desktop\20161007171053385.pdf
[2016/05/10 01:10:27 | 000,005,632 | ---- | C] () -- C:\Users\tkm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/04/10 18:27:45 | 001,294,304 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/04/10 15:04:36 | 002,658,952 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2016/04/10 15:04:36 | 000,088,160 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2016/04/10 15:04:36 | 000,021,088 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2016/04/10 15:04:36 | 000,014,944 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2016/04/10 15:04:36 | 000,010,208 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2015/12/22 11:31:46 | 037,758,096 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015/11/11 06:26:52 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2015/11/10 13:54:25 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2015/11/10 13:54:25 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2015/11/10 13:54:24 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/08/30 00:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/08/30 00:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2016/10/14 16:54:47 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2016/10/14 17:19:38 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2016/10/14 17:10:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2016/10/14 17:17:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\Settings
[2016/10/14 17:17:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2016/10/14 17:19:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2016/10/14 17:19:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming\Intel\Wireless\Settings
[2016/10/14 17:24:14 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2016/10/14 17:17:00 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\Settings
[2016/10/14 17:17:00 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2016/10/14 17:19:27 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2016/10/14 17:19:11 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Roaming\Intel\Wireless\Settings
[2016/10/14 17:24:13 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\Users\Default\Roaming\Intel\Wireless\Settings
[2016/10/14 17:24:14 | 000,000,000 | -H-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2016/10/14 17:24:14 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2016/10/14 17:24:22 | 000,000,000 | -H-D | M] -- C:\Users\Public\Music\Sony MediaPlayerX\Shared\Fringe
[2016/10/14 17:24:25 | 000,000,000 | -H-D | M] -- C:\Users\Public\Pictures\Sony MediaPlayerX\Fringe
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\Users\Public\Roaming\Intel\Wireless\Settings
[2016/10/14 17:27:36 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData
[2016/09/08 15:53:12 | 001,057,744 | -H-- | M] (LINE Corporation) -- C:\Users\tkm\AppData\Local\LINE\bin\LineUpdater.exe
[2016/04/22 02:27:59 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2016/10/14 17:26:03 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2016/10/14 17:26:03 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2016/10/14 17:26:05 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Media Player\アートキャッシュ
[2016/10/14 17:26:07 | 000,000,000 | RH-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Windows\Burn\Burn
[2016/10/14 17:26:07 | 000,000,000 | RH-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Windows\Burn\Burn1
[2016/10/14 17:26:07 | 000,000,000 | RH-D | M] -- C:\Users\tkm\AppData\Local\Microsoft\Windows\Burn\Burn2
[2016/10/14 17:28:14 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Roaming\Intel\Wireless\Settings
[2016/10/14 17:28:14 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Roaming\Intel\Wireless\WLANProfiles
[2016/10/14 17:28:47 | 000,000,000 | -H-D | M] -- C:\Users\tkm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/10/03 17:28:14 | 000,000,000 | -H-D | M] -- C:\Users\tkm\Google ドライブ\.tmp.drivedownload
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\Users\tkm\Roaming\Intel\Wireless\Settings
[2016/10/14 17:30:24 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData
[2015/11/10 13:52:01 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\Roaming\Intel\Wireless\Settings
[2016/10/14 17:40:57 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2016/10/14 17:40:57 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2016/10/14 17:51:51 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\WLANProfiles

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2016/10/15 01:17:04 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/10/15 01:12:55 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2016/10/15 01:10:47 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/10/15 01:31:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA TOSHIBA MQ01ABD0 SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 1.00GB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 195.00GB
Starting Offset: 1573912576
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 502.00GB
Starting Offset: 211290992640
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2015/10/30 02:50:29 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2016/05/05 02:16:57 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2016/09/13 05:31:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2016/06/15 02:16:25 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2016/06/15 00:21:20 | 000,145,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2016/02/03 03:57:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2015/11/11 06:37:25 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/13 02:14:48 | 000,502,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2015/11/11 06:39:10 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2016/09/13 05:31:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2016/02/03 03:57:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/02/09 18:55:34 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2016/09/13 05:31:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2015/08/06 02:56:14 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/06/15 02:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2016/06/15 02:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2016/05/05 00:04:16 | 000,128,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2016/05/04 23:55:38 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2016/05/14 06:55:20 | 002,607,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

OTL Extras logfile created on: 2016/10/15 1:16:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tkm\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.81 Gb Available Physical Memory | 73.63% Memory free
15.78 Gb Paging File | 13.43 Gb Available in Paging File | 85.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.31 Gb Total Space | 3.85 Gb Free Space | 1.97% Space Free | Partition Type: NTFS
Drive D: | 501.86 Gb Total Space | 281.19 Gb Free Space | 56.03% Space Free | Partition Type: NTFS

Computer Name: TKM-THINK | User Name: tkm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F72E75-C10A-44EA-A528-EA5D63A3596C}" = lport=445 | protocol=6 | dir=in | app=system |
"{0B1C93F4-BA9C-4A6B-AC56-8CA890DDCC6E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BB9DA2C-4529-4FB0-832E-6CF30EE6C42B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{186C8878-3735-4080-9DA9-3350F4D7535A}" = rport=139 | protocol=6 | dir=out | app=system |
"{1E566312-7AA4-49E0-91E4-67421854310F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3F59D105-D801-4182-ACEA-524885F2F66D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5CF768E9-70BC-4B16-A9FC-70BA8AB420A8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72A9E87D-CDC1-4D30-97BA-1557FDB26E44}" = rport=445 | protocol=6 | dir=out | app=system |
"{86BB4A0B-36C2-4517-9604-DA483CC93FB6}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD4A5CE9-3796-4061-A6D2-16D9C25233EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C50192B9-EFA9-40F0-9817-45450D558175}" = lport=137 | protocol=17 | dir=in | app=system |
"{C573398D-2D51-41E2-AD92-2A5CCCD60D69}" = lport=139 | protocol=6 | dir=in | app=system |
"{CFE5E987-D8B6-46FF-9339-895554C6928A}" = rport=137 | protocol=17 | dir=out | app=system |
"{D08A88DA-6F10-4A0A-952A-C0707427F7AC}" = lport=138 | protocol=17 | dir=in | app=system |
"{E0337B86-CFE0-4B3E-80DD-1F379430186C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{F901DD00-F0CE-46BE-91CD-16A6229AAFC8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0008C1E7-9D6E-4C40-93EF-C161D39CA379}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12EB6C6C-1EF4-479F-BD92-5CFDA2116334}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{1F6CFD68-75A4-4807-83C8-AE8CD361D882}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{21F68FBC-EFBC-418B-BDE0-392CA4C872A1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2826AC95-A245-4079-A5CB-6B9389184431}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{2C7797CE-C998-4A30-B99C-DA5C56CB3315}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{328AC9A9-A5FD-4F7C-831E-BE0F894DC8E9}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{3B773F45-D769-4EF6-8D59-FA9725165733}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4856DB9B-A255-4A52-95DA-4BF036B0ED87}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4AC24FA8-F376-4CA3-AC6B-D594F54EBC64}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4B1C70EA-9FB3-4687-B65E-101FCDA666EB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{51B71797-A291-47F3-A6DA-2412916159E7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5DCE19C8-5F1B-4F0C-A7A2-112BD264132D}" = dir=in | app=c:\users\tkm\appdata\local\microsoft\skydrive\skydrive.exe |
"{5E3E8E75-EC23-4382-BD04-1AD8706A5ED4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E84C22D-7330-4F2E-8706-F6559EA38919}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{6E281152-51B3-4878-B55F-5646E732F65F}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{72AB92D0-FBC3-4DC4-9C03-AA20919515C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74BBFD43-3D71-4BC4-A5AC-83EB3DECD7BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A2BD74E4-5B97-45D1-A1A7-EAADD0B2E5C6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B1718199-9126-40AB-9B63-F3FDC00E0D13}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{C21FEEAF-71E4-404B-8EA8-CFA437C3851B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C890426E-1B5A-4B16-B8F6-011E78ED1D4D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F36DBE9E-61AA-471C-B354-56B7312E1616}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{FB592952-803A-4305-A10E-1D894AE4A1DA}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{FC531E3C-7944-40B3-9DDE-9FF16D385F5F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{DC266FED-CC77-4CEF-B4D0-33F1B063E24C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{E901E142-3D90-48F1-94F7-2DFEAF3B3BA0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = インテル(R) PROSet/Wireless WiFi ソフトウェア
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.7.10 (64-bit)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage ハードディスク・アクティブプロテクション・システム
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.6.1 (日本語)
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 354.45
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロールパネル 354.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックスドライバー 354.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 146.78
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオドライバー 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0E18DF2-9E19-3BC5-9D77-5ECB9AC1A346}" = Microsoft .NET Framework 4.6.1 (JPN)
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A" = Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011)
"0DD5528A211904214F70A66DE6ADBD378B21566D" = Windows ドライバパッケージ - Intel USB (12/21/2010 9.2.0.1021)
"43B5066463CEBC83E99586A67037B6F9FC4193FE" = Windows ドライバパッケージ - Intel System (11/20/2010 9.2.0.1016)
"466E9B20D871055D6D3CDA2CDD1D355E978A61AF" = Windows ドライバパッケージ - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)
"6D23A494E9A245843FB8584D9307D3E328DF8613" = Windows ドライバパッケージ - Intel (e1cexpress) Net (12/21/2010 11.8.84.0)
"8058FF31D7C7F4818DC176DAF53CD379968C86E4" = Windows ドライバパッケージ - Intel System (09/10/2010 9.2.0.1011)
"9B84710FFAE6C50914FCE568B59E426F1386E7F6" = Windows ドライバパッケージ - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1)
"CNXT_AUDIO_HDA" = Conexant 20672 SmartAudio HD
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows ドライバパッケージ - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"OnScreenDisplay" = オンスクリーン表示
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"RolandRDID0117" = QUAD-CAPTURE Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{024D6C9E-4775-421D-B0D0-D4F123687778}" = Windows Live Essentials
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav ユーティリティ
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{223469C7-3B3F-4D18-AB4A-4F4B298D0DB2}" = x-APPLICATION Components
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23daf363-3020-4059-b3ae-dc4ad39fed19}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3028C189-CF08-4759-98B8-0A6CA112B6F3}" = x-アプリ
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{459CE109-4E46-4340-92BC-054642BC3BC2}" = Google Drive
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{52D7E962-5F17-4D7E-858F-956EB09A5CB8}" = Windows Live Writer
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5E848897-1113-49FE-8FCE-D4BF39EDE254}" = Windows Live UX Platform Language Pack
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{6B1BB7E3-CF20-4842-B1FE-42C251B95E98}" = Windows Live Messenger
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}" = Avira Launcher
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EA12696-D38C-44DD-96E5-12C8DF6F8230}" = Windows Live Writer Resources
"{90140000-0015-0411-0000-0000000FF1CE}" = Microsoft Office Access MUI (Japanese) 2010
"{90140000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2010
"{90140000-0018-0411-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Japanese) 2010
"{90140000-0019-0411-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Japanese) 2010
"{90140000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2010
"{90140000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2010
"{90140000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2010
"{90140000-0044-0411-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Japanese) 2010
"{90140000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2010
"{90140000-00A1-0411-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Japanese) 2010
"{90140000-00BA-0411-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Japanese) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}" = Avira Browser Safety
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{af1966e2-5e60-4d93-8a48-c21462a87e3c}" = Avira Launcher
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}" = Rescue and Recovery
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2013EC6-C9FC-43CA-88A6-604FBB18AE1B}" = Nave The BK - nvplayer ver 0.6.22 - Limited
"{C8FEB019-F2E1-4E8F-886E-AB5C68FE531C}" = Windows Live メール
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CF35E4FA-4227-43DD-B62B-B0DF2962A456}" = Avira Launcher
"{d07b0db5-8dad-40e1-be90-88026298a46b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}" = フォトギャラリー
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad 省電力マネージャー
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D1594B-8077-42C9-8541-B8438F52F283}" = Niconico Live Encoder
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F2DCAA9D-BEFB-4ABD-921F-B361E26AC51E}" = Sony Media Library Earth 9.3.01
"{F3BB7E2D-62E0-4008-8727-588EDC274C25}" = Photo Common
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Avira Antivirus" = Avira Antivirus
"Avira Phantom VPN" = Avira Phantom VPN
"FXDD Malta - MetaTrader 4" = FXDD Malta - MetaTrader 4
"Google Chrome" = Google Chrome
"InstallShield_{3028C189-CF08-4759-98B8-0A6CA112B6F3}" = x-アプリ 6.0.04
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieWriter Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F2DCAA9D-BEFB-4ABD-921F-B361E26AC51E}" = Sony Media Library Earth 9.3.01
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 2.2.1.1043
"MetaTrader 4" = MetaTrader 4
"Mp3tag" = Mp3tag v2.75
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PowerWord Lite" = キングソフト辞書
"ProInst" = Intel PROSet Wireless
"WinCDEmu" = WinCDEmu
"WinLiveSuite" = Windows Live Essentials

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"LINE" = LINE
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2016/10/01 3:11:05 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Explorer.EXE、バージョン: 6.1.7601.23537、タイムスタンプ: 0x57c44efe
障害が発生しているモジュール名:
MSVCR90.dll、バージョン: 9.0.30729.6161、タイムスタンプ: 0x4dace4e7 例外コード: 0xc0000005 障害オフセット:
0x000000000001e1ac 障害が発生しているプロセス ID: 0x14dc 障害が発生しているアプリケーションの開始時刻: 0x01d21a3311aa645a
障害が発生しているアプリケーション
パス: C:\Windows\Explorer.EXE 障害が発生しているモジュールパス: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll
レポート
ID: 37266e6e-87a6-11e6-93b1-f0def179923a

Error - 2016/10/10 20:09:56 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: svchost.exe_WPDBusEnum、バージョン: 6.1.7600.16385、タイム
スタンプ: 0x4a5bc3c1 障害が発生しているモジュール名: wpdbusenum.dll_unloaded、バージョン: 0.0.0.0、タイムスタンプ:
0x4ce7caa8 例外コード: 0xc0000005 障害オフセット: 0x000007fefa5230be 障害が発生しているプロセス ID: 0x31c 障害が発生しているアプリケーションの開始時刻:
0x01d21a32ca8fa98b 障害が発生しているアプリケーションパス: C:\Windows\System32\svchost.exe 障害が発生しているモジュール
パス: wpdbusenum.dll レポート ID: 0a411c0c-8f47-11e6-93b1-f0def179923a

Error - 2016/10/10 20:12:17 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: svchost.exe_WPDBusEnum、バージョン: 6.1.7600.16385、タイム
スタンプ: 0x4a5bc3c1 障害が発生しているモジュール名: wpdbusenum.dll_unloaded、バージョン: 0.0.0.0、タイムスタンプ:
0x4ce7caa8 例外コード: 0xc0000005 障害オフセット: 0x000007fef1f4326b 障害が発生しているプロセス ID: 0xf4b4 障害が発生しているアプリケーションの開始時刻:
0x01d22353d6cdd7d6 障害が発生しているアプリケーションパス: C:\Windows\System32\svchost.exe 障害が発生しているモジュール
パス: wpdbusenum.dll レポート ID: 5e2dcc42-8f47-11e6-93b1-f0def179923a

Error - 2016/10/10 20:40:35 | Computer Name = tkm-THINK | Source = WinMgmt | ID = 10
Description =

Error - 2016/10/11 5:54:39 | Computer Name = tkm-THINK | Source = WinMgmt | ID = 10
Description =

Error - 2016/10/12 4:31:12 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: B1Manager.exe、バージョン: 1.7.122.0、タイムスタンプ: 0x55f963e2
障害が発生しているモジュール名:
B1Manager.exe、バージョン: 1.7.122.0、タイムスタンプ: 0x55f963e2 例外コード: 0xc0000005 障害オフセット: 0x004fd4a6
障害が発生しているプロセス
ID: 0x3108 障害が発生しているアプリケーションの開始時刻: 0x01d22462c7d224f1 障害が発生しているアプリケーションパス: C:\Program
Files (x86)\B1 Free Archiver\B1Manager.exe 障害が発生しているモジュールパス: C:\Program Files (x86)\B1
Free Archiver\B1Manager.exe レポート ID: 3b325477-9056-11e6-8934-f0def179923a

Error - 2016/10/12 5:55:18 | Computer Name = tkm-THINK | Source = .NET Runtime | ID = 1026
Description =

Error - 2016/10/12 5:55:19 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: AutoKMS.exe、バージョン: 2.2.0.0、タイムスタンプ: 0x4e237319
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイムスタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x001d6fc6
障害が発生しているプロセス
ID: 0x2e6c 障害が発生しているアプリケーションの開始時刻: 0x01d2246eb27337f5 障害が発生しているアプリケーションパス: C:\Windows\AutoKMS\AutoKMS.exe
障害が発生しているモジュール
パス: unknown レポート ID: fb9924e8-9061-11e6-8934-f0def179923a

Error - 2016/10/12 12:17:25 | Computer Name = tkm-THINK | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: explorer.exe、バージョン: 6.1.7601.23537、タイムスタンプ: 0x57c44efe
障害が発生しているモジュール名:
MSVCR90.dll、バージョン: 9.0.30729.6161、タイムスタンプ: 0x4dace4e7 例外コード: 0xc0000005 障害オフセット:
0x000000000001e1ac 障害が発生しているプロセス ID: 0x5bd0 障害が発生しているアプリケーションの開始時刻: 0x01d224a35a3307e1
障害が発生しているアプリケーション
パス: C:\Windows\explorer.exe 障害が発生しているモジュールパス: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll
レポート
ID: 5c4b3c42-9097-11e6-8934-f0def179923a

Error - 2016/10/12 12:29:23 | Computer Name = tkm-THINK | Source = WinMgmt | ID = 10
Description =

[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 2016/04/14 13:07:48 | Computer Name = tkm-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: リモートサーバーがエラーを返しました: (404) 見つかりません

Error - 2016/04/14 13:07:48 | Computer Name = tkm-THINK | Source = Lenovo Patch Utility | ID = 2
Description = Failed to download the manifest file.

Error - 2016/07/09 13:41:27 | Computer Name = tkm-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: リモートサーバーがエラーを返しました: (404) 見つかりません

Error - 2016/07/09 13:41:27 | Computer Name = tkm-THINK | Source = Lenovo Patch Utility | ID = 2
Description = Failed to download the manifest file.

Error - 2016/10/12 21:39:55 | Computer Name = tkm-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: リモートサーバーがエラーを返しました: (404) 見つかりません

[ System Events ]
Error - 2016/10/12 12:25:08 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7023
Description = Windows Modules Installer サービスは、次のエラーで終了しました: %%5

Error - 2016/10/12 12:25:38 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7023
Description = Windows Modules Installer サービスは、次のエラーで終了しました: %%5

Error - 2016/10/12 12:26:08 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7023
Description = Windows Modules Installer サービスは、次のエラーで終了しました: %%5

Error - 2016/10/12 12:26:38 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7023
Description = Windows Modules Installer サービスは、次のエラーで終了しました: %%5

Error - 2016/10/12 12:27:08 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7023
Description = Windows Modules Installer サービスは、次のエラーで終了しました: %%5

Error - 2016/10/12 12:27:36 | Computer Name = tkm-THINK | Source = DCOM | ID = 10010
Description =

Error - 2016/10/12 12:28:31 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7009
Description = Lenovo Platform Service サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2016/10/12 17:37:59 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7011
Description = WSearch サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2016/10/12 19:21:35 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7011
Description = WSearch サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2016/10/12 19:59:00 | Computer Name = tkm-THINK | Source = Service Control Manager | ID = 7009
Description = Lenovo Platform Service サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

< End of report >

ｍｋｍ
2016/10/15 (Sat) 01:42:46

返信フォームへ

少しゴミが見つかってます

作業と報告、ご苦労様です。
OTLスキャンログを見せてもらいました。

少しばかりゴミが見つかってるので、今度はそれをOTLから掃除しますか。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 9A 96 70 CC 31 25 D2 01 [binary data]
IE - HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

:Files

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

悪代官
2016/10/15 (Sat) 21:10:39

返信フォームへ

Re: browsermodfilterというファイル

OTLログです

All processes killed
========== OTL ==========
HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-1909570062-342096325-1576643011-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\ not found.
========== FILES ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: tkm
->Temp folder emptied: 253233021 bytes
->Temporary Internet Files folder emptied: 443398696 bytes
->Google Chrome cache emptied: 255920012 bytes
->Flash cache emptied: 314044 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1360233421 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,206.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 10162016_025341

Files\Folders moved on Reboot...
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\CbsProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\CompatProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\DismCore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\DismProv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\DmiProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\FolderProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\IntlProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\LogProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\OSProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\PEProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\SmiProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\UnattendProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\SysWOW64\Dism\ja-JP\WimProvider.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\WinBioPlugIns\ja-JP\winbiosensoradapter.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\xml\cim20.dtd scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\xml\wmi20.dtd scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\xml\wmi2xml.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\cimdmtf.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\cimwin32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\cimwin32.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\cli.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\cliegaliases.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\csv.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\filetrace.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\hform.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\htable.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\interop.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\KrnlProv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\krnlprov.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\mof.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\mofcomp.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\mofd.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\NCProv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\ncprov.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\PolicMan.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\powermeterprovider.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\powerpolicyprovider.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\profileassociationprovider.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\regevent.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\rsop.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\scrcons.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\ScrCons.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\secrcw32.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\smtpcons.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\subscrpt.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\system.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\vds.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\vdswmi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WbemCons.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wbemcore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wbemtest.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\win32_tpm.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wininit.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\winlogon.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WinMgmt.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WinMgmtR.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmi.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WmiApRes.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WmiApRpl.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WmiApSrv.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WMIC.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmipcima.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmipdfs.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmipdskq.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WMIPICMP.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmipicmp.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmipsess.mfl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\WMIsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\wmiutils.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\en-US\xml.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\bcd.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\cimdmtf.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\cimwin32.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\cimwin32.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\cli.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\cliegaliases.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\esscli.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\fastprox.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\filetrace.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\IMAPIv2-Base.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\IMAPIv2-FileSystemSupport.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\IMAPIv2-LegacyShim.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\interop.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\kerberos.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\KrnlProv.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\krnlprov.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\Microsoft-Windows-Remote-FileSystem.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\mofcomp.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\mofd.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\mofinstall.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\msv1_0.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\NCProv.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\ncprov.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\ncsi.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\nlasvc.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\ntfs.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\PolicMan.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\PolicMan.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\powermeterprovider.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\powerpolicyprovider.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\profileassociationprovider.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\rawxml.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\regevent.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\repdrvfs.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\rsop.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\schannel.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\scm.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\scrcons.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\scrcons.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\secrcw32.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\SMTPCons.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\smtpcons.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\stdprov.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\subscrpt.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\system.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\tcpip.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\texttable.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\textvaluelist.xsl scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\unsecapp.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\vds.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\vdswmi.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemcons.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WBEMCons.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemcore.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemdisp.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemdisp.tlb scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemess.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemprox.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemsvc.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wbemtest.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wdigest.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\Win32_EncryptableVolume.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\win32_encryptablevolume.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\Win32_EncryptableVolumeUninstall.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\Win32_Tpm.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\Win32_Tpm.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wininit.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\winlogon.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WinMgmt.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WinMgmtR.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmi.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMIADAP.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiApRes.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiApRpl.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiApSrv.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMIC.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMICOOKR.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiDcPrv.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipcima.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipcima.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipdfs.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipdfs.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipdskq.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipdskq.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMIPICMP.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipicmp.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmiprov.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiPrvSD.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WmiPrvSE.exe scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMIPSESS.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmipsess.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMIsvc.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\wmiutils.dll scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\WMI_Tracing.mof scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\wbem\xsl-mappings.xml scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\migration\ja-JP\SxsMigPlugin.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\migration\ja-JP\WsUpgrade.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\aclui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\activeds.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\adsldpc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\advapi32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\advpack.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\apds.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\apircl.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\apss.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\arp.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\atl.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\attrib.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\authui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\autochk.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\autoconv.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\AuxiliaryDisplayClassInstaller.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\batt.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bcdboot.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bcdedit.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\BdeUnlockWizard.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bfe.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\BitLockerWizard.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\BitLockerWizardElev.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\blbres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bootcfg.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bootres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bootstr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bthci.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\bthserv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\capisp.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\certcli.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\chkdsk.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\chkntfs.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\chkwudrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ci.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\clb.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\clfs.sys.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\clusapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cmd.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\comres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\conhost.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\console.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\credui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\crypt32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cryptdlg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cryptext.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cryptsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cryptui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\cryptxml.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\csrsrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\csrss.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\defragsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dhcpcmonitor.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dhcpcore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dhcpcore6.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dhcpcsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dhcpcsvc6.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\DHCPQEC.DLL.MUI scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dinotify.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\diskpart.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\diskraid.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\Dism.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dispci.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dnsapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dnsrslvr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\doskey.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dpapimig.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\drvinst.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\drvload.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\dui70.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\duser.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\eappcfg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\eappgnui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\eapphost.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\EAPQEC.DLL.MUI scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\eapsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\efscore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\efssvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ESENT.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\expand.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\find.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\finger.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\FirewallAPI.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fixmapi.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fltlib.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fltMC.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ftp.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fveapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fvecpl.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fverecover.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fveui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fvewiz.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\fwpuclnt.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\gpapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\gpsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\hid.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\hidserv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\hostname.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\httpapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ifmon.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ikeext.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\imageres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\imagesp1.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\imapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\imapi2.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\imapi2fs.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\input.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ipconfig.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\iphlpapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ipsecsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\iscsilog.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\kerberos.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\kernel32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\KernelBase.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\keyiso.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\kmddsp.tsp.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\lmhsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\loadperf.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\lodctr.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\lsasrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\lsm.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\manage-bde.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mapi32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mapistub.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\MFC42.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\MFC42u.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\microsoft-windows-hal-events.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\microsoft-windows-kernel-power-events.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\microsoft-windows-kernel-processor-power-events.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\montr_ci.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mountvol.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mpr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mprmsg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mpssvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mrinfo.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\msctf.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\msports.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mssign32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\msv1_0.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\mswsock.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\msxml3r.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\msxml6r.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\nbtstat.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\nci.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ncpa.cpl.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ncrypt.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ncryptui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ndadmin.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ndptsp.tsp.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netbtugc.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netcfg.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netcfgx.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\neth.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netiohlp.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netiougc.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netlogon.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netmsg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netsh.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netshell.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\netstat.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\newdev.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\newdev.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\nlasvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\notepad.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\nshwfp.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\nsisvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntdll.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntlanman.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntmarta.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntprint.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntprint.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ntshrui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\odbcint.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ole32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\oleaccrc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\oleres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\pathping.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\pcwum.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\perfctrs.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\perfdisk.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\perfnet.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\perfos.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\perfproc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ping.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\pnidui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\pnpui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\polstore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\poqexec.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\powrprof.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\prflbmsg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\print.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\printui.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\procinst.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\propsys.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\pshed.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\Qutil.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasapi32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasauto.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasautou.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rascfg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\raschap.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasctrs.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasdiag.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasdlg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasmans.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasmbmgr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rasmontr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rastls.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\recover.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\reg.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\regsvr32.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\repair-bde.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\replace.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\Robocopy.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\route.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\RpcEpMap.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rpcrt4.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\rundll32.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sacsess.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sacsvr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\samsrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\scecli.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\scesrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\scext.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sechost.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\services.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\setupapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sfc.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\shell32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\shlwapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\slc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\SmiEngine.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\smss.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sppc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sstpsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\Storprop.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\subst.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\svchost.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\swprv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sxs.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sxstrace.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\sysclass.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\takeown.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tapi32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\taskmgr.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tbssvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tcpipcfg.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tdh.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tracert.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\tzres.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ubpm.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\UIAutomationCore.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ulib.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\umpnpmgr.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\umpo.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\unlodctr.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\urlmon.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\user32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\userenv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\userinit.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\utildll.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\uxtheme.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vds.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vdsbas.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vdsdyn.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vdsutil.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vdsvd.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\verifier.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\vsstrace.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\w32time.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wbadmin.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wbengine.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wbiosrvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\webio.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\webservices.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wevtapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wevtsvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wevtutil.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wimgapi.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\win32k.sys.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winbio.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winhttp.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wininet.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wininit.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winload.efi.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winload.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winlogon.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winmm.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winpeshl.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winresume.efi.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winresume.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\WinSCard.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winsockhc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winspool.drv.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\winsrv.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wkssvc.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wlanutil.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wldap32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wmiprop.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wpeutil.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\ws2_32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wshelper.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wship6.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wshtcpip.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\ja-JP\wsock32.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\bmrui.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\BootRec.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\cscript.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\dskquota.dll.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\erofflps.txt scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\hhctrl.ocx.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\ICacls.exe.mui scheduled to be moved on reboot.
File move failed. C:\Users\tkm\AppData\Local\Temp\offline\Windows\System32\en-US\jscript.dll.mui scheduled to be moved

ｍｋｍ
2016/10/16 (Sun) 03:04:45

返信フォームへ

Re: browsermodfilterというファイル

それと当初の目的だった謎のCドライブ圧迫ですが、WINDOWS\TEMP内のcabの無限生産によるものだったと判別したので削除しました。
なにかマルウェア駆除に悪影響とかあるでしょうか？

ｍｋｍ
2016/10/16 (Sun) 03:07:27

返信フォームへ

残念ですがここで作業は中止です

作業と報告、ご苦労様です。
OTLの処置後ログを見せてもらいました。

OTLで処置対象だったエントリは掃除できたようです。

ですがここで残念なレスします。
mkmさんへのサポートはここで終了とさせていただきます。

自分が完全に見落としてましたが、該当PCでFX関連の取引していたようですね。

ネットバンキング含めて資産運用や証券取引などに使っているPCで感染や不正アクセスを疑われる異常が見えたら本来はすぐにネットから切り離して必要なデータのバックアップしたうえですみやかにリカバリというのが鉄則です。
普通の個人私用PCと比べて取引使用PCでは「針の穴から堤も崩れる」の危険が飛躍的に高まります。
当サイトでもネットバンキングや資産運用PCでの相談はお受けしてません。
http://akumaden.web.fc2.com/index.html
>インターネットバンキング、FX等金銭運用を行っているPCのご相談は禁止します

ここまでの作業で沈静化したかもしれませんが、それでも取引使用PCならほんの少しでも残骸が残っているだけで取り返しのつかない結果になり得ます。

安全優先の意味で、自分からもこれ以上の説明や指示は止めておきます。
大至急ネットから切り離して必要なデータのバックアップにかかってください。
言うまでもないでしょうが、リカバリ前のPCで入力したことのある各種パスワード等の個人情報も全部変更しておいてください。
取引に使っていたメールアドレスなども新たに作成登録し直すのをお忘れなく

悪代官
2016/10/16 (Sun) 19:20:35

返信フォームへ

最後に一つだけ質問

なるほど、そうだったのですね。
FXはまだ勉強段階だったので取引してねぇ。とか思いましたがネットバンクは使っていたので結局アウトでした。

最後に一つだけ質問があります。
リカバリでまっさらな状態になったとして、どうすればマルウェア感染してしまう確率を下げられるでしょうか？
一応対策ソフトを入れたまま使っていたのですが、それでもyessarchに感染していたことを考えると今までやってきたことでは不十分なようですので。

ｍｋｍ
2016/10/17 (Mon) 00:57:55

返信フォームへ

ネットでの資産取引は高リスクの大博打です

レスが遅くなってすみません。

FXは取引は行っていなかったとのことですが、ネットバンキングしているならそちらの危険はあるのでやはりリカバリが確実です。

>リカバリでまっさらな状態になったとして、どうすればマルウェア感染してしまう確率を下げられるでしょうか？

これはほとんどの人が求める疑問でしょうが、はっきり書くと
「即効薬的防御策はない」
と思ってください。

どれほど高性能なセキュリティソフトを入れていても、ユーザー自身が怪しいサイトや危険なプログラムに自ら手を出してしまうとそれだけでいくらでも感染は起きます。
セキュリティソフトもユーザー自身が「許可」したものについてはスルーしてしまいます。
PCセキュリティのうえで最大のセキュリティホールはユーザー自身とまで言われます。

それを自覚したうえで、信頼できないサイトやプログラムに安易に手を出さない、WindowsUpdateやセキュリティソフトを含む各種更新をこまめに適用して脆弱性をふさぐ、そしてWindows本体と各種アプリの設定と機能をしっかり把握して正しく使うことが感染の危険をかなり防ぐことにつながります。
万全ではないにしろ、基本的な自衛だけでもできれば感染や不正アクセスの恐れはかなりの確率で小さくできます。

ネットバンキングや取引に使うPCは、極端に考えれば他の用途には一切使わない完全な専用PCを用意して行うことを考えておいてください。
遊びでネットサーフィンするPCでFX取引もするような行為は自殺行為にしかなりません。

おそらく自分ではなく他のPCに明るい有識者ほど、PCで各種取引はできるだけしないことを案内するでしょうね。
そんなのは1秒の時間を読みながら一攫千金を狙って常に破滅と隣り合わせの大博打を覚悟した者だけが手を出す世界です

悪代官
2016/10/17 (Mon) 20:34:51

返信フォームへ

返信フォーム

Template by マシマロック

名前件名 URL メールアドレス画像	メッセージプレビュー（投稿前に内容を確認）
	パスワード