悪代官の伏魔殿掲示板

1ClickDownload、FunMoods等を取り込んでしまいました。自分がFree Video Converterを導入した際に何か失敗したか、あるいは長期不在にしていた間に配偶者がブラウザにプラグインを追加してしまったか、はっきしした経路はわかりません。
感染発覚当初は同一ネットワークにつないだiPad、iPhoneでもリダイレクトされていました。
Malwarebytesなどで駆除した後も、当該PCにおいてChrome、Edgeのタブを開いてしばらくすると、go.padsdel.comを介して意図しないページへとばされます（現在はフィルタで回避しています）。
また、Chromeの検索エンジンにASKが追加されます。優先順位は最下位ですが、何度削除してもいつの間にか追加されます。

リカバリを覚悟していますが、海外のインターネット接続状況があまりよくない所に住んでおり、リカバリ後のWindows Updateが心配ではあります。
以下、ログを貼り付けます。どうぞよろしくお願いいたします。

メーカー：NEC
OS：Windows7から10へ無償アップグレード


[HijackThis]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:47:12, on 2017/07/02
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)


Boot mode: Normal

Running processes:
C:\Program Files\DispSw\DispSw.exe
C:\Program Files\Apoint2K\ApImeWrapper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\SecureBrain\pwcore\pwagent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\UsersName\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SoftNavi] "C:\Program Files (x86)\Softnavi\ImgLnch.exe" /RESIDENT
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Google Update] C:\Users\UsersName\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\UsersName\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [MusicManager] "C:\Users\UsersName\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8205B518DEF51131279A39F46D0AF182] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'Default user')
O4 - Global Startup: PhishWall.lnk = C:\Program Files (x86)\SecureBrain\pwcore\pwagent.exe
O8 - Extra context menu item: &Lookup in Bookshelf - res://C:\Program Files (x86)\Microsoft Reference\Microsoft Bookshelf 3.0\bsdef.dll/#1001
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: このページをクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: ブックマークをクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: 新規ノート - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: 画像をクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: 選択部分をクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1aafbc89-135f-4bcc-9c61-6fb3cfb2b63f}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{4cbd638e-3aea-46e2-9623-c59df05247af}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Message Queuing (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NT Meter - NEC Corporation, NEC Personal Products, Ltd. - C:\Windows\SYSWOW64\NTMETER.exe
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12238 bytes


[CCleaner]

3D Builder Microsoft Corporation 2017/06/15 14.1.1302.0
Apple Application Support（32 ビット） Apple Inc. 2017/06/14 162 MB 5.5
Apple Application Support（64 ビット） Apple Inc. 2017/06/14 182 MB 5.5
Apple Mobile Device Support Apple Inc. 2017/06/14 40.6 MB 10.3.2.3
Apple Software Update Apple Inc. 2017/03/22 4.94 MB 2.3.0.177
Brackets brackets.io 2017/07/02 141 MB 1.9
CCleaner Piriform 2017/06/20 20.3 MB 5.31
COMODO Internet Security Premium COMODO Security Solutions Inc. 2017/06/29 400 MB 10.0.1.6246
eLicenser Control Steinberg Media Technologies GmbH 2017/07/02 22.5 MB 6.10.5.1211
Evernote v. 6.5.4 Evernote Corp. 2017/07/01 334 MB 6.5.4.4720
foobar2000 v1.3.8 Peter Pawlowski 2016/09/29 10.6 MB 1.3.8
Google Chrome Google Inc. 2017/06/30 349 MB 59.0.3071.115
Google Drive Google, Inc. 2017/03/25 69.2 MB 2.34.5075.1619
Google Photos Backup Google, Inc. 2016/09/29 7.51 MB 1.1.2.13
Groove ミュージック Microsoft Corporation 2017/06/15 10.17042.14111.0
iCloud Apple Inc. 2017/06/14 172 MB 6.2.2.39
Inkscape 0.92.1 Inkscape Project 2017/07/02 228 MB 0.92.1
Intel(R) Graphics Media Accelerator Driver Intel Corporation 2014/05/16 8.15.10.2202
iTunes Apple Inc. 2017/07/02 701 MB 12.6.1.25
Lhaplus 2017/07/02
Messenger Facebook Inc 2017/06/23 117.956.5682.0
Microsoft Office File Validation Add-In Microsoft Corporation 2016/06/16 21.8 MB 14.0.5130.5003
Microsoft Office Personal 2007 Microsoft Corporation 2017/06/21 93.0 MB 12.0.6612.1000
Microsoft OneDrive Microsoft Corporation 2017/06/19 102 MB 17.3.6917.0607
Microsoft OneNote Home and Student 2016 - ja-jp Microsoft Corporation 2017/06/21 93.0 MB 16.0.8201.2102
Microsoft Sticky Notes Microsoft Corporation 2017/04/07 1.8.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/11/13 596 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2010/01/06 1.21 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2010/01/06 1.54 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/17 484 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2010/01/06 1.53 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/11/13 1.53 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2010/01/06 1.18 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/12/26 460 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2010/01/06 1.16 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/11/13 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2017/07/02 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 Microsoft Corporation 2017/07/02 20.5 MB 12.0.40649.5
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2017/07/02 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2016/11/17 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2017/07/02 18.7 MB 14.0.23506.0
MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 2015/12/26 2.48 MB 4.20.9818.0
MSXML 4.0 SP3 Parser Microsoft Corporation 2010/01/06 2.84 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 2012/09/14 2.95 MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 2013/01/10 2.97 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 2010/03/04 2.95 MB 4.30.2107.0
Music Manager Google, Inc. 2017/03/23
Native Instruments Audio 8 DJ Driver 2016/09/29 22.9 MB
Native Instruments Audio 8 DJ Driver Native Instruments 2017/07/02
Native Instruments Controller Editor 2010/01/06 43.3 MB
Native Instruments Controller Editor Native Instruments 2017/07/02 35.5 MB 2.1.0.183
Native Instruments Service Center 2016/09/29 24.9 MB
Native Instruments Service Center Native Instruments 2012/12/05
Native Instruments Traktor 2 Native Instruments 2017/07/02 231 MB 2.11.0.23
Native Instruments Traktor 2 2010/01/06 1.76 GB
Native Instruments Traktor Audio 10 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 10 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 2 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 2 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 6 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 6 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol D2 Driver 2017/07/02 1.57 MB
Native Instruments Traktor Kontrol D2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol F1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol F1 Driver 2017/07/02 1.83 MB
Native Instruments Traktor Kontrol S2 Driver 2017/07/02 17.7 MB
Native Instruments Traktor Kontrol S2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S2 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S2 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol S4 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S4 Driver 2017/07/02 17.7 MB
Native Instruments Traktor Kontrol S4 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S4 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol S5 Driver 2017/07/02 25.7 MB
Native Instruments Traktor Kontrol S5 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S8 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S8 Driver 2017/07/02 25.7 MB
Native Instruments Traktor Kontrol X1 Driver 2017/07/02 1.84 MB
Native Instruments Traktor Kontrol X1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol X1 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol X1 MK2 Driver 2017/07/02 1.49 MB
Native Instruments Traktor Kontrol Z1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol Z1 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol Z2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol Z2 Driver 2017/07/02 25.5 MB
NX PAD Driver Alps 2016/10/01 24.2 MB 8.100.909.312
OneNote Microsoft Corporation 2017/06/29 17.8269.57841.0
PDF-XChange Editor Tracker Software Products (Canada) Ltd. 2017/07/02 332 MB 6.0.322.5
People Microsoft Corporation 2017/06/15 10.2.1451.0
PhishWall Client SecureBrain Corporation 2014/10/01 124 MB 4.0.9
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/10/01 40.7 MB 6.0.1.7535
Roxio Creator LJ Roxio 2017/06/23 2.56 MB 10.3
SetPoint 6.1 2016/09/29 39.0 MB 6.10.65
Smart Update NECパーソナルコンピュータ株式会社 2014/05/17 71.0 MB 1.0.4.7
Store Purchase App Microsoft Corporation 2016/09/29 11608.1000.2431.0
Suite 2013/05/18
Sway Microsoft Corporation 2017/06/27 17.8269.45191.0
TeamViewer 12 TeamViewer 2017/07/02 86.3 MB 12.0.78313
Windows DVD プレイヤー Microsoft Corporation 2016/09/29 3.6.13291.0
WinPcap 4.1.3 Riverbed Technology, Inc. 2017/07/02 4.1.0.2980
Wireshark 2.2.7 (64-bit) The Wireshark developer community, https://www.wireshark.org 2017/07/02 163 MB 2.2.7
Xbox Microsoft Corporation 2017/06/14 29.30.2001.0
Xbox Identity Provider Microsoft Corporation 2016/09/29 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/18 1.0.10332.0
アプリ コネクター Microsoft Corporation 2016/09/29 1.3.3.0
アラーム & クロック Microsoft Corporation 2017/05/28 10.1705.1303.0
カメラ Microsoft Corporation 2017/06/14 2017.308.50.0
ストア Microsoft Corporation 2017/06/22 11705.1001.21.0
ピークシフト設定ツール NEC Corporation, NEC Personal Products, Ltd. 2014/05/17 338 KB 1.0.0
フォト Microsoft Corporation 2017/06/20 2017.18062.12990.0
ボイス レコーダー Microsoft Corporation 2017/06/15 10.1705.1302.0
マップ Microsoft Corporation 2017/06/15 5.1705.1391.0
メッセージング Microsoft Corporation 2016/09/29 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/06/28 17.8241.41105.0
再セットアップディスク作成ツール NEC Corporation, NEC Personal Products, Ltd. 2012/09/13 2.47 MB 2.0.0
天気 Microsoft Corporation 2017/06/14 4.20.1102.0
新しい Office を始めよう Microsoft Corporation 2017/06/21 17.8312.7601.0
映画 & テレビ Microsoft Corporation 2017/06/15 10.17042.14211.0
電卓 Microsoft Corporation 2017/06/14 10.1705.1301.0

こんばんは。
ここの管理人の悪代官です。
夏場で食べ物が腐りやすい季節ですが、元から根性が腐ってるので安心してください（謎

説明とログを見せてもらいました。
1ClickDownload、FunMoodsを含む異常ですか。
Malwarebytes(MBAM)も使ったようですが解決されないわけですね。それも無理ないでしょう。
Funmoodsやaskだけでも各種ツールだけで自動での処置はできないのがわかっています。
遭う程度は手間を承知で手動目視での作業しないとうまく片付けられないのが常ですが、それを厭わなければ解決も可能です。

ただ、いろいろと気になる部分もあるので慎重に調べましょう。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初に確認ですが、下記はご自身で必要として入れたものですか？
>TeamViewer 12 TeamViewer 2017/07/02 86.3 MB 12.0.78313

ご自身で入れたなら支障ない範囲でいれた理由を教えてください。
覚えもないのにいつの間にか入っていたならこれは削除することになるでしょう。

次にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

PCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>WinPcap 4.1.3 Riverbed Technology, Inc. 2017/07/02 4.1.0.2980

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)

必要な項目にチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

CCの各ログで出た内容が最初の鍵になるはずです

早速のお返事ありがとうございます。

Team Viewer はリダイレクト問題が発覚した後に、義理の甥に見てもらうために入れました。削除して問題ありません。
WinPcapは問題発覚後にWiresharkに付随して入ったものです。Wiresharkも同時に削除します。

おはようございます（当方は夜間です！）
作業後、今までのところリダイレクトは発生していません。ASK検索エンジンも現れていません。

まず、HJTとCCインストールログを添付します。
※初回投稿時になかったSpotifyというアプリケーションを追加しています。アップデートがうまく完了せず、いったんアンインストールしていました。

[HijackThis]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:45:36, on 2017/07/03
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!


Boot mode: Normal

Running processes:
C:\Program Files\DispSw\DispSw.exe
C:\Program Files\Apoint2K\ApImeWrapper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Users\UserName\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\SecureBrain\pwcore\pwagent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\UserName\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SoftNavi] "C:\Program Files (x86)\Softnavi\ImgLnch.exe" /RESIDENT
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Google Update] C:\Users\UserName\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\UserName\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [MusicManager] "C:\Users\UserName\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8205B518DEF51131279A39F46D0AF182] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\UserName\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\UserName\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\UserName\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'Default user')
O4 - Global Startup: PhishWall.lnk = C:\Program Files (x86)\SecureBrain\pwcore\pwagent.exe
O8 - Extra context menu item: &Lookup in Bookshelf - res://C:\Program Files (x86)\Microsoft Reference\Microsoft Bookshelf 3.0\bsdef.dll/#1001
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: このページをクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: ブックマークをクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: 新規ノート - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: 画像をクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: 選択部分をクリップ - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1aafbc89-135f-4bcc-9c61-6fb3cfb2b63f}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{4cbd638e-3aea-46e2-9623-c59df05247af}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Message Queuing (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NT Meter - NEC Corporation, NEC Personal Products, Ltd. - C:\Windows\SYSWOW64\NTMETER.exe
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10789 bytes


[CCleanerインストール]

3D Builder Microsoft Corporation 2017/06/15 14.1.1302.0
Apple Application Support（32 ビット） Apple Inc. 2017/07/03 127 MB 5.5
Apple Application Support（64 ビット） Apple Inc. 2017/07/03 138 MB 5.5
Apple Mobile Device Support Apple Inc. 2017/07/03 27.4 MB 10.3.2.3
Apple Software Update Apple Inc. 2017/07/03 2.70 MB 2.3.0.177
Bonjour Apple Inc. 2017/07/03 2.01 MB 3.1.0.1
Brackets brackets.io 2017/07/02 213 MB 1.9
CCleaner Piriform 2017/06/20 20.3 MB 5.31
COMODO Internet Security Premium COMODO Security Solutions Inc. 2017/06/29 400 MB 10.0.1.6246
eLicenser Control Steinberg Media Technologies GmbH 2017/07/02 22.5 MB 6.10.5.1211
Evernote v. 6.5.4 Evernote Corp. 2017/07/01 249 MB 6.5.4.4720
foobar2000 v1.3.8 Peter Pawlowski 2016/09/29 10.6 MB 1.3.8
Google Chrome Google Inc. 2017/06/30 349 MB 59.0.3071.115
Google Drive Google, Inc. 2017/03/25 69.2 MB 2.34.5075.1619
Google Photos Backup Google, Inc. 2016/09/29 7.51 MB 1.1.2.13
Groove ミュージック Microsoft Corporation 2017/06/15 10.17042.14111.0
iCloud Apple Inc. 2017/06/14 172 MB 6.2.2.39
Inkscape 0.92.1 Inkscape Project 2017/07/02 228 MB 0.92.1
Intel(R) Graphics Media Accelerator Driver Intel Corporation 2014/05/16 8.15.10.2202
iTunes Apple Inc. 2017/07/03 423 MB 12.6.1.25
Lhaplus 2017/07/02
Messenger Facebook Inc 2017/06/23 117.956.5682.0
Microsoft Office File Validation Add-In Microsoft Corporation 2016/06/16 21.8 MB 14.0.5130.5003
Microsoft Office Personal 2007 Microsoft Corporation 2017/06/21 93.0 MB 12.0.6612.1000
Microsoft OneDrive Microsoft Corporation 2017/07/03 102 MB 17.3.6917.0607
Microsoft OneNote Home and Student 2016 - ja-jp Microsoft Corporation 2017/06/21 93.0 MB 16.0.8201.2102
Microsoft Sticky Notes Microsoft Corporation 2017/04/07 1.8.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/11/13 596 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2010/01/06 1.21 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2010/01/06 1.54 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/17 484 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2010/01/06 1.53 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/11/13 1.53 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2010/01/06 1.18 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/12/26 460 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2010/01/06 1.16 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/11/13 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2017/07/02 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 Microsoft Corporation 2017/07/02 20.5 MB 12.0.40649.5
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2017/07/02 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2016/11/17 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2017/07/02 18.7 MB 14.0.23506.0
MSXML 4.0 SP2 Parser and SDK Microsoft Corporation 2015/12/26 2.48 MB 4.20.9818.0
MSXML 4.0 SP3 Parser Microsoft Corporation 2010/01/06 2.84 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 2012/09/14 2.95 MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 2013/01/10 2.97 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 2010/03/04 2.95 MB 4.30.2107.0
Music Manager Google, Inc. 2017/03/23
Native Instruments Audio 8 DJ Driver 2016/09/29 22.9 MB
Native Instruments Audio 8 DJ Driver Native Instruments 2017/07/02
Native Instruments Controller Editor 2010/01/06 43.3 MB
Native Instruments Controller Editor Native Instruments 2017/07/02 35.5 MB 2.1.0.183
Native Instruments Service Center 2016/09/29 24.9 MB
Native Instruments Service Center Native Instruments 2012/12/05
Native Instruments Traktor 2 2010/01/06 1.76 GB
Native Instruments Traktor 2 Native Instruments 2017/07/02 231 MB 2.11.0.23
Native Instruments Traktor Audio 10 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 10 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 2 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 2 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Audio 6 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Audio 6 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol D2 Driver 2017/07/02 1.57 MB
Native Instruments Traktor Kontrol D2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol F1 Driver 2017/07/02 1.83 MB
Native Instruments Traktor Kontrol F1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S2 Driver 2017/07/02 17.7 MB
Native Instruments Traktor Kontrol S2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S2 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol S2 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S4 Driver 2017/07/02 17.7 MB
Native Instruments Traktor Kontrol S4 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S4 MK2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol S4 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S5 Driver 2017/07/02 25.7 MB
Native Instruments Traktor Kontrol S5 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol S8 Driver 2017/07/02 25.7 MB
Native Instruments Traktor Kontrol S8 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol X1 Driver 2017/07/02 1.84 MB
Native Instruments Traktor Kontrol X1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol X1 MK2 Driver 2017/07/02 1.49 MB
Native Instruments Traktor Kontrol X1 MK2 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol Z1 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol Z1 Driver Native Instruments 2017/07/02
Native Instruments Traktor Kontrol Z2 Driver 2017/07/02 25.5 MB
Native Instruments Traktor Kontrol Z2 Driver Native Instruments 2017/07/02
NX PAD Driver Alps 2016/10/01 24.2 MB 8.100.909.312
OneNote Microsoft Corporation 2017/06/29 17.8269.57841.0
PDF-XChange Editor Tracker Software Products (Canada) Ltd. 2017/07/03 334 MB 6.0.322.5
People Microsoft Corporation 2017/06/15 10.2.1451.0
PhishWall Client SecureBrain Corporation 2014/10/01 39.3 MB 4.0.9
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/10/01 40.7 MB 6.0.1.7535
Roxio Creator LJ Roxio 2017/06/23 2.56 MB 10.3
SetPoint 6.1 2016/09/29 39.0 MB 6.10.65
Smart Update NECパーソナルコンピュータ株式会社 2014/05/17 71.0 MB 1.0.4.7
Spotify Spotify AB 2017/07/03 1.0.57.474.gca9c9538
Store Purchase App Microsoft Corporation 2016/09/29 11608.1000.2431.0
Suite 2013/05/18
Sway Microsoft Corporation 2017/06/27 17.8269.45191.0
Windows DVD プレイヤー Microsoft Corporation 2016/09/29 3.6.13291.0
Xbox Microsoft Corporation 2017/06/14 29.30.2001.0
Xbox Identity Provider Microsoft Corporation 2016/09/29 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/02/18 1.0.10332.0
アプリ コネクター Microsoft Corporation 2016/09/29 1.3.3.0
アラーム & クロック Microsoft Corporation 2017/05/28 10.1705.1303.0
カメラ Microsoft Corporation 2017/06/14 2017.308.50.0
ストア Microsoft Corporation 2017/06/22 11705.1001.21.0
ピークシフト設定ツール NEC Corporation, NEC Personal Products, Ltd. 2014/05/17 338 KB 1.0.0
フォト Microsoft Corporation 2017/06/20 2017.18062.12990.0
ボイス レコーダー Microsoft Corporation 2017/06/15 10.1705.1302.0
マップ Microsoft Corporation 2017/06/15 5.1705.1391.0
メッセージング Microsoft Corporation 2016/09/29 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/06/28 17.8241.41105.0
再セットアップディスク作成ツール NEC Corporation, NEC Personal Products, Ltd. 2012/09/13 2.47 MB 2.0.0
天気 Microsoft Corporation 2017/06/14 4.20.1102.0
新しい Office を始めよう Microsoft Corporation 2017/06/21 17.8312.7601.0
映画 & テレビ Microsoft Corporation 2017/06/15 10.17042.14211.0
電卓 Microsoft Corporation 2017/06/14 10.1705.1301.0

[Windows]

無効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
無効 HKCU:Run Google Photos Backup Google, Inc "C:\Users\UserName\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
無効 HKCU:Run Google Update Google Inc. C:\Users\UserName\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
無効 HKCU:Run GoogleChromeAutoLaunch_8205B518DEF51131279A39F46D0AF182 Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
無効 HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
有効 HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
有効 HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
無効 HKCU:Run MusicManager Google Inc. "C:\Users\UserName\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\Guest User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Apoint2K\Apoint.exe
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} COMODO C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
有効 HKLM:Run DispSw NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\DispSw\DispSw.exe
有効 HKLM:Run EvtMgr6 Logicool, Inc. C:\Program Files\SetPointP\SetPoint.exe /launchGaming
有効 HKLM:Run IgfxTray Intel Corporation C:\WINDOWS\system32\igfxtray.exe
無効 HKLM:Run IME JPN 2007 Migration Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
無効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\necmfk\necmfk.exe
無効 HKLM:Run PeakShiftTool NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\PeakShiftTool\PeakShiftTool.exe /silent
有効 HKLM:Run Persistence Intel Corporation C:\WINDOWS\system32\igfxpers.exe
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
無効 HKLM:Run SoftNavi NEC Corporation / NEC Personal Products, Ltd. "C:\Program Files (x86)\Softnavi\ImgLnch.exe" /RESIDENT
有効 HKLM:Run WindowsDefender "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
有効 Startup Common PhishWall.lnk SecureBrain Corporation C:\Program Files (x86)\SecureBrain\pwcore\pwagent.exe

[スケジュールされたタスク]
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
無効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
無効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000Core C:\Users\UserName\AppData\Local\Google\Update\GoogleUpdate.exe /c
無効 Task GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000Core1d2585de2479c8e C:\Users\UserName\AppData\Local\Google\Update\GoogleUpdate.exe /c
無効 Task GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000UA C:\Users\UserName\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000UA1d2585de25cfe2f C:\Users\UserName\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task OneDrive Standalone Update Task C:\Users\UserName\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
無効 Task {20878AED-70FF-4488-91B5-CB29424C676D} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~1\DIFX\0169CE~1\dpinst.exe -c /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_13826104cd8e800f\nokbtmdm.inf

[コンテクストメニュー]
有効 Directory GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 Directory Open as Brackets project brackets.io C:\Program Files (x86)\Brackets\Brackets.exe "%1"
有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 File Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 File GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File PDFXChange Editor Context menu Tracker Software Products (Canada) Ltd. C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 Folder Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll

[Internet Explorer]
無効 Extension Evernote 5 に追加 C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
無効 Extension Lync Click to Call Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
無効 Extension Research Microsoft Corporation C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
無効 Helper Evernote extension Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
無効 Helper Lync Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
無効 Helper Microsoft OneDrive for Business Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL

[Chrome]
無効 App Evernote Web 1.0.8 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.8_0
有効 App Gmail 8.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
無効 App OneNote Online 2.0 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo\2.0_0
無効 App Spotify - Music for every moment 0.2.3 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Backspace to go Back 1.1.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc\1.1.1_0
有効 Extension Checker Plus for Gmail™ 20.1.4 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\20.1.4_0
無効 Extension EditThisCookie 1.4.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.4.1_0
無効 Extension Evernote Web Clipper 6.12.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12.1_0
無効 Extension Google Keep - メモとリスト 3.1.17254.1423 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.17254.1423_0
無効 Extension Google Play Music 1.370.0 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.370.0_0
無効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1
無効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
無効 Extension Google スライド 0.9 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
無効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension Google ドライブに保存 2.1.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0
有効 Extension Google ハングアウト 2017.420.419.1 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2017.420.419.1_0
有効 Extension iCloud ブックマーク 1.4.20 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.20_0
無効 Extension Pinterest 保存ボタン 2.0.8 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\2.0.8_0
有効 Extension Save to Pocket 2.1.40 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\2.1.40_0
無効 Extension Weblioポップアップ英和辞典 6.0.3 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\oingodpdjohhkelnginmkagmkbplgema\6.0.3_0
無効 Extension 文字数カウンタ 1.2 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\inhhfghhfjpmhleoidodhcgeecicfbep\1.2_0

作業と報告、ご苦労様です。
続きのログも見せてもらいました。

>作業後、今までのところリダイレクトは発生していません。ASK検索エンジンも現れていません。

はい、沈静化したのは何よりですね。

>Team Viewer はリダイレクト問題が発覚した後に、義理の甥に見てもらうために入れました。削除して問題ありません。
>WinPcapは問題発覚後にWiresharkに付随して入ったものです。Wiresharkも同時に削除します

はい、これも了解しました。

>Spotify

音楽ストリーミングサービスですね。ではこれも設定と機能をしっかりつかんで正しく使ってください。

さて、ここでまた確認ですが、Kaspersky Security Scanはご自身で入れたものでしょうか？

これはスキャンはできますが保護機能はなく、また検出した脅威を同ツールで削除することもできない簡易型のツールで、使うならあくまでも他社製アンチウイルスソフトの補助として使うものです。
現在アンチウイルスはWindows Defenderをお使いのようですが、この2つで使うならどちらも十分な保護機能を発揮できるとは思わないようにしましょう。

次にChorme用拡張の下記も確認します。

>無効 Extension Weblioポップアップ英和辞典 6.0.3 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\oingodpdjohhkelnginmkagmkbplgema\6.0.3_0

これもご自身で入れたものですか？
現在は無効になっているので動くこともないはずですが、もし覚えもないのにいつの間にか入っていたならそのことも次回レス時に教えてください。

では以下の説明を読んでから、また続きの作業もお願いします。

以下のアプリを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。
作業終了後はPCをセーフモード状態で、GUを使ってアンインストールすればいいですが、うまくできないときはセーフモード状態でスタートメニューのMBAM項目で「アンインストール」選択しても削除可能です。

注）インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。
アップデートできたらスキャンはせず、ここでMABMは終了してください。

両ツールのアップデートまでできたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。
ただしここでは普通のセーフモードではなく、「セーフモードとネットワーク」を選んで起動してください。

クリーンアップが済んだらセーフモードのまま、ACを起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

続いて再度セーフモードにして、今度はMBAMでスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」してください。
対象ドライブはCを含めて全ドライブを選択してください。

スキャン対象は全ドライブを選択（チェック）してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとMBAMとACのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

こんばんは、いつもお世話になります。
2回目の作業が完了しました。まずご質問に回答します。

> Kaspersky Security Scanはご自身で入れたものでしょうか？

そうです。駆除できないことを承知でわらにもすがる思いでインストールしてみましたが、スキャンが中断して使えず削除しました。残骸が残っているということですね。


> 現在アンチウイルスはWindows Defenderをお使いのようですが、この2つで使うならどちらも十分な保護機能を発揮できるとは思わないようにしましょう。

感染発覚までBitdifenderの無料版とWindows標準ファイアウォールを使用していました。
義理の甥にリダイレクト現象を検証してもらった際、彼は役に立たないとしてBitdifenderを削除しました。
何も解決しなかったので、自分で情報を検索し、Malwarebytes最新版をインストールして一部を駆除しました。
Malwarebytesトライアル版のリアルタイム保護機能がアウトバンド通信を制御していることに気づき、
取り急ぎ自分ですぐできる対処としてCOMODOファイアウォールをインストールしました。


>>無効 Extension Weblioポップアップ英和辞典 6.0.3 最初のユーザー C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default\Extensions\oingodpdjohhkelnginmkagmkbplgema\6.0.3_0
>これもご自身で入れたものですか？

自分で入れました。長文の英文を読むときに使用していました。
iPadのSafariの辞書機能のようなものをPCのブラウザに追加したく、Weblioポップアップ英和辞典を選択しました。
感染発覚後、一旦すべての機能拡張を無効にしました。
特に問題なければ再度利用したいと思います。

以下、2回目の作業のログを貼り付けます。

[ACスキャン]
# AdwCleaner v6.047 - ログファイルの作成日 04/07/2017 作成時間 09:59:24
# Malwarebytesによる 19/05/2017 の更新日
# データベース : 2017-05-19.1 [ローカル]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : UserName - NEC
# 実行場所 : C:\Users\UserName\Downloads\AdwCleaner.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support



***** [ サービス ] *****



***** [ フォルダ ] *****



***** [ ファイル ] *****

[-] 削除済みファイル：C:\prefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ ショートカット ] *****



***** [ スケジュール済みタスク ] *****

[-] 検出済みタスク：GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000Core
[-] 検出済みタスク：GoogleUpdateTaskUserS-1-5-21-100475543-2879375045-329549845-1000UA


***** [ レジストリ ] *****

[-] 削除済みキー：HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner


***** [ ブラウザ ] *****

[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb


*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2491 バイト] - [04/07/2017 09:59:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [2828 バイト] - [04/07/2017 09:56:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2645 バイト] ##########

[MBAM]
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2017.07.04.04

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.1358.14393.0
UserName :: NEC [管理者]

2017/07/04 10:24:57
mbam-log-2017-07-04 (10-24-57).txt

スキャンタイプ： フルスキャン (C:\|D:\|)
有効なスキャン領域： メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM） | ピア・ツー・ピアプログラム（P2P）
無効なスキャン領域:
スキャンしたアイテム数: 707613
経過時間： 1 時間, 44 分, 5 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 0
(悪意のあるアイテムは検出されていません。)

(終)

作業と報告、ご苦労様です。
両ツールの結果ログを見せてもらいました。

MBAMではほとんど検出なかったようですがACでFunmoodsやaskの残骸が検出されてますね。
やはりブラウザに残骸が残ってました。
それもAC上から処置できたのでいいでしょう。
両ツールは準備時の説明に沿って片付けてください。

ただ、ここでひとつ確認をお願いします。
自分が見落としてたようですが、そのPCでオンラインバンキング等を使っていますか？
それ用のツールであるPhishWallが入ってますね。

バンキングや取引に使うPCで感染を疑われる異常が出た場合は針の穴から堤も崩れるの危険が格段に跳ね上がります。

該当PCでバンキングや何かの取り引きを行っているかを、支障ない範囲で教えてください。

何も取引に使わないのにPhishWallを入れてそのままにしていたとかならまだ不安は薄いですが、これのお返事を訊いてから安全な対応を考えましょう

こんばんは！

PhishWallは某銀行の推奨を受けてインストールしました。
日本国外におりますのでバンキングは使用せざるを得ません。
感染に気付いてからはアクセスしていませんが

バンキングとは関係ありませんが、こういうことがありました。

リダイレクトが始まってしばらく経ってから、突然iPhoneの電源が落ち、指紋登録が消え、
OSもおかしくなり、アップルサポートセンターから送ってもらったOSを入れなおしました。
アップルID（メールアドレス）とパスワードなどは変更し、
IDに紐づいているクレジットカードに不正使用がないかどうか、スマホから携帯回線を利用して確認しました。

お世話になったACとMBAMを片付けようとして、その前に何気なくACでスキャンボタンを押してみましたところ、
下記のとおりひっかかりました。

# AdwCleaner v6.047 - ログファイルの作成日 05/07/2017 作成時間 11:08:43
# Malwarebytesによる 19/05/2017 の更新日
# データベース : 2017-07-04.2 [ローカル]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : UserName - NEC
# 実行場所 : C:\Users\UserName\Downloads\AdwCleaner.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support



***** [ サービス ] *****



***** [ フォルダ ] *****



***** [ ファイル ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ ショートカット ] *****



***** [ スケジュール済みタスク ] *****



***** [ レジストリ ] *****



***** [ ブラウザ ] *****

[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb


*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2728 バイト] - [04/07/2017 09:59:24]
C:\AdwCleaner\AdwCleaner[C2].txt - [2231 バイト] - [05/07/2017 11:08:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [2828 バイト] - [04/07/2017 09:56:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [2835 バイト] - [05/07/2017 10:52:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [2912 バイト] - [05/07/2017 11:08:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2539 バイト] ##########

おはようございます。

>PhishWallは某銀行の推奨を受けてインストールしました。
>日本国外におりますのでバンキングは使用せざるを得ません。
>感染に気付いてからはアクセスしていませんが

なるほど、投稿時のアクセス情報からも外国だったのはそのためですか。

基本的にネット取引使用するPCで感染の疑いが見えたら、すぐにでもLANケーブルを部くなりしてネットから物理的に切断した状態で必要かつ信頼できるデータだけをバックアップ後すみやかにリカバリと言うのが鉄板の対処です。
リカバリ後はそれ以前にPCで入力した各種パスワード等の個人情報も全変更ですね。
特に取引用の情報は最優先で変更必須です。

>ACとMBAMを片付けようとして、その前に何気なくACでスキャンボタンを押してみましたところ、
>下記のとおりひっかかりました。

また確認ですが、Chromeで「同期」して使っていますか？
同期後に両ツールを使って再度の検出が見つかったならまた大体の状況も予想できますが、とりあえず同期使用の有無を教えてください

はい、Chrome は同期させました。

レスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて倒すのが悪代官の策略です（←いったい何と戦ってるんだ

>Chrome は同期させました

やはりですか。
では以下の手順に沿って確認と作業してください。

まず下記ページの説明をよく読んでおいてください。
https://blogs.yahoo.co.jp/fukumadenbekkan/57755062.html

読み終えたらChromeを起動して同期してください。

その状態で、前述リンク先ページの説明に沿ってChromeの設定画面でFunmoddsとaskを探してください。
見つかればそれを無効化と削除です。
続いて検索エンジン設定も見て、そこにもいたらやはり削除です。

そのあと「タスクスケジューラ」も確認して、そこにも見つかればやはり処置です。
おそらくここはもういないでしょうが一応確認を。

ここまでできたら一度PC再起動後、再度Chromeで同期後に再度設定画面確認して、処置したはずのask等が復活していないかの確認です。

そのあとChromeを起動したまま、先に使ったACで再度スキャンして、検出があればそれも処置です。
今度はMBAMはスキャンしなくていいです。

ここまでできたらChromeも終了後、ACの結果ログとともに作業結果とその後の状態報告をレスください。
おそらくこれでask等も復活しなくなるはずです

Chromeの設定を開きますと、以下のダイアログが表示されます。
「一部の設定がリセットされました
設定の一部が別のプログラムによって変更されていたため、元のデフォルト設定に戻しました。」
機能拡張、検索エンジン、プラグイン（現バージョンではコンテンツの設定）、起動時のページは自分が設定した通りです。
Chromeが自動的に元の設定に戻したということでしょうか。

また、タスクスケジューラに疑われるタスクはありませんでした。

つまり自ら無効化、削除の作業はできませんでした。

ACでスキャン、駆除を行い、Chromeを再起動すると再びACで検出されるというサイクルの繰り返しです。
設定自体はChromeが防いでくれたのか（？）常に元に戻っています。

ACログは内容が同じですので、1つだけ貼り付けます。



# AdwCleaner v6.047 - ログファイルの作成日 06/07/2017 作成時間 11:17:42
# Malwarebytesによる 19/05/2017 の更新日
# データベース : 2017-07-06.1 [サーバー]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : UserName - NEC
# 実行場所 : C:\Users\UserName\Downloads\AdwCleaner.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support



***** [ サービス ] *****



***** [ フォルダ ] *****



***** [ ファイル ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ ショートカット ] *****



***** [ スケジュール済みタスク ] *****



***** [ レジストリ ] *****



***** [ ブラウザ ] *****

[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\UserName\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb


*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2728 バイト] - [04/07/2017 09:59:24]
C:\AdwCleaner\AdwCleaner[C2].txt - [2622 バイト] - [05/07/2017 11:08:43]
C:\AdwCleaner\AdwCleaner[C3].txt - [2308 バイト] - [06/07/2017 11:17:42]
C:\AdwCleaner\AdwCleaner[S0].txt - [2828 バイト] - [04/07/2017 09:56:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [2835 バイト] - [05/07/2017 10:52:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [2912 バイト] - [05/07/2017 11:08:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [3066 バイト] - [06/07/2017 11:15:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2693 バイト] ##########

今日もレスが遅くなってすみません。

作業後の報告とログも見せてもらいました。

>タスクスケジューラに疑われるタスクはありませんでした。

>つまり自ら無効化、削除の作業はできませんでした。

ブラウザの設定画面には対象は見えなかったようですね。
でも再度のACスキャンで見つかるならブラウザに【確実に】入り込んでいたということになります。

先の自分が指示した作業では今回はひっかからなかったようなので、角度を変えてみますか。

まず下記のツールをダウンロード、保存しておいてください。
「Chromeクリーンアップツール」
https://www.google.co.jp/chrome/cleanup-tool/index.html

説明ページ
https://support.google.com/chrome/answer/6086368?hl=ja

読み終えたらまたChromeを起動して同期してください。

同期したらその状態で保存したツールを起動してください。

このツールはChromeに入りこんだ拡張類を一度まとめて掃除するツールです。

ツールでスキャン後、検出されたものがあればそれを全部選択してリセットです。

ツールでの処置が終わったらまたChrome終了して念のためPCも一度再起動後、またACでスキャンと処置してください。

そのあとにまたChrome起動と同期して状態確認後、状態報告をレスください。

なお、普通なら上記のツールは同期しない状態で使うことが多いのですが、Chromeの同期状態でインストールされた拡張類はChromeのアカウント内のブラウザ設定に記憶されるので、同期状態でしか設定変更できません。
そのため今回は上記の手順で作業してもらうのです。

Chromeクリーンアップツールでは「プログラムが見つかりませんでした」という結果でした。
その後Chromeの設定をリセットし、PC再起動、ACスキャン、削除。
Chromeを起動すると
「一部の設定がリセットされました
設定の一部が別のプログラムによって変更されていたため、元のデフォルト設定に戻しました。」
という同様のダイアログが表示され、ACでスキャンすると全く同じ設定が検出されます。

ChromeをGUでアンインストール、再インストールしても同じ結果でした。

リカバリを念頭に調べ物と準備をしていましたところ、
Microsoft Edge で go.padsdel.com へ飛ばされました。
これからインターネットから遮断してバックアップとリカバリ作業に入ります。

リカバリを回避したかった理由はインターネット回線が貧弱で、
リカバリ後のWindows Updateに失敗する可能性があることです。
大雨強風程度で数時間不通になり、停電もまれにあります。

以前、家族のPCをリカバリした際はパソコンりかばり堂本舗さんの情報を参考に
rollupパッケージを先入れして対処しました。
今回もうまくいきますように！
https://www.ikt-s.com/howto-check-for-update-rollup/

今夜もまた遅くなってごめんなさい。

>Microsoft Edge で go.padsdel.com へ飛ばされました。
>これからインターネットから遮断してバックアップとリカバリ作業に入ります。

うーん、ツールでの処置も解析もできないのはかなり妙ですが、はっきりとリダイレクトが起きている以上これ以上時間かけるのは避けるべきですね。
ネットバンキングも使っていることを考えると尚更猶予はありませんね。

リカバリ前に必要なデータのバックアップはされるでしょうが、バックアップは「信頼できるデータ」だけにしてください。
ネット上からDLしたファイル、アプリ等で作者とサイトが本当に信頼できるものだけにしないと、一つでも怪しいモノをバックアップしてしまうとそれをPCに戻した途端リカバリ後でも元の木阿弥です。

リカバリができたらまたHJTログと、CCでインストール情報と各タブのログを取り直して、それらをリカバリ後の状態報告とともにレスください。

リカバリ後でも見落としがないように再度確認します

いつもありがとうございます。

事情あって今回はWindows 7へ戻さず、Windows 10の初期化（Cドライブフォーマット&Windows 10 再インストール、Dドライブ保持）、Windows Update実施、Comodoインストールまで終えました。
実は一度ダメ元で「個人用ファイルを保持する」を試したところ、レジストリとChrome設定が生き残りました…
個人用ファイルは明日以降慎重に戻します。
実行ファイル以外も危険性はあるのでしょうか？
Windows 7仕様のバックアップを行なったのでAppDataがまるまるバックアップされていますが、そちらは精査しきれないため破棄予定です。

またレスが遅くなってすみません。

>今回はWindows 7へ戻さず、Windows 10の初期化（Cドライブフォーマット&Windows 10 再インストール、Dドライブ保持）、Windows Update実施、Comodoインストールまで終えました。

はい、フォーマットしたうえでのリカバリなら安全度も高いのでいいかとは思います。

>「個人用ファイルを保持する」を試したところ、レジストリとChrome設定が生き残りました…

>実行ファイル以外も危険性はあるのでしょうか？

実行ファイル以外でも危険性は常にあります。
というより、実行ファイルに多いのはexeファイルと思われがちですが、巧妙なマルウェアなら拡張子の偽装も平気であります。
一昔前ならスクリーンセーバーに多いscr形式ファイルに偽装した実行ファイルのマルウェアもネット上に腐るほど転がってました（←腐ってるのはヲマエの根性

他にも画像音声文書計算表などなどあらゆる形式のファイルに偽装されます。

ここでの作業の初めのほうで「拡張子を表示する」設定にしてもらったのも、ネット上で拡張子偽装したリンクURLを見破るために有効だからです。
これも確実ではないですがやっておいたほうが危険度は下がります。

>Windows 7仕様のバックアップを行なったのでAppDataがまるまるバックアップされていますが、そちらは精査しきれないため破棄予定です

バックアップした容量が大きいため確認も大変でしょうが、見落としがないようにご自身で信頼できるファイルの見分けをしてください。

では作業が落ち着いたらHJTとCCの各ログを明日以降でもいいので取り終えたらレスをどうぞ

まだバックアップも戻し入れていないのにEdgeでリダイレクト現象が発生しました。
Dドライブを保持したことは影響しますでしょうか？
AdwCleanerで検出なしです。

いったいどういう仕組みなのか？わからないことへのストレスが大きいです。
天気が悪いですが散歩してきます。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:39:01, on 2017/07/09
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)


Boot mode: Safe mode with network support

Running processes:
D:\ユーザー名\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 4216 bytes

インストール

3D Builder Microsoft Corporation 2017/07/09 14.1.1302.0
CCleaner Piriform 2017/07/09 5.31
COMODO Internet Security Premium COMODO Security Solutions Inc. 2017/07/08 10.0.1.6254
Groove ミュージック Microsoft Corporation 2017/07/09 10.17042.14111.0
Internet Security Essentials Comodo 2017/07/08 1.2.422025.92
Microsoft OneDrive Microsoft Corporation 2017/07/08 102 MB 17.3.6917.0607
Microsoft Solitaire Collection Microsoft Studios 2017/07/09 3.16.6200.0
Microsoft Sticky Notes Microsoft Corporation 2017/07/09 1.8.0.0
NX PAD Driver Alps 2017/07/08 24.2 MB 8.100.909.312
OneNote Microsoft Corporation 2017/07/09 17.8269.57841.0
People Microsoft Corporation 2017/07/09 10.2.1451.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/07/08 40.7 MB 6.0.1.7535
Windows 10 Update and Privacy Settings Microsoft Corporation 2017/07/08 1.05 MB 1.0.14.0
Xbox Microsoft Corporation 2017/07/09 29.30.2001.0
Xbox Identity Provider Microsoft Corporation 2017/07/09 11.19.19003.0
アプリ インストーラー Microsoft Corporation 2017/07/09 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/07/09 10.1705.1303.0
カメラ Microsoft Corporation 2017/07/09 2017.308.50.0
ストア Microsoft Corporation 2017/07/09 11705.1001.21.0
ストア購入アプリ Microsoft Corporation 2017/07/09 11705.1706.15001.0
ヒント Microsoft Corporation 2017/07/09 5.10.1441.0
フォト Microsoft Corporation 2017/07/09 2017.18062.12990.0
ボイス レコーダー Microsoft Corporation 2017/07/09 10.1705.1302.0
マップ Microsoft Corporation 2017/07/09 5.1705.1391.0
メッセージング Microsoft Corporation 2017/07/08 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/07/09 17.8241.41125.0
天気 Microsoft Corporation 2017/07/09 4.20.1102.0
映画 & テレビ Microsoft Corporation 2017/07/09 10.17054.14711.0
電卓 Microsoft Corporation 2017/07/09 10.1705.1301.0


スタートアップ Windows

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Apoint2K\Apoint.exe
有効 HKLM:Run COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} COMODO C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\WINDOWS\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\WINDOWS\system32\igfxtray.exe
有効 HKLM:Run IseUI COMODO C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
有効 HKLM:Run NECMFK NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Persistence Intel Corporation C:\WINDOWS\system32\igfxpers.exe
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Folder Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll

今夜も遅くなりました。

>まだバックアップも戻し入れていないのにEdgeでリダイレクト現象が発生しました。
>Dドライブを保持したことは影響しますでしょうか？
>AdwCleanerで検出なしです。

はい、現在の各ログも見せてもらいましたが、CCで「IE」タブのログだけ抜けているのでこのログも追加で見せてください。

それと、別のログも取ってもらえますか。
今度はHJTも使って解析してみます。

HJTを起動して、「Main menu」の「Open the misc tools section」から「Open hosts file manager」を開いてください。

すると次の画面でHJTのウインドウ内にそのPCのhostsファイルの内容が表示されます。
これはWindowsの標準ファイルで、ここを改ざんされると、意図しないサイトにロダイレクトされることもある、セキュリティ上でも重要なものです。

ウインドウ内に内容が表示されたら「Open in notepad」を押すとその内容がtxtファイルで表示されます。

その内容を丸ごとコピペでレスに貼って見せてください。

確証はありませんが、Windows標準のhostsファイルの改ざんされていたらリダイレクトも起きます。
このhostsはCCやMBAM等でも中身を見ることはできないので手動作業で見てみます。
もしhostsの内容が１万文字を越えるほど長くなったら１万文字以内に分割して複数回に分けてレスくれればいいです
http://www1.odn.ne.jp/megukuma/count.htm

こんばんは。CC の「IE」ログがないのはプラグイン自体がないためです。
昨日、記載し忘れました。

以下hostsです

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

おはようございます。たまに出没するサインと申します。

一通り拝見しましたが、iPad、iPhoneでのリダイレクトはまだ発生していますか？

最初の書き込みから可能性はあると思っていましたが、リカバリ後もリダイレクトが発生するという事なので、
本件はルータの設定改ざんの疑いがあります。
可能であれば、ルータの初期化を試してみてください。

ルータにインターネット接続用の設定がある場合は、初期化によってインターネット接続ができなくなりますので、
設定時に使用したマニュアル等を用意しておいてください。

ルータ初期化前に、コマンドプロンプトを起動し以下のコマンドを実行してください。

bitsadmin /reset /allusers >> %userprofile%\Desktop\cmd.txt

ipconfig /flushdns >> %userprofile%\Desktop\cmd.txt

ping www.google-analytics.com >> %userprofile%\Desktop\cmd.txt

ping googleads.g.doubleclick.net >> %userprofile%\Desktop\cmd.txt

ping connect.facebook.net >> %userprofile%\Desktop\cmd.txt

ping doubleclick.net >> %userprofile%\Desktop\cmd.txt

ping overture.com >> %userprofile%\Desktop\cmd.txt

実行後、デスクトップに"cmd.txt"というファイルができますので、
ルータの初期化を実施頂いた後、症状が発生するかどうかと合わせて、ファイルの中身も教えてください。

サイン様、ありがとうございます。
iPad, iPhone のリダイレクトは当該PCからのアウトバウンド通信をフィルタリングして止まりました。
また、PCリカバリ直後にルーターは初期化し、パスワード等新しくしております。

実は最初にリダイレクトが発生したのがiPad、iPhoneだったので、まずルーターを疑い、動転していたので間違ったファームウェアを適用し、ルーター1台を文鎮化させました。こちら某国では文鎮の代わりにレンガと呼びます。

どうするべきでしょうか。
現在家族からもらった本物のウイルスと戦っておりまして、
悪寒と頭痛により作業等遅れるかもしれません。

悪代官さんが来るまで繋ぎます。
悪代官さんからの案内があればそちらを優先してください。

リカバリ後だけあって、今あるログで明確に悪質なものは見当たりません。
症状が出始めた時期はいつ頃でしょうか？

リカバリ、ルータの初期化でもだめとのことで、なかなかしつこいですね。

以下のツールを使用してみます。
・TDSS Killer
以下のURLからtdsskiller.exeをダウンロードし、適当な場所に保存してください。
http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe
実施前に各種アプリを終了しておいてください。
起動後「Change parameters」と表示される画面まで、「Accept」ボタンで進んでください。
「Change parameters」をクリックし、「Detect TDLFS file system」にチェックを入れてOKを押し、Start scanを押してスキャンを開始してください。
「Suspicious Object」が見つかった場合は「Skip」、「Malware Object」が見つかった場合は「Cure」が選択されている事を確認し、「Continue」を押してください。
実行後、Cドライブ直下にログが保存されますので、内容を貼り付けてください。
ログが長い場合は切れてしまうので、適当な箇所で分割して投稿してください。

ご自身がウイルス感染してしまったとのことで、無理することはありませんのでできる時に実施してください。

気付いたのは約4週前ですが、おそらく3か月以上前から感染していたと思います。
2か月不在にし、不在にする直前に一度だけiPadに奇妙なウイルス除去サービスの広告が現れました。
その後自宅を離れてすっかり忘れていました。
帰宅後iPad iPhoneで頻繁にリダイレクト発生、PCのブラウザでも始まり…

ところで、月曜日にDドライブをフォーマットしました。
風邪をひいてしまったので、以後あまりPCを使用していませんが
今までのところgo.padsdel.comへとばされていません。

以下、TDSS Killer のログです

09:06:21.0911 0x1ae4 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
09:06:27.0802 0x1ae4 ============================================================
09:06:27.0802 0x1ae4 Current date / time: 2017/07/11 09:06:27.0802
09:06:27.0802 0x1ae4 SystemInfo:
09:06:27.0802 0x1ae4
09:06:27.0802 0x1ae4 OS Version: 10.0.14393 ServicePack: 0.0
09:06:27.0802 0x1ae4 Product type: Workstation
09:06:27.0802 0x1ae4 ComputerName: DESKTOP-FD8BKOC
09:06:27.0802 0x1ae4 UserName: ユーザー名
09:06:27.0802 0x1ae4 Windows directory: C:\WINDOWS
09:06:27.0802 0x1ae4 System windows directory: C:\WINDOWS
09:06:27.0802 0x1ae4 Running under WOW64
09:06:27.0802 0x1ae4 Processor architecture: Intel x64
09:06:27.0802 0x1ae4 Number of processors: 4
09:06:27.0802 0x1ae4 Page size: 0x1000
09:06:27.0802 0x1ae4 Boot type: Normal boot
09:06:27.0802 0x1ae4 CodeIntegrityOptions = 0x00000001
09:06:27.0802 0x1ae4 ============================================================
09:06:27.0833 0x1ae4 KLMD registered as C:\WINDOWS\system32\drivers\43875512.sys
09:06:27.0833 0x1ae4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1358, osProperties = 0x19
09:06:28.0286 0x1ae4 System UUID: {1D3B1819-A0F3-0A3F-8700-F494AFE59120}
09:06:29.0739 0x1ae4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:06:29.0755 0x1ae4 ============================================================
09:06:29.0755 0x1ae4 \Device\Harddisk0\DR0:
09:06:29.0755 0x1ae4 MBR partitions:
09:06:29.0755 0x1ae4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3BA000, BlocksNum 0x1D1A9000
09:06:29.0755 0x1ae4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D563000, BlocksNum 0x19D52000
09:06:29.0755 0x1ae4 ============================================================
09:06:29.0771 0x1ae4 C: <-> \Device\Harddisk0\DR0\Partition1
09:06:29.0802 0x1ae4 D: <-> \Device\Harddisk0\DR0\Partition2
09:06:29.0802 0x1ae4 ============================================================
09:06:29.0802 0x1ae4 Initialize success
09:06:29.0802 0x1ae4 ============================================================
09:07:10.0413 0x088c ============================================================
09:07:10.0413 0x088c Scan started
09:07:10.0413 0x088c Mode: Manual; TDLFS;
09:07:10.0413 0x088c ============================================================
09:07:10.0413 0x088c KSN ping started
09:07:10.0647 0x088c KSN ping finished: true
09:07:13.0663 0x088c ================ Scan system memory ========================
09:07:13.0663 0x088c System memory - ok
09:07:13.0663 0x088c ================ Scan services =============================
09:07:14.0148 0x088c [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:07:14.0163 0x088c 1394ohci - ok
09:07:14.0210 0x088c [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:07:14.0210 0x088c 3ware - ok
09:07:14.0241 0x088c [ 8BDA984C45DCDAD1278DFF62B365A518, 5F0C26DD6C5B20E3969829894BB587F7D9E6703FE651C718137ACDBB5849CBBC ] a8djusb_svc C:\WINDOWS\System32\Drivers\a8djusb.sys
09:07:14.0241 0x088c a8djusb_svc - ok
09:07:14.0335 0x088c [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:07:14.0366 0x088c ACPI - ok
09:07:14.0413 0x088c [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
09:07:14.0413 0x088c AcpiDev - ok
09:07:14.0460 0x088c [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:07:14.0460 0x088c acpiex - ok
09:07:14.0523 0x088c [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:07:14.0523 0x088c acpipagr - ok
09:07:14.0601 0x088c [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:07:14.0601 0x088c AcpiPmi - ok
09:07:14.0632 0x088c [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:07:14.0632 0x088c acpitime - ok
09:07:14.0726 0x088c [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:07:14.0757 0x088c ADP80XX - ok
09:07:14.0804 0x088c [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:07:14.0835 0x088c AFD - ok
09:07:14.0882 0x088c [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:07:14.0898 0x088c ahcache - ok
09:07:14.0944 0x088c [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:07:14.0960 0x088c AJRouter - ok
09:07:14.0991 0x088c [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
09:07:15.0007 0x088c ALG - ok
09:07:15.0085 0x088c [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:07:15.0085 0x088c AmdK8 - ok
09:07:15.0116 0x088c [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:07:15.0132 0x088c AmdPPM - ok
09:07:15.0148 0x088c [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:07:15.0163 0x088c amdsata - ok
09:07:15.0226 0x088c [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:07:15.0241 0x088c amdsbs - ok
09:07:15.0273 0x088c [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:07:15.0288 0x088c amdxata - ok
09:07:15.0335 0x088c [ 1E25499DEA6C4FDA34F1CA09B3071A26, 6CAEF17656D47B7DB10F28411758F4BBE6EF77897E5998230565350E69DFD4F7 ] ApfiltrService C:\WINDOWS\System32\drivers\Apfiltr.sys
09:07:15.0351 0x088c ApfiltrService - ok
09:07:15.0366 0x088c [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:07:15.0366 0x088c AppID - ok
09:07:15.0429 0x088c [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:07:15.0429 0x088c AppIDSvc - ok
09:07:15.0491 0x088c [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:07:15.0491 0x088c Appinfo - ok
09:07:15.0554 0x088c [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
09:07:15.0554 0x088c applockerfltr - ok
09:07:15.0663 0x088c [ E2B0B9A477C169C466609F866311CD45, 26846DC6BF6ECFD97A7C0714160B870A733E1255779029327C1415D48AF133E6 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:07:15.0679 0x088c AppReadiness - ok
09:07:15.0819 0x088c [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:07:15.0882 0x088c AppXSvc - ok
09:07:15.0929 0x088c [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:07:15.0944 0x088c arcsas - ok
09:07:15.0976 0x088c [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:07:15.0976 0x088c AsyncMac - ok
09:07:16.0054 0x088c [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:07:16.0054 0x088c atapi - ok
09:07:16.0273 0x088c [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr C:\WINDOWS\System32\drivers\athwnx.sys
09:07:16.0366 0x088c athr - ok
09:07:16.0460 0x088c [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:07:16.0476 0x088c AudioEndpointBuilder - ok
09:07:16.0585 0x088c [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:07:16.0616 0x088c Audiosrv - ok
09:07:16.0663 0x088c [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:07:16.0663 0x088c AxInstSV - ok
09:07:16.0788 0x088c [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:07:16.0804 0x088c b06bdrv - ok
09:07:16.0866 0x088c [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:07:16.0882 0x088c BasicDisplay - ok
09:07:16.0945 0x088c [ 72ABA6AC74F7AA9C9A4AC61BE628ADD1, 4B0F0B9224A3CA52F9F17FCE7A7DCABBDF2DC0B084EAA1B89807B58D0F866788 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:07:16.0945 0x088c BasicRender - ok
09:07:17.0023 0x088c [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
09:07:17.0023 0x088c bcmfn - ok
09:07:17.0038 0x088c [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:07:17.0038 0x088c bcmfn2 - ok
09:07:17.0116 0x088c [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:07:17.0132 0x088c BDESVC - ok
09:07:17.0163 0x088c [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:07:17.0179 0x088c Beep - ok
09:07:17.0257 0x088c [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
09:07:17.0273 0x088c BFE - ok
09:07:17.0382 0x088c [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
09:07:17.0491 0x088c BITS - ok
09:07:17.0523 0x088c [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:07:17.0523 0x088c bowser - ok
09:07:17.0616 0x088c [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:07:17.0648 0x088c BrokerInfrastructure - ok
09:07:17.0695 0x088c [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:07:17.0710 0x088c BthAvrcpTg - ok
09:07:17.0726 0x088c [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:07:17.0726 0x088c BthHFEnum - ok
09:07:17.0773 0x088c [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:07:17.0788 0x088c bthhfhid - ok
09:07:17.0851 0x088c [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:07:17.0866 0x088c BthHFSrv - ok
09:07:17.0913 0x088c [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:07:17.0929 0x088c BTHMODEM - ok
09:07:17.0976 0x088c [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv C:\WINDOWS\system32\bthserv.dll
09:07:17.0991 0x088c bthserv - ok
09:07:18.0038 0x088c [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:07:18.0038 0x088c buttonconverter - ok
09:07:18.0116 0x088c [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:07:18.0132 0x088c CapImg - ok
09:07:18.0179 0x088c [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:07:18.0179 0x088c cdfs - ok
09:07:18.0257 0x088c [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:07:18.0273 0x088c CDPSvc - ok
09:07:18.0320 0x088c [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
09:07:18.0335 0x088c CDPUserSvc - ok
09:07:18.0382 0x088c [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:07:18.0398 0x088c cdrom - ok
09:07:18.0460 0x088c [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:07:18.0476 0x088c CertPropSvc - ok
09:07:18.0538 0x088c [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
09:07:18.0554 0x088c cht4iscsi - ok
09:07:18.0679 0x088c [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
09:07:18.0726 0x088c cht4vbd - ok
09:07:18.0788 0x088c [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:07:18.0788 0x088c circlass - ok
09:07:18.0867 0x088c [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:07:18.0882 0x088c CLFS - ok
09:07:18.0960 0x088c [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:07:18.0976 0x088c ClipSVC - ok
09:07:19.0007 0x088c [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
09:07:19.0023 0x088c clreg - ok
09:07:19.0101 0x088c [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:07:19.0116 0x088c CmBatt - ok
09:07:19.0601 0x088c [ F0389F97FA6675454C8941B1401284D4, 42A14315F889A705CDD70742F34965987FA72CE8E0BFA51F5BCE3C6F6F7C7EE6 ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:07:19.0992 0x088c CmdAgent - ok
09:07:20.0054 0x088c [ E68AC8E16354335093A799315AE1DAE6, 44435BC41792F17B3D5569FB97B6756C759953B2D51646CC65309EEAF737A503 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
09:07:20.0054 0x088c cmderd - ok
09:07:20.0132 0x088c [ DDAE1764601DE0EEA2DD7C280CA2B581, 59415C94A3A24D6B906E057B615EF91AF16A0B1DFD6DDE91BBE9C7D8C320735A ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
09:07:20.0148 0x088c cmdGuard - ok
09:07:20.0163 0x088c [ FBA49CE73BD0A358206CA63EB0A54A4E, EB5FC5ED0EEB644A0F2CC02B239EC0B70008DED16500AB55DFCE32E5EB84CEF1 ] cmdhlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
09:07:20.0163 0x088c cmdhlp - ok
09:07:20.0304 0x088c [ 161D668CD4054216FB98F1BF2D8363D0, F868E418709F58E187D4AED9A2ABAB863F560587B23F9C957D94CC642206B81D ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
09:07:20.0382 0x088c cmdvirth - ok
09:07:20.0460 0x088c [ 8360BD603D3596E1D6D9BD04E69DE5E9, AF3C847C8DDFC5C6CB0BA11967DD06EC4CBFA369C87C2FB2C4625EBC449471C4 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:07:20.0492 0x088c CNG - ok
09:07:20.0507 0x088c [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:07:20.0523 0x088c cnghwassist - ok
09:07:20.0788 0x088c [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
09:07:20.0788 0x088c CompositeBus - ok
09:07:20.0804 0x088c COMSysApp - ok
09:07:20.0835 0x088c [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:07:20.0851 0x088c condrv - ok
09:07:20.0929 0x088c [ 9171E680ADE30F22D78AF28F84DA27D5, 710FF073C66BFA476DAA2165BD7084BB16E90EFBCFB608B7100422419FA83994 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:07:20.0960 0x088c CoreMessagingRegistrar - ok
09:07:21.0007 0x088c [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:07:21.0023 0x088c CryptSvc - ok
09:07:21.0054 0x088c [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\WINDOWS\system32\drivers\dam.sys
09:07:21.0070 0x088c dam - ok
09:07:21.0163 0x088c [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:07:21.0195 0x088c DcomLaunch - ok
09:07:21.0257 0x088c [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
09:07:21.0273 0x088c DcpSvc - ok
09:07:21.0351 0x088c [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:07:21.0367 0x088c defragsvc - ok
09:07:21.0445 0x088c [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:07:21.0460 0x088c DeviceAssociationService - ok
09:07:21.0507 0x088c [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:07:21.0523 0x088c DeviceInstall - ok
09:07:21.0585 0x088c [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:07:21.0585 0x088c DevQueryBroker - ok
09:07:21.0632 0x088c [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:07:21.0632 0x088c Dfsc - ok
09:07:21.0742 0x088c [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:07:21.0757 0x088c Dhcp - ok
09:07:21.0851 0x088c [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:07:21.0851 0x088c diagnosticshub.standardcollector.service - ok
09:07:22.0007 0x088c [ 22391290BB9D3ED68950672E42B6F3F0, C4DC2DD3CF1564181377A67AB7E08DEFB377D4AE51956A4F27CE46C038D04AFE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:07:22.0054 0x088c DiagTrack - ok
09:07:22.0132 0x088c [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
09:07:22.0148 0x088c disk - ok
09:07:22.0242 0x088c [ 527CE76D1B0587A3F9156809B3E2275E, 6FAB680F73774F3FAA65258D53DC8ADCDAEE2ABDDF825ED79F9526DC3B9B7312 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:07:22.0273 0x088c DmEnrollmentSvc - ok
09:07:22.0351 0x088c [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:07:22.0351 0x088c dmvsc - ok
09:07:22.0414 0x088c [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:07:22.0414 0x088c dmwappushservice - ok
09:07:22.0476 0x088c [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:07:22.0492 0x088c Dnscache - ok
09:07:22.0538 0x088c [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:07:22.0538 0x088c dot3svc - ok
09:07:22.0570 0x088c [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
09:07:22.0570 0x088c DPS - ok
09:07:22.0664 0x088c [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:07:22.0664 0x088c drmkaud - ok
09:07:22.0742 0x088c [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:07:22.0742 0x088c DsmSvc - ok
09:07:22.0789 0x088c [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:07:22.0804 0x088c DsSvc - ok
09:07:22.0945 0x088c [ C867FABEFF1A553330093384D022F963, 85910F3D2BAB804308DFB31DB16178B6A8EE0D3C9B3695F4E4F2DAF14EA98BAD ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:07:22.0992 0x088c DXGKrnl - ok
09:07:23.0039 0x088c [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:07:23.0054 0x088c EapHost - ok
09:07:23.0210 0x088c [ 9FF412B8514C4465C4856E06C13FF921, 8C78812255B7A9FE1355A786E6B2F2361E278BD2AC214E6434AC3D3059A04F82 ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
09:07:23.0210 0x088c EaseUS Agent - ok
09:07:23.0429 0x088c [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:07:23.0492 0x088c ebdrv - ok
09:07:23.0570 0x088c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
09:07:23.0570 0x088c EFS - ok
09:07:23.0632 0x088c [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:07:23.0632 0x088c EhStorClass - ok
09:07:23.0710 0x088c [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:07:23.0726 0x088c EhStorTcgDrv - ok
09:07:23.0789 0x088c [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:07:23.0789 0x088c embeddedmode - ok
09:07:23.0867 0x088c [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:07:23.0882 0x088c EntAppSvc - ok
09:07:23.0945 0x088c [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:07:23.0960 0x088c ErrDev - ok
09:07:24.0007 0x088c [ C5713A2B4C9D9150041FB70C4A2ADE07, 7C33825BD8C4FD186E7A90F7E2EC64E105437DF861F3D9C76281D6689A489B46 ] EUBAKUP C:\WINDOWS\system32\drivers\eubakup.sys
09:07:24.0007 0x088c EUBAKUP - ok
09:07:24.0039 0x088c [ 5061B571167E1EE26E8D549CCDBE9CC6, 40968E4CA0F09FFA713BBF5EFA7338FD50BB36C1C3FCBD29ABADCA67E6503AD0 ] EUBKMON C:\WINDOWS\system32\drivers\EUBKMON.sys
09:07:24.0039 0x088c EUBKMON - ok
09:07:24.0085 0x088c [ 9E7CA2518C18576A1806F00CCD473D13, 183A0B99A8AEBC72E28712D45F645A5AB3126801D690862E51EE643F4531ED68 ] EUDSKACS C:\WINDOWS\system32\drivers\eudskacs.sys
09:07:24.0085 0x088c EUDSKACS - ok
09:07:24.0117 0x088c [ 6B133EE401475A72D252D49F8736936E, 5718723A7DA8979195DB8B7560A1C2CE9127FA90F2068B8315BD762A92588178 ] EUFDDISK C:\WINDOWS\system32\drivers\EuFdDisk.sys
09:07:24.0117 0x088c EUFDDISK - ok
09:07:24.0210 0x088c [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
09:07:24.0242 0x088c EventSystem - ok
09:07:24.0289 0x088c [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:07:24.0289 0x088c exfat - ok
09:07:24.0351 0x088c [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:07:24.0367 0x088c fastfat - ok
09:07:24.0414 0x088c [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:07:24.0414 0x088c fdc - ok
09:07:24.0460 0x088c [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:07:24.0460 0x088c fdPHost - ok
09:07:24.0476 0x088c [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:07:24.0476 0x088c FDResPub - ok
09:07:24.0523 0x088c [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:07:24.0539 0x088c fhsvc - ok
09:07:24.0585 0x088c [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:07:24.0601 0x088c FileCrypt - ok
09:07:24.0679 0x088c [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:07:24.0679 0x088c FileInfo - ok
09:07:24.0726 0x088c [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:07:24.0726 0x088c Filetrace - ok
09:07:24.0789 0x088c [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:07:24.0789 0x088c flpydisk - ok
09:07:24.0835 0x088c [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:07:24.0851 0x088c FltMgr - ok
09:07:24.0992 0x088c [ 5070B37B20DDC257AF93EB0BE8AB5690, B6ADFC68F07F8C84B79DE8E93E4735AB35146632563BA2C4279809A8DA4BE6BC ] FontCache C:\WINDOWS\system32\FntCache.dll
09:07:25.0039 0x088c FontCache - ok
09:07:25.0195 0x088c [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:07:25.0195 0x088c FontCache3.0.0.0 - ok
09:07:25.0289 0x088c [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\WINDOWS\system32\FrameServer.dll
09:07:25.0320 0x088c FrameServer - ok
09:07:25.0367 0x088c [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:07:25.0382 0x088c FsDepends - ok
09:07:25.0414 0x088c [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:07:25.0429 0x088c Fs_Rec - ok
09:07:25.0507 0x088c [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:07:25.0523 0x088c fvevol - ok
09:07:25.0601 0x088c [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:07:25.0601 0x088c gencounter - ok
09:07:25.0664 0x088c [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:07:25.0664 0x088c genericusbfn - ok
09:07:25.0710 0x088c [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:07:25.0726 0x088c GPIOClx0101 - ok
09:07:25.0836 0x088c [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:07:25.0867 0x088c gpsvc - ok
09:07:25.0898 0x088c [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:07:25.0898 0x088c GpuEnergyDrv - ok
09:07:25.0945 0x088c [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:07:25.0945 0x088c HDAudBus - ok
09:07:25.0992 0x088c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
09:07:26.0007 0x088c HECIx64 - ok
09:07:26.0039 0x088c [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:07:26.0039 0x088c HidBatt - ok
09:07:26.0117 0x088c [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:07:26.0132 0x088c HidBth - ok
09:07:26.0179 0x088c [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:07:26.0179 0x088c hidi2c - ok
09:07:26.0226 0x088c [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:07:26.0226 0x088c hidinterrupt - ok
09:07:26.0289 0x088c [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:07:26.0289 0x088c HidIr - ok
09:07:26.0351 0x088c [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:07:26.0351 0x088c hidserv - ok
09:07:26.0429 0x088c [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:07:26.0429 0x088c HidUsb - ok
09:07:26.0507 0x088c [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:07:26.0523 0x088c HomeGroupListener - ok
09:07:26.0601 0x088c [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:07:26.0617 0x088c HomeGroupProvider - ok
09:07:26.0679 0x088c [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:07:26.0695 0x088c HpSAMD - ok
09:07:26.0773 0x088c [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:07:26.0804 0x088c HTTP - ok
09:07:26.0851 0x088c [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
09:07:26.0867 0x088c HvHost - ok
09:07:26.0898 0x088c [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
09:07:26.0898 0x088c hvservice - ok
09:07:26.0945 0x088c [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:07:26.0945 0x088c hwpolicy - ok
09:07:27.0023 0x088c [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:07:27.0023 0x088c hyperkbd - ok
09:07:27.0117 0x088c [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:07:27.0132 0x088c i8042prt - ok
09:07:27.0211 0x088c [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
09:07:27.0211 0x088c iagpio - ok
09:07:27.0242 0x088c [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
09:07:27.0242 0x088c iai2c - ok
09:07:27.0304 0x088c [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
09:07:27.0304 0x088c iaLPSS2i_GPIO2 - ok
09:07:27.0351 0x088c [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:07:27.0367 0x088c iaLPSS2i_I2C - ok
09:07:27.0398 0x088c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:07:27.0414 0x088c iaLPSSi_GPIO - ok
09:07:27.0445 0x088c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:07:27.0461 0x088c iaLPSSi_I2C - ok
09:07:27.0523 0x088c [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
09:07:27.0539 0x088c iaStor - ok
09:07:27.0601 0x088c [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:07:27.0617 0x088c iaStorAV - ok
09:07:27.0679 0x088c [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:07:27.0695 0x088c iaStorV - ok
09:07:27.0804 0x088c [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:07:27.0820 0x088c ibbus - ok
09:07:27.0882 0x088c [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:07:27.0898 0x088c icssvc - ok
09:07:28.0367 0x088c [ E6D200304A8D739597678807820ABB43, 05194D2625F48C5065318C28B242A03A1C3BDC441087DAFF777203506CE4CF6E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:07:28.0617 0x088c igfx - ok
09:07:28.0742 0x088c [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:07:28.0757 0x088c IKEEXT - ok
09:07:28.0804 0x088c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\WINDOWS\System32\drivers\Impcd.sys
09:07:28.0804 0x088c Impcd - ok
09:07:28.0820 0x088c [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
09:07:28.0836 0x088c IndirectKmd - ok
09:07:28.0851 0x088c [ D245CB0CC49E7D97DF1D70885AFD1EF1, D15597276F317E576137E361E0CC4759EF0DFCF688ED1C3BBD615DD12CD4E8ED ] inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
09:07:28.0851 0x088c inspect - ok
09:07:29.0070 0x088c [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:07:29.0164 0x088c IntcAzAudAddService - ok
09:07:29.0242 0x088c [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:07:29.0258 0x088c IntcDAud - ok
09:07:29.0320 0x088c [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:07:29.0320 0x088c intelide - ok
09:07:29.0351 0x088c [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:07:29.0367 0x088c intelpep - ok
09:07:29.0429 0x088c [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:07:29.0445 0x088c intelppm - ok
09:07:29.0461 0x088c [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
09:07:29.0476 0x088c iorate - ok
09:07:29.0523 0x088c [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:07:29.0523 0x088c IpFilterDriver - ok
09:07:29.0633 0x088c [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:07:29.0664 0x088c iphlpsvc - ok
09:07:29.0742 0x088c [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:07:29.0742 0x088c IPMIDRV - ok
09:07:29.0773 0x088c [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:07:29.0789 0x088c IPNAT - ok
09:07:29.0804 0x088c [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
09:07:29.0820 0x088c irda - ok
09:07:29.0836 0x088c [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:07:29.0836 0x088c IRENUM - ok
09:07:29.0883 0x088c [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
09:07:29.0898 0x088c irmon - ok
09:07:29.0976 0x088c [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:07:29.0976 0x088c isapnp - ok
09:07:30.0086 0x088c [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:07:30.0101 0x088c iScsiPrt - ok
09:07:30.0148 0x088c [ D247D5C0F8747B52F6AFC7E6E0F3DCCD, 4F0D159DCC0086A64278C0E345A7D50A9F6843EDA1C6AE1F8D031692B3775344 ] isedrv C:\WINDOWS\system32\drivers\isedrv.sys
09:07:30.0148 0x088c isedrv - ok
09:07:30.0195 0x088c [ 2206842BCC1DBBDC29BC9C84D4231DF5, 05BDF12BAD1C410A1AF2DF0928F57A33B318ACA938FDAF9322140A0A6DB4A1CC ] isesrv C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
09:07:30.0195 0x088c isesrv - ok
09:07:30.0242 0x088c [ 2CCD1747A99AA6B13514EB521AFB1CC2, 66A8E4CAFD05B66008E4B652B736BC5D71E9709FF6E41FEB8A8FA870034A51E4 ] JabraDFU C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys
09:07:30.0258 0x088c JabraDFU - ok
09:07:30.0351 0x088c [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:07:30.0367 0x088c kbdclass - ok
09:07:30.0445 0x088c [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:07:30.0445 0x088c kbdhid - ok
09:07:30.0492 0x088c [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:07:30.0508 0x088c kdnic - ok
09:07:30.0523 0x088c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:07:30.0523 0x088c KeyIso - ok
09:07:30.0539 0x088c [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:07:30.0554 0x088c KSecDD - ok
09:07:30.0601 0x088c [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:07:30.0617 0x088c KSecPkg - ok
09:07:30.0664 0x088c [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:07:30.0664 0x088c ksthunk - ok
09:07:30.0711 0x088c [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:07:30.0726 0x088c KtmRm - ok
09:07:30.0804 0x088c [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:07:30.0820 0x088c LanmanServer - ok
09:07:30.0898 0x088c [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:07:30.0914 0x088c LanmanWorkstation - ok
09:07:30.0961 0x088c [ 8817ABA3A9180F6C4B8938842925B1E1, 95553CE98149DC5AF5FD355EFDE67315E5D8ADBC7F3D208CF994D3478D0C5CAF ] LEqdUsb C:\WINDOWS\System32\drivers\LEqdUsb.Sys
09:07:30.0961 0x088c LEqdUsb - ok
09:07:31.0008 0x088c [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:07:31.0008 0x088c lfsvc - ok
09:07:31.0054 0x088c [ 174803F2EEA3B22165DFE0E5A1F20685, 165EEF66706F38B78C338FD86AF4B25F83B6819024A25E9E646BC8B84682D59E ] LgBttPort C:\WINDOWS\System32\drivers\lgbtpt64.sys
09:07:31.0070 0x088c LgBttPort - ok
09:07:31.0086 0x088c [ 565F93BB7C0361E61B3DAEA670C354D6, E11C466C73BC46A1E56ACDB046BF7801949E8B9D9C617086172A134966BC3974 ] lgbusenum C:\WINDOWS\System32\drivers\lgbtbs64.sys
09:07:31.0086 0x088c lgbusenum - ok
09:07:31.0117 0x088c [ 8BCB069C2B6DA65B5F6F561293EE447C, A3DD644396AED87CDA7EB48BDB612A25E985E64B00FD6C81956C79B9E6A199E9 ] LHidEqd C:\WINDOWS\System32\drivers\LHidEqd.Sys
09:07:31.0133 0x088c LHidEqd - ok
09:07:31.0164 0x088c [ 0A7D6ED578D85F0C35353424EE3F5245, F1915D92519AB7146AAFD090DEDC6A98CFC19D8BD0960481B2397EFA5D53855C ] LHidFilt C:\WINDOWS\System32\drivers\LHidFilt.Sys
09:07:31.0164 0x088c LHidFilt - ok
09:07:31.0242 0x088c [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:07:31.0242 0x088c LicenseManager - ok
09:07:31.0304 0x088c [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:07:31.0304 0x088c lltdio - ok
09:07:31.0351 0x088c [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:07:31.0367 0x088c lltdsvc - ok
09:07:31.0414 0x088c [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:07:31.0429 0x088c lmhosts - ok
09:07:31.0445 0x088c [ 6542E2E6DB58118FBB1B82A68CE3AFF9, DFA36382F45282FE1161819F7F2316BA2DDC7E705A2A031626C803092E861F5A ] LMouFilt C:\WINDOWS\System32\drivers\LMouFilt.Sys
09:07:31.0461 0x088c LMouFilt - ok
09:07:31.0539 0x088c [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:07:31.0539 0x088c LSI_SAS - ok
09:07:31.0586 0x088c [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:07:31.0601 0x088c LSI_SAS2i - ok
09:07:31.0664 0x088c [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:07:31.0664 0x088c LSI_SAS3i - ok
09:07:31.0726 0x088c [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:07:31.0726 0x088c LSI_SSS - ok
09:07:31.0804 0x088c [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
09:07:31.0820 0x088c LSM - ok
09:07:31.0851 0x088c [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:07:31.0851 0x088c luafv - ok
09:07:31.0883 0x088c [ DA3494DF01C62D821911ED91CE5E1642, 6656DFB1F932A5BFAE4D5673DD817B3F70A0FDD6023B3DE6F8FB512D9995C8F0 ] LUsbFilt C:\WINDOWS\System32\Drivers\LUsbFilt.Sys
09:07:31.0898 0x088c LUsbFilt - ok
09:07:31.0945 0x088c [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:07:31.0961 0x088c MapsBroker - ok
09:07:32.0039 0x088c [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:07:32.0055 0x088c megasas - ok
09:07:32.0133 0x088c [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
09:07:32.0133 0x088c megasas2i - ok
09:07:32.0211 0x088c [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:07:32.0226 0x088c megasr - ok
09:07:32.0289 0x088c [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:07:32.0305 0x088c MessagingService - ok
09:07:32.0336 0x088c [ F3F3A04433C6393C183BDD5AAEB9CBE0, 40777E5BEABCCCEDCB1F91DEEE44A5B66AA38850D365EEDAAEFABFE0B266C673 ] MFKGTKEY C:\WINDOWS\system32\drivers\mfkgtkey.sys
09:07:32.0351 0x088c MFKGTKEY - ok
09:07:32.0445 0x088c [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:07:32.0461 0x088c mlx4_bus - ok
09:07:32.0523 0x088c [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:07:32.0523 0x088c MMCSS - ok
09:07:32.0570 0x088c [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:07:32.0570 0x088c Modem - ok
09:07:32.0617 0x088c [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:07:32.0617 0x088c monitor - ok
09:07:32.0711 0x088c [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:07:32.0711 0x088c mouclass - ok
09:07:32.0773 0x088c [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:07:32.0773 0x088c mouhid - ok
09:07:32.0836 0x088c [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:07:32.0836 0x088c mountmgr - ok
09:07:32.0851 0x088c [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:07:32.0851 0x088c mpsdrv - ok
09:07:32.0961 0x088c [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:07:32.0976 0x088c MpsSvc - ok
09:07:33.0008 0x088c [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:07:33.0023 0x088c MRxDAV - ok
09:07:33.0070 0x088c [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:07:33.0086 0x088c mrxsmb - ok
09:07:33.0117 0x088c [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:07:33.0133 0x088c mrxsmb20 - ok
09:07:33.0164 0x088c [ BEF575A5A8EC38F3BA6DB68D3CFFBD9A, 86D0BDD22430092CE1E11A7A2948725746DD848F5DF6F94808D8F0919BDF787C ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:07:33.0180 0x088c MsBridge - ok
09:07:33.0211 0x088c [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:07:33.0226 0x088c MSDTC - ok
09:07:33.0242 0x088c [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:07:33.0258 0x088c Msfs - ok
09:07:33.0320 0x088c [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:07:33.0320 0x088c msgpiowin32 - ok
09:07:33.0383 0x088c [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:07:33.0398 0x088c mshidkmdf - ok
09:07:33.0445 0x088c [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:07:33.0445 0x088c mshidumdf - ok
09:07:33.0476 0x088c [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:07:33.0476 0x088c msisadrv - ok
09:07:33.0555 0x088c [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:07:33.0570 0x088c MSiSCSI - ok
09:07:33.0586 0x088c msiserver - ok
09:07:33.0633 0x088c [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:07:33.0633 0x088c MSKSSRV - ok
09:07:33.0664 0x088c [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:07:33.0664 0x088c MsLldp - ok
09:07:33.0711 0x088c [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:07:33.0711 0x088c MSPCLOCK - ok
09:07:33.0726 0x088c [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:07:33.0742 0x088c MSPQM - ok
09:07:33.0773 0x088c [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:07:33.0789 0x088c MsRPC - ok
09:07:33.0851 0x088c [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:07:33.0851 0x088c mssmbios - ok
09:07:33.0883 0x088c [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:07:33.0883 0x088c MSTEE - ok
09:07:33.0930 0x088c [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:07:33.0930 0x088c MTConfig - ok
09:07:33.0976 0x088c [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:07:33.0976 0x088c Mup - ok
09:07:34.0023 0x088c [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:07:34.0039 0x088c mvumis - ok
09:07:34.0117 0x088c [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:07:34.0133 0x088c NativeWifiP - ok
09:07:34.0195 0x088c [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:07:34.0211 0x088c NcaSvc - ok
09:07:34.0258 0x088c [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:07:34.0273 0x088c NcbService - ok
09:07:34.0305 0x088c [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:07:34.0305 0x088c NcdAutoSetup - ok
09:07:34.0352 0x088c [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:07:34.0352 0x088c ndfltr - ok
09:07:34.0461 0x088c [ A530D0C58A657BCD1629816B887661CB, EF8E25018D64F7D0EE1E05C24E0B0DB25B0ACCF13DE0FEDAF8F0AF70BC025462 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:07:34.0492 0x088c NDIS - ok
09:07:34.0523 0x088c [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:07:34.0523 0x088c NdisCap - ok
09:07:34.0602 0x088c [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:07:34.0602 0x088c NdisImPlatform - ok
09:07:34.0664 0x088c [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:07:34.0664 0x088c NdisTapi - ok
09:07:34.0711 0x088c [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:07:34.0711 0x088c Ndisuio - ok
09:07:34.0758 0x088c [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:07:34.0758 0x088c NdisVirtualBus - ok
09:07:34.0805 0x088c [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:07:34.0805 0x088c NdisWan - ok
09:07:34.0836 0x088c [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:07:34.0836 0x088c ndiswanlegacy - ok
09:07:34.0852 0x088c [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:07:34.0852 0x088c ndproxy - ok
09:07:34.0883 0x088c [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:07:34.0883 0x088c Ndu - ok
09:07:34.0914 0x088c [ CDE6914ABE6957C59BCA84C6387554EB, AA40927198475F5479A38DA08763C304EB777A5460A8809A71A85B8552FE468F ] necbatt C:\WINDOWS\System32\drivers\necbatt.sys
09:07:34.0914 0x088c necbatt - ok
09:07:34.0914 0x088c [ B33951E5966279B23A3ED5975774AD06, 7284F2934CF341048549A5EDB41F1D6D3FD40F04EBEDAD2A9FD874CB944DB33E ] Nececfilter C:\WINDOWS\System32\drivers\nececfil.sys
09:07:34.0930 0x088c Nececfilter - ok
09:07:34.0961 0x088c [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
09:07:34.0961 0x088c NetAdapterCx - ok
09:07:34.0977 0x088c [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:07:34.0992 0x088c NetBIOS - ok
09:07:35.0023 0x088c [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:07:35.0039 0x088c NetBT - ok
09:07:35.0055 0x088c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:07:35.0055 0x088c Netlogon - ok
09:07:35.0117 0x088c [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
09:07:35.0133 0x088c Netman - ok
09:07:35.0211 0x088c [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:07:35.0242 0x088c netprofm - ok
09:07:35.0289 0x088c [ E0981C2DA535C7D579601C967210E25E, C4EF0A5E34B91D34481FA80904A5A71F22D837029A8EC9F95DE3C1F9BC68F8C0 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:07:35.0289 0x088c NetSetupSvc - ok
09:07:35.0461 0x088c [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:07:35.0477 0x088c NetTcpPortSharing - ok
09:07:35.0539 0x088c [ 589882D9779C262F10C509BA458746E4, 85A964D69C50602CEE86DA4523D635962DE6526BE425A940340039979D511BA0 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:07:35.0555 0x088c NgcCtnrSvc - ok
09:07:35.0664 0x088c [ 56D1846C49F2D2B0110535AD8C90C0E4, 33C59489919A334E18A971F983E93E4A69FCD243BD06B45BC9A4F5CA224A976B ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
09:07:35.0695 0x088c NgcSvc - ok
09:07:35.0742 0x088c [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:07:35.0758 0x088c NlaSvc - ok
09:07:35.0805 0x088c [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:07:35.0805 0x088c Npfs - ok
09:07:35.0867 0x088c [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:07:35.0867 0x088c npsvctrig - ok
09:07:35.0930 0x088c [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
09:07:35.0930 0x088c nsi - ok
09:07:35.0977 0x088c [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:07:35.0992 0x088c nsiproxy - ok
09:07:36.0133 0x088c [ 8DB6A6B731CEC9046CD8CA0267EC5679, 1C9D826D41B6C069E557B9CBF8762AB02F3C3D817AFD4F9284CD73505477E87C ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
09:07:36.0195 0x088c NTFS - ok
09:07:36.0242 0x088c [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:07:36.0242 0x088c Null - ok
09:07:36.0305 0x088c [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\W

09:07:36.0398 0x088c [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:07:36.0398 0x088c nvstor - ok
09:07:36.0445 0x088c [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2FLASH C:\WINDOWS\system32\DRIVERS\o2flash.exe
09:07:36.0445 0x088c O2FLASH - ok
09:07:36.0477 0x088c [ BFACEDA41A4060F14148FCA55E758F0D, E9207F331C6C400095D8A2BE7F21A7AF349BE0CBA12650C0CA6902B2B0C512E4 ] O2MDGRDR C:\WINDOWS\system32\DRIVERS\o2mdgx64.sys
09:07:36.0477 0x088c O2MDGRDR - ok
09:07:36.0508 0x088c [ D3158F1D6FF6220956188F7C2B33FB14, 26EABD38094E165A9EE0197387C33A69ECE73876818FE3FE37DEE9406F125182 ] O2SDGRDR C:\WINDOWS\System32\drivers\o2sdgx64.sys
09:07:36.0508 0x088c O2SDGRDR - ok
09:07:36.0570 0x088c [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:07:36.0586 0x088c OneSyncSvc - ok
09:07:36.0648 0x088c [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:07:36.0680 0x088c p2pimsvc - ok
09:07:36.0727 0x088c [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:07:36.0742 0x088c p2psvc - ok
09:07:36.0789 0x088c [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:07:36.0805 0x088c Parport - ok
09:07:36.0852 0x088c [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:07:36.0852 0x088c partmgr - ok
09:07:36.0930 0x088c [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:07:36.0945 0x088c PcaSvc - ok
09:07:37.0039 0x088c [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys
09:07:37.0055 0x088c pci - ok
09:07:37.0164 0x088c [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:07:37.0164 0x088c pciide - ok
09:07:37.0211 0x088c [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:07:37.0227 0x088c pcmcia - ok
09:07:37.0258 0x088c [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:07:37.0273 0x088c pcw - ok
09:07:37.0320 0x088c [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:07:37.0320 0x088c pdc - ok
09:07:37.0414 0x088c [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:07:37.0445 0x088c PEAUTH - ok
09:07:37.0492 0x088c [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:07:37.0492 0x088c percsas2i - ok
09:07:37.0570 0x088c [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:07:37.0570 0x088c percsas3i - ok
09:07:37.0773 0x088c [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:07:37.0789 0x088c PerfHost - ok
09:07:37.0898 0x088c [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
09:07:37.0930 0x088c PhoneSvc - ok
09:07:37.0992 0x088c [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:07:38.0008 0x088c PimIndexMaintenanceSvc - ok
09:07:38.0133 0x088c [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
09:07:38.0164 0x088c pla - ok
09:07:38.0211 0x088c [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:07:38.0227 0x088c PlugPlay - ok
09:07:38.0274 0x088c [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:07:38.0274 0x088c PNRPAutoReg - ok
09:07:38.0320 0x088c [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:07:38.0336 0x088c PNRPsvc - ok
09:07:38.0399 0x088c [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:07:38.0414 0x088c PolicyAgent - ok
09:07:38.0430 0x088c [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
09:07:38.0430 0x088c Power - ok
09:07:38.0461 0x088c [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:07:38.0477 0x088c PptpMiniport - ok
09:07:38.0930 0x088c [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:07:39.0211 0x088c PrintNotify - ok
09:07:39.0289 0x088c [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:07:39.0305 0x088c Processor - ok
09:07:39.0383 0x088c [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:07:39.0399 0x088c ProfSvc - ok
09:07:39.0430 0x088c [ 5FEF8FB7C9F016802EE8FAE0DACF8ED3, CFFEC1DC46D08A9245B4041792C39089282EC58AF964422DD71972CCDF8738AA ] Ps2Led C:\WINDOWS\System32\drivers\Ps2Led.sys
09:07:39.0430 0x088c Ps2Led - ok
09:07:39.0430 0x088c [ 01D7C1F5B62B2FD02320DADE851C15CF, AC6EFDFDD7A9A598EAAE99EF753ABB0246723CA4AE16899A06C561B606CA40BB ] Ps2LedIF C:\WINDOWS\system32\drivers\ps2ledif.sys
09:07:39.0430 0x088c Ps2LedIF - ok
09:07:39.0508 0x088c [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:07:39.0508 0x088c Psched - ok
09:07:39.0570 0x088c [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:07:39.0586 0x088c QWAVE - ok
09:07:39.0633 0x088c [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:07:39.0633 0x088c QWAVEdrv - ok
09:07:39.0649 0x088c [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:07:39.0664 0x088c RasAcd - ok
09:07:39.0727 0x088c [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:07:39.0727 0x088c RasAgileVpn - ok
09:07:39.0789 0x088c [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:07:39.0805 0x088c RasAuto - ok
09:07:39.0836 0x088c [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:07:39.0836 0x088c Rasl2tp - ok
09:07:39.0930 0x088c [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:07:39.0945 0x088c RasMan - ok
09:07:39.0992 0x088c [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:07:40.0008 0x088c RasPppoe - ok
09:07:40.0055 0x088c [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:07:40.0055 0x088c RasSstp - ok
09:07:40.0102 0x088c [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:07:40.0133 0x088c rdbss - ok
09:07:40.0211 0x088c [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:07:40.0211 0x088c rdpbus - ok
09:07:40.0258 0x088c [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:07:40.0258 0x088c RDPDR - ok
09:07:40.0367 0x088c [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:07:40.0367 0x088c RdpVideoMiniport - ok
09:07:40.0414 0x088c [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:07:40.0430 0x088c rdyboost - ok
09:07:40.0492 0x088c [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:07:40.0508 0x088c ReFSv1 - ok
09:07:40.0586 0x088c [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:07:40.0617 0x088c RemoteAccess - ok
09:07:40.0664 0x088c [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:07:40.0680 0x088c RemoteRegistry - ok
09:07:40.0758 0x088c [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:07:40.0789 0x088c RetailDemo - ok
09:07:40.0836 0x088c [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
09:07:40.0836 0x088c RmSvc - ok
09:07:40.0883 0x088c [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:07:40.0883 0x088c RpcEptMapper - ok
09:07:40.0914 0x088c [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
09:07:40.0930 0x088c RpcLocator - ok
09:07:41.0024 0x088c [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:07:41.0039 0x088c RpcSs - ok
09:07:41.0086 0x088c [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:07:41.0086 0x088c rspndr - ok
09:07:41.0180 0x088c [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
09:07:41.0211 0x088c rt640x64 - ok
09:07:41.0289 0x088c [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:07:41.0289 0x088c s3cap - ok
09:07:41.0352 0x088c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
09:07:41.0367 0x088c SamSs - ok
09:07:41.0414 0x088c [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:07:41.0430 0x088c sbp2port - ok
09:07:41.0508 0x088c [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:07:41.0524 0x088c SCardSvr - ok
09:07:41.0586 0x088c [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:07:41.0602 0x088c ScDeviceEnum - ok
09:07:41.0664 0x088c [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:07:41.0664 0x088c scfilter - ok
09:07:41.0789 0x088c [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:07:41.0805 0x088c Schedule - ok
09:07:41.0883 0x088c [ B8B1D49283F33E3FFFDB611E51BCA7E5, C467A60150ED3E59D42CA45E8D0410613CC78D1B99DE011CF1C5D82FC799C27B ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
09:07:41.0883 0x088c scmbus - ok
09:07:41.0946 0x088c [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
09:07:41.0961 0x088c scmdisk0101 - ok
09:07:42.0024 0x088c [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:07:42.0039 0x088c SCPolicySvc - ok
09:07:42.0133 0x088c [ 08ED027CD8A43E3412BDD134A43B13E8, F5E0D7CBF2980F4B74056EC4696234F1A24E7CFE945EEB0B250498B1D934721A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:07:42.0149 0x088c sdbus - ok
09:07:42.0227 0x088c [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:07:42.0242 0x088c SDRSVC - ok
09:07:42.0321 0x088c [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:07:42.0321 0x088c sdstor - ok
09:07:42.0383 0x088c [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
09:07:42.0399 0x088c seclogon - ok
09:07:42.0446 0x088c [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
09:07:42.0461 0x088c SENS - ok
09:07:42.0602 0x088c [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:07:42.0633 0x088c SensorDataService - ok
09:07:42.0696 0x088c [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
09:07:42.0711 0x088c SensorService - ok
09:07:42.0758 0x088c [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:07:42.0758 0x088c SensrSvc - ok
09:07:42.0789 0x088c [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:07:42.0789 0x088c SerCx - ok
09:07:42.0805 0x088c [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:07:42.0821 0x088c SerCx2 - ok
09:07:42.0883 0x088c [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:07:42.0899 0x088c Serenum - ok
09:07:42.0914 0x088c [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:07:42.0930 0x088c Serial - ok
09:07:42.0961 0x088c [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:07:42.0977 0x088c sermouse - ok
09:07:43.0055 0x088c [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:07:43.0071 0x088c SessionEnv - ok
09:07:43.0117 0x088c [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:07:43.0117 0x088c sfloppy - ok
09:07:43.0196 0x088c [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:07:43.0227 0x088c SharedAccess - ok
09:07:43.0305 0x088c [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:07:43.0321 0x088c ShellHWDetection - ok
09:07:43.0383 0x088c [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
09:07:43.0399 0x088c shpamsvc - ok
09:07:43.0461 0x088c [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:07:43.0477 0x088c SiSRaid2 - ok
09:07:43.0493 0x088c [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:07:43.0508 0x088c SiSRaid4 - ok
09:07:43.0555 0x088c [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
09:07:43.0555 0x088c smphost - ok
09:07:43.0633 0x088c [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:07:43.0664 0x088c SmsRouter - ok
09:07:43.0696 0x088c [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:07:43.0696 0x088c SNMPTRAP - ok
09:07:43.0789 0x088c [ A265FF86BF4C03F47EC277881138675D, 52671A64D22EAA790CAE47D6710289ADB5DBF9BC98CD7CCCF64CA43B2F2A641A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:07:43.0821 0x088c spaceport - ok
09:07:43.0867 0x088c [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:07:43.0867 0x088c SpbCx - ok
09:07:43.0977 0x088c [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:07:43.0992 0x088c Spooler - ok
09:07:44.0258 0x088c [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:07:44.0493 0x088c sppsvc - ok
09:07:44.0571 0x088c [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:07:44.0602 0x088c srv2 - ok
09:07:44.0649 0x088c [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:07:44.0664 0x088c srvnet - ok
09:07:44.0711 0x088c [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:07:44.0711 0x088c SSDPSRV - ok
09:07:44.0774 0x088c [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:07:44.0789 0x088c SstpSvc - ok
09:07:44.0993 0x088c [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:07:45.0164 0x088c StateRepository - ok
09:07:45.0227 0x088c [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:07:45.0227 0x088c stexstor - ok
09:07:45.0321 0x088c [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:07:45.0352 0x088c stisvc - ok
09:07:45.0430 0x088c [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:07:45.0430 0x088c storahci - ok
09:07:45.0493 0x088c [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:07:45.0508 0x088c storflt - ok
09:07:45.0586 0x088c [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:07:45.0586 0x088c stornvme - ok
09:07:45.0633 0x088c [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:07:45.0649 0x088c storqosflt - ok
09:07:45.0711 0x088c [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:07:45.0727 0x088c StorSvc - ok
09:07:45.0790 0x088c [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:07:45.0790 0x088c storufs - ok
09:07:45.0836 0x088c [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:07:45.0836 0x088c storvsc - ok
09:07:45.0883 0x088c [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
09:07:45.0883 0x088c svsvc - ok
09:07:45.0977 0x088c [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:07:45.0977 0x088c swenum - ok
09:07:46.0024 0x088c [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
09:07:46.0039 0x088c swprv - ok
09:07:46.0118 0x088c [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:07:46.0118 0x088c Synth3dVsc - ok
09:07:46.0211 0x088c [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
09:07:46.0243 0x088c SysMain - ok
09:07:46.0321 0x088c [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:07:46.0336 0x088c SystemEventsBroker - ok
09:07:46.0383 0x088c [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:07:46.0399 0x088c TabletInputService - ok
09:07:46.0415 0x088c [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:07:46.0430 0x088c TapiSrv - ok
09:07:46.0586 0x088c [ 4ED37041ADB4BD4BEEB1279AFA5808A9, DAD00AB5C67F30A9FF99B1DB7A57ED76ADD55E09DF82EDC4C83EA47013A9D2CE ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:07:46.0633 0x088c Tcpip - ok
09:07:46.0758 0x088c [ 4ED37041ADB4BD4BEEB1279AFA5808A9, DAD00AB5C67F30A9FF99B1DB7A57ED76ADD55E09DF82EDC4C83EA47013A9D2CE ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:07:46.0805 0x088c Tcpip6 - ok
09:07:46.0868 0x088c [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:07:46.0868 0x088c tcpipreg - ok
09:07:46.0899 0x088c [ A7C267671EDDF066E8CFBF897BC4B626, 49F339E52CDE1A3FF0E100F41A70A8B6EB25CD37209A77399CEE223799E3A8A0 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:07:46.0914 0x088c tdx - ok
09:07:46.0977 0x088c [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:07:46.0993 0x088c terminpt - ok
09:07:47.0118 0x088c [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
09:07:47.0149 0x088c TermService - ok
09:07:47.0196 0x088c [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
09:07:47.0196 0x088c Themes - ok
09:07:47.0258 0x088c [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:07:47.0274 0x088c TieringEngineService - ok
09:07:47.0336 0x088c [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:07:47.0352 0x088c tiledatamodelsvc - ok
09:07:47.0383 0x088c [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
09:07:47.0383 0x088c TimeBrokerSvc - ok
09:07:47.0461 0x088c [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
09:07:47.0477 0x088c TPM - ok
09:07:47.0524 0x088c [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:07:47.0540 0x088c TrkWks - ok
09:07:47.0602 0x088c [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:07:47.0602 0x088c TrustedInstaller - ok
09:07:47.0633 0x088c [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
09:07:47.0633 0x088c TsUsbFlt - ok
09:07:47.0680 0x088c [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:07:47.0680 0x088c TsUsbGD - ok
09:07:47.0727 0x088c [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
09:07:47.0727 0x088c tunnel - ok
09:07:47.0790 0x088c [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
09:07:47.0805 0x088c tzautoupdate - ok
09:07:47.0868 0x088c [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:07:47.0883 0x088c UASPStor - ok
09:07:47.0899 0x088c [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:07:47.0915 0x088c UcmCx0101 - ok
09:07:47.0961 0x088c [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
09:07:47.0961 0x088c UcmTcpciCx0101 - ok
09:07:48.0008 0x088c [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:07:48.0024 0x088c UcmUcsi - ok
09:07:48.0071 0x088c [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:07:48.0086 0x088c Ucx01000 - ok
09:07:48.0102 0x088c [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:07:48.0118 0x088c UdeCx - ok
09:07:48.0149 0x088c [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:07:48.0165 0x088c udfs - ok
09:07:48.0211 0x088c [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:07:48.0211 0x088c UEFI - ok
09:07:48.0243 0x088c [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:07:48.0258 0x088c Ufx01000 - ok
09:07:48.0336 0x088c [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:07:48.0336 0x088c UfxChipidea - ok
09:07:48.0383 0x088c [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:07:48.0383 0x088c ufxsynopsys - ok
09:07:48.0446 0x088c [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:07:48.0446 0x088c UI0Detect - ok
09:07:48.0508 0x088c [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:07:48.0524 0x088c umbus - ok
09:07:48.0602 0x088c [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:07:48.0602 0x088c UmPass - ok
09:07:48.0665 0x088c [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:07:48.0680 0x088c UmRdpService - ok
09:07:48.0805 0x088c [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:07:48.0836 0x088c UnistoreSvc - ok
09:07:48.0915 0x088c [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:07:48.0946 0x088c upnphost - ok
09:07:48.0993 0x088c [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:07:48.0993 0x088c UrsChipidea - ok
09:07:49.0040 0x088c [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:07:49.0040 0x088c UrsCx01000 - ok
09:07:49.0133 0x088c [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:07:49.0133 0x088c UrsSynopsys - ok
09:07:49.0196 0x088c [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:07:49.0196 0x088c usbccgp - ok
09:07:49.0290 0x088c [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:07:49.0290 0x088c usbcir - ok
09:07:49.0352 0x088c [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:07:49.0368 0x088c usbehci - ok
09:07:49.0430 0x088c [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:07:49.0461 0x088c usbhub - ok
09:07:49.0493 0x088c [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:07:49.0508 0x088c USBHUB3 - ok
09:07:49.0540 0x088c [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:07:49.0555 0x088c usbohci - ok
09:07:49.0602 0x088c [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:07:49.0602 0x088c usbprint - ok
09:07:49.0696 0x088c [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:07:49.0696 0x088c usbser - ok
09:07:49.0743 0x088c [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:07:49.0758 0x088c USBSTOR - ok
09:07:49.0774 0x088c [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:07:49.0774 0x088c usbuhci - ok
09:07:49.0868 0x088c [ 58827BEFC54D4396D3FD191F5DD31C1D, 0054D6945FDB5B33B35753FF70ED22EF6C518B31AB97D5FCBBD6C60921F64A13 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:07:49.0899 0x088c USBXHCI - ok
09:07:50.0008 0x088c [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:07:50.0055 0x088c UserDataSvc - ok
09:07:50.0149 0x088c [ A1BDC8AF9F66A71744B5DC99CCEF4058, 098EDA0D186098A8D61DEF20B76F05B978FC3A08A068243FC4823423B430E95B ] UserManager C:\WINDOWS\System32\usermgr.dll
09:07:50.0180 0x088c UserManager - ok
09:07:50.0243 0x088c [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:07:50.0274 0x088c UsoSvc - ok
09:07:50.0290 0x088c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:07:50.0290 0x088c VaultSvc - ok
09:07:50.0352 0x088c [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:07:50.0352 0x088c vdrvroot - ok
09:07:50.0446 0x088c [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds C:\WINDOWS\System32\vds.exe
09:07:50.0461 0x088c vds - ok
09:07:50.0493 0x088c [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:07:50.0508 0x088c VerifierExt - ok
09:07:50.0618 0x088c [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:07:50.0633 0x088c vhdmp - ok
09:07:50.0680 0x088c [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:07:50.0680 0x088c vhf - ok
09:07:50.0743 0x088c [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:07:50.0758 0x088c vmbus - ok
09:07:50.0774 0x088c [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:07:50.0790 0x088c VMBusHID - ok
09:07:50.0837 0x088c [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
09:07:50.0837 0x088c vmgid - ok
09:07:50.0915 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
09:07:50.0930 0x088c vmicguestinterface - ok
09:07:50.0930 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
09:07:50.0946 0x088c vmicheartbeat - ok
09:07:50.0962 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
09:07:50.0962 0x088c vmickvpexchange - ok
09:07:51.0008 0x088c [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
09:07:51.0024 0x088c vmicrdv - ok
09:07:51.0055 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
09:07:51.0071 0x088c vmicshutdown - ok
09:07:51.0071 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
09:07:51.0087 0x088c vmictimesync - ok
09:07:51.0102 0x088c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
09:07:51.0102 0x088c vmicvmsession - ok
09:07:51.0118 0x088c [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
09:07:51.0118 0x088c vmicvss - ok
09:07:51.0165 0x088c [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:07:51.0165 0x088c volmgr - ok
09:07:51.0243 0x088c [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:07:51.0258 0x088c volmgrx - ok
09:07:51.0290 0x088c [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:07:51.0321 0x088c volsnap - ok
09:07:51.0368 0x088c [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
09:07:51.0368 0x088c volume - ok
09:07:51.0446 0x088c [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:07:51.0462 0x088c vpci - ok
09:07:51.0524 0x088c [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:07:51.0540 0x088c vsmraid - ok
09:07:51.0649 0x088c [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS C:\WINDOWS\system32\vssvc.exe
09:07:51.0696 0x088c VSS - ok
09:07:51.0758 0x088c [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:07:51.0774 0x088c VSTXRAID - ok
09:07:51.0837 0x088c [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:07:51.0837 0x088c vwifibus - ok
09:07:51.0883 0x088c [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:07:51.0883 0x088c vwififlt - ok
09:07:51.0946 0x088c [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
09:07:51.0946 0x088c vwifimp - ok
09:07:52.0040 0x088c [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
09:07:52.0055 0x088c W32Time - ok
09:07:52.0102 0x088c [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:07:52.0102 0x088c WacomPen - ok
09:07:52.0180 0x088c [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
09:07:52.0196 0x088c WalletService - ok
09:07:52.0212 0x088c [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:07:52.0212 0x088c wanarp - ok
09:07:52.0227 0x088c [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:07:52.0227 0x088c wanarpv6 - ok
09:07:52.0337 0x088c [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine C:\WINDOWS\system32\wbengine.exe
09:07:52.0383 0x088c wbengine - ok
09:07:52.0477 0x088c [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:07:52.0508 0x088c WbioSrvc - ok
09:07:52.0555 0x088c [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
09:07:52.0555 0x088c wcifs - ok
09:07:52.0633 0x088c [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:07:52.0665 0x088c Wcmsvc - ok
09:07:52.0712 0x088c [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:07:52.0727 0x088c wcncsvc - ok
09:07:52.0774 0x088c [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
09:07:52.0774 0x088c wcnfs - ok
09:07:52.0805 0x088c [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:07:52.0805 0x088c WdBoot - ok
09:07:52.0899 0x088c [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:07:52.0915 0x088c Wdf01000 - ok
09:07:52.0977 0x088c [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:07:52.0993 0x088c WdFilter - ok
09:07:53.0040 0x088c [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:07:53.0040 0x088c WdiServiceHost - ok
09:07:53.0055 0x088c [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:07:53.0071 0x088c WdiSystemHost - ok
09:07:53.0149 0x088c [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:07:53.0165 0x088c wdiwifi - ok
09:07:53.0180 0x088c [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:07:53.0196 0x088c WdNisDrv - ok
09:07:53.0243 0x088c WdNisSvc - ok
09:07:53.0305 0x088c [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:07:53.0321 0x088c WebClient - ok
09:07:53.0337 0x088c [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:07:53.0352 0x088c Wecsvc - ok
09:07:53.0399 0x088c [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:07:53.0399 0x088c WEPHOSTSVC - ok
09:07:53.0477 0x088c [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:07:53.0493 0x088c wercplsupport - ok
09:07:53.0540 0x088c [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:07:53.0555 0x088c WerSvc - ok
09:07:53.0602 0x088c [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:07:53.0618 0x088c WFPLWFS - ok
09:07:53.0680 0x088c [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:07:53.0712 0x088c WiaRpc - ok
09:07:53.0774 0x088c [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:07:53.0774 0x088c WIMMount - ok
09:07:53.0790 0x088c WinDefend - ok
09:07:53.0837 0x088c [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:07:53.0837 0x088c WindowsTrustedRT - ok
09:07:53.0899 0x088c [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:07:53.0899 0x088c WindowsTrustedRTProxy - ok
09:07:54.0009 0x088c [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:07:54.0024 0x088c WinHttpAutoProxySvc - ok
09:07:54.0102 0x088c [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:07:54.0102 0x088c WinMad - ok
09:07:54.0227 0x088c [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:07:54.0243 0x088c Winmgmt - ok
09:07:54.0415 0x088c [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:07:54.0493 0x088c WinRM - ok
09:07:54.0555 0x088c [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:07:54.0555 0x088c WINUSB - ok
09:07:54.0587 0x088c [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:07:54.0602 0x088c WinVerbs - ok
09:07:54.0680 0x088c [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc C:\WINDOWS\system32\flightsettings.dll
09:07:54.0712 0x088c wisvc - ok
09:07:54.0852 0x088c [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:07:54.0930 0x088c WlanSvc - ok
09:07:55.0055 0x088c [ EF39F106D7E0A8918E98E4CDAE25F2E2, B6EDF2646C1E3A1684C40DFC475694DF540C2B1B8E4247AE343E1DF34B1CE4F7 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:07:55.0118 0x088c wlidsvc - ok
09:07:55.0196 0x088c [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:07:55.0196 0x088c WmiAcpi - ok
09:07:55.0259 0x088c [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:07:55.0274 0x088c wmiApSrv - ok
09:07:55.0290 0x088c WMPNetworkSvc - ok
09:07:55.0352 0x088c [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:07:55.0368 0x088c Wof - ok
09:07:55.0509 0x088c [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:07:55.0555 0x088c workfolderssvc - ok
09:07:55.0602 0x088c [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:07:55.0602 0x088c WPDBusEnum - ok
09:07:55.0665 0x088c [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:07:55.0665 0x088c WpdUpFltr - ok
09:07:55.0727 0x088c [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
09:07:55.0743 0x088c WpnService - ok
09:07:55.0774 0x088c [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
09:07:55.0774 0x088c WpnUserService - ok
09:07:55.0805 0x088c [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:07:55.0805 0x088c ws2ifsl - ok
09:07:55.0868 0x088c [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:07:55.0884 0x088c wscsvc - ok
09:07:55.0899 0x088c WSearch - ok
09:07:56.0071 0x088c [ B306E46465689426AC31FF472607BE62, D3ACF31CFAD92F6D2D811CEB3B0F28C06A453CFDCBDD3BE94B58207794C196EC ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:07:56.0134 0x088c wuauserv - ok
09:07:56.0181 0x088c [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:07:56.0196 0x088c WudfPf - ok
09:07:56.0212 0x088c [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
09:07:56.0227 0x088c WUDFRd - ok
09:07:56.0259 0x088c [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:07:56.0274 0x088c wudfsvc - ok
09:07:56.0290 0x088c [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:07:56.0305 0x088c WUDFWpdFs - ok
09:07:56.0415 0x088c [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:07:56.0446 0x088c WwanSvc - ok
09:07:56.0540 0x088c [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:07:56.0571 0x088c XblAuthManager - ok
09:07:56.0727 0x088c [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:07:56.0759 0x088c XblGameSave - ok
09:07:56.0852 0x088c [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:07:56.0852 0x088c xboxgip - ok
09:07:56.0962 0x088c [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:07:56.0993 0x088c XboxNetApiSvc - ok
09:07:57.0056 0x088c [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:07:57.0056 0x088c xinputhid - ok
09:07:57.0071 0x088c ================ Scan global ===============================
09:07:57.0134 0x088c [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
09:07:57.0196 0x088c [ 0FA65256069B1B65581144F206027DE5, 0E5011A3F63737650E68B30FA652FFE01A6F6D044D5A1F7900BA287D9215BBF9 ] C:\WINDOWS\system32\winsrv.dll
09:07:57.0243 0x088c [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
09:07:57.0321 0x088c [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\WINDOWS\system32\services.exe
09:07:57.0352 0x088c [ Global ] - ok
09:07:57.0352 0x088c ================ Scan MBR ==================================
09:07:57.0368 0x088c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:07:58.0603 0x088c \Device\Harddisk0\DR0 - ok
09:07:58.0603 0x088c ================ Scan VBR ==================================
09:07:58.0634 0x088c [ C1E9063683EDCA8900F07A2FFE2339AD ] \Device\Harddisk0\DR0\Partition1
09:07:58.0634 0x088c \Device\Harddisk0\DR0\Partition1 - ok
09:07:58.0665 0x088c [ DA85556A1712DE03D41D9316F65B719A ] \Device\Harddisk0\DR0\Partition2
09:07:58.0665 0x088c \Device\Harddisk0\DR0\Partition2 - ok
09:07:58.0665 0x088c ================ Scan generic autorun ======================
09:07:58.0743 0x088c [ 3AFD239AA63B26435ECFD740E08EDD75, BECD390C2CA53E9E9377F355D28B94DDD5C8A7C724A026C30293F7AE413E1274 ] C:\Program Files\Apoint2K\Apoint.exe
09:07:58.0759 0x088c Apoint - ok
09:07:58.0806 0x088c [ DC1765A3AF5A2D77BDB5FAED643B0C52, 98AA7FF612483C7008C90476E63A96F084567564E4479C4EA18AA2EF576EAAB5 ] C:\Program Files\necmfk\necmfk.exe
09:07:58.0806 0x088c NECMFK - ok
09:07:59.0337 0x088c [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:07:59.0821 0x088c RTHDVCPL - ok
09:07:59.0899 0x088c [ 6A59AE2735639095CD93E58B0893914C, A1BFC257313185BD4BE63275C1B58877151C31DE3173EADE685199E9D28A23D9 ] C:\WINDOWS\system32\igfxtray.exe
09:07:59.0915 0x088c IgfxTray - ok
09:07:59.0946 0x088c [ 4341A0AE66759EDC080D92DAA0D9B341, A17D7A56627ECBE7D23E634A9E726BA2E3682A7EB75659AE68A426FF2954C717 ] C:\WINDOWS\system32\hkcmd.exe
09:07:59.0962 0x088c HotKeysCmds - ok
09:07:59.0993 0x088c [ 5451A9DA41DA19CDD467616492D4096F, 54CBA128702FFF112AE8BA4B187D00CC3ABAB68D3EB1B915193E50523D4DA73F ] C:\WINDOWS\system32\igfxpers.exe
09:07:59.0993 0x088c Persistence - ok
09:08:00.0134 0x088c [ 18B2E84749FF20D98B7F5FCD9D944270, 734A37E0A0E8A5E3D2ADB1779D77636F020DB1733D228DD7B9034B18C567C5A1 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
09:08:00.0149 0x088c COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - ok
09:08:00.0353 0x088c [ CFC556077ECC19A5C53970A262B13ACF, 30DB0F17C18E19829BD07C0A532B27BE589FEFFAF6BA740FCE415B28EB124839 ] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
09:08:00.0478 0x088c IseUI - ok
09:08:01.0009 0x088c [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:08:02.0087 0x088c OneDriveSetup - ok
09:08:02.0478 0x088c [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:08:02.0650 0x088c OneDriveSetup - ok
09:08:03.0103 0x088c [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:08:03.0290 0x088c OneDriveSetup - ok
09:08:03.0509 0x088c [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:08:03.0540 0x088c OneDrive - ok
09:08:03.0556 0x088c Waiting for KSN requests completion. In queue: 216
09:08:04.0931 0x088c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
09:08:04.0931 0x088c AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6254 ), 0x61000 ( enabled : updated )
09:08:04.0931 0x088c FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6254 ), 0x61010 ( enabled )
09:08:05.0243 0x088c ============================================================
09:08:05.0243 0x088c Scan finished
09:08:05.0243 0x088c ============================================================
09:08:05.0259 0x1da8 Detected object count: 0
09:08:05.0259 0x1da8 Actual detected object count: 0
09:08:40.0354 0x1784 Deinitialize success

ログ確認しました。
パーティションやMBRにも特に不審な点はないようですね。

>ところで、月曜日にDドライブをフォーマットしました。

そうでしたか。

Dドライブも空にするのが手っ取り早いと思っていましたが、改めてログを見ていたら、HijackThisの実行パスが
>D:\ユーザー名\Desktop\HijackThis.exe
となっていたので、何かしらのバックアップデータ等があると思い、フォーマットは最後の手段かなと思っていました。

TDSSKillerは念のために実施して頂いた繋ぎのツールで、この後やって頂こうと考えていたものが本番だったのですが、
Dドライブをフォーマットされたとの事なので、症状が再発しなければ不要でしょう。

導入したツールだけ片付けておきます。

・TDSSKiller
ポータブルアプリの為、ダウンロードしたtdsskiller.exeファイルを直接削除してください。

とりあえず私からは以上です。

長期戦の疲れがたまり、最後の手段「Dドライブフォーマット」を選択しました。
バックアップファイルを慎重に戻しつつ、しばらく様子をみます。
ありがとうございます。

今回は大変遅くなってごめんなさい。
今日はやっと来れました。

昨日自分がレスできなかったのは当方のネット回線障害で、メールも含めてネットにアクセスできなかったためです。
今日もついさっきまで回線が切れてました。

うちの家の電話回線は伝送損失が高いため、どのプロバイダ契約しても毎日頻繁に接続が切れるうえ一度切れると１日か２日まったくつながらないこともあり、これが起きると自分のほうでは何をやっても復旧できないのです。
ネット契約が予算の事情で光にできずいまだにADSLなのもあり、自分は何も悪いことしてないのに閉門蟄居に追い込まれる事態が年中行事です（←悪いことしてない悪代官って何者だよ

サインさん、フォローありがとうございます。
TDSSのログも見せてもらいましたがサインさんも仰る通りこちらでは異常に絡むようなモノは見えないようです。

Dドライブのフォーマットして様子見されるとのことなので、その後の状態も確認できたらまた続きのレスをお願いします。

悪代官様、レスありがとうございます。

Dドライブフォーマット後、Officeをインストール、バックアップファイルも一部を除き戻し入れました。
さて、しばらくEdgeでウェブ閲覧していましたところ活発にリダイレクト発生。フィルタリング&Cookie削除でしのいでいます。

作業と報告、ご苦労様です。

>しばらくEdgeでウェブ閲覧していましたところ活発にリダイレクト発生。フィルタリング&Cookie削除でしのいでいます

はい、まだその異常は出てますか。

その後はネットバンキング等も使っておらず、以前のパスワード類も全部変更しましたか？
その対処も済んでいるなら仕切り直しての解析対処にかかりましょう。
先にやってもらった作業も再試行してもらうことになるでしょうが、原因の切り分けも含めて見直しましょう。

まずはまたHJTログと、CCでインストール情報ログと各タブのログを取り直してそれをレスください。

それと、リダイレクトが起きるのはChromeで同期中だけで、他のブラウザでは出ませんか？
もしそうならやはりChromeのアカウントが鍵になりそうです

こんばんは。パスワードは変更済みです。
Chromeはまだインストールしていません。

ログは別途貼り付けます。

ところで、Windows 10 初期化の場合、以前のシステムファイルが温存されているということでしょうか。
最終手段はWindows 10クリーンインストールまたはリカバリディスクからの再セットアップ（Windows 7）と考えています。

実は購入時に作成したリカバリディスクが見つかりませんでした。
メーカー曰く、Windows 10へのアップグレード後にリカバリディスクは作成できないとのことでしたが、
専用のツールでリカバリディスクらしきものが焼けました。
ただし使用したディスクは日本で販売されているような品質ではありません。
Windows 10初期化後はHD内のリカバリ領域は空になっています。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:04:54, on 2017/07/13
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)


Boot mode: Normal

Running processes:
C:\Program Files\Apoint2K\ApImeWrapper.exe
C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
D:\ユーザー名\デスクトップ\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{58a9daa1-d04a-48d3-b468-3d1d135d5bb4}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5e3312e6-8485-4880-be15-1b805f5fc8ee}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EaseUS Agentサービス (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 4984 bytes

3D Builder Microsoft Corporation 2017/07/09 14.1.1302.0
CCleaner Piriform 2017/07/12 20.4 MB 5.32
COMODO Internet Security Premium COMODO Security Solutions Inc. 2017/07/08 220 MB 10.0.1.6258
EaseUS Todo Backup Free 10.5 CHENGDU YIWO Tech Development Co., Ltd 2017/07/10 0.98 GB 10.5
Groove ミュージック Microsoft Corporation 2017/07/09 10.17042.14111.0
Internet Security Essentials Comodo 2017/07/09 7.47 MB 1.2.422025.92
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2017/07/09 13.3 MB 1.75.0.1300
Microsoft Office File Validation Add-In Microsoft Corporation 2017/07/12 21.4 MB 14.0.5130.5003
Microsoft Office Personal 2007 Microsoft Corporation 2017/07/12 15.1 MB 12.0.6612.1000
Microsoft OneDrive Microsoft Corporation 2017/07/09 102 MB 17.3.6917.0607
Microsoft Solitaire Collection Microsoft Studios 2017/07/09 3.16.6200.0
Microsoft Sticky Notes Microsoft Corporation 2017/07/09 1.8.0.0
NX PAD Driver Alps 2017/07/08 24.2 MB 8.100.909.312
OneNote Microsoft Corporation 2017/07/09 17.8269.57841.0
People Microsoft Corporation 2017/07/09 10.2.1451.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2017/07/08 40.7 MB 6.0.1.7535
Roxio Creator LJ Roxio 2017/07/11 2.56 MB 10.3
Save to Pocket Read It Later, Inc 2017/07/12 2.0.38.0
Twitter Twitter Inc. 2017/07/11 5.8.1.0
Windows 10 Update and Privacy Settings Microsoft Corporation 2017/07/08 2.10 MB 1.0.14.0
Xbox Microsoft Corporation 2017/07/09 29.30.2001.0
Xbox Identity Provider Microsoft Corporation 2017/07/11 11.29.23003.0
アプリ インストーラー Microsoft Corporation 2017/07/09 1.0.10332.0
アラーム & クロック Microsoft Corporation 2017/07/09 10.1705.1303.0
カメラ Microsoft Corporation 2017/07/09 2017.308.50.0
ストア Microsoft Corporation 2017/07/09 11705.1001.21.0
ストア購入アプリ Microsoft Corporation 2017/07/09 11705.1706.15001.0
ニュース Microsoft Corporation 2017/07/11 4.21.1434.0
ヒント Microsoft Corporation 2017/07/09 5.10.1441.0
フォト Microsoft Corporation 2017/07/12 2017.18062.13720.0
ボイス レコーダー Microsoft Corporation 2017/07/09 10.1705.1302.0
マップ Microsoft Corporation 2017/07/09 5.1705.1391.0
メッセージング Microsoft Corporation 2017/07/08 3.19.1001.0
メール/カレンダー Microsoft Corporation 2017/07/12 17.8241.41225.0
天気 Microsoft Corporation 2017/07/09 4.20.1102.0
映画 & テレビ Microsoft Corporation 2017/07/09 10.17054.14711.0
電卓 Microsoft Corporation 2017/07/09 10.1705.1301.0

スタートアップ
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\ユーザー名\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Apoint2K\Apoint.exe
有効 HKLM:Run COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} COMODO C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\WINDOWS\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\WINDOWS\system32\igfxtray.exe
有効 HKLM:Run IseUI COMODO C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
有効 HKLM:Run NECMFK NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Persistence Intel Corporation C:\WINDOWS\system32\igfxpers.exe
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

コンテキストメニュー
有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Directory SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Drive Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 Drive RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 Drive SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 File Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 File SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Folder Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll

IEプラグイン
有効 Extension Research Microsoft Corporation C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

早速の作業と報告、ご苦労様です。
現在の各ログも見せてもらいました。

>Chromeはまだインストールしていません

はい、こちらは了解しました。

>ところで、Windows 10 初期化の場合、以前のシステムファイルが温存されているということでしょうか。
>最終手段はWindows 10クリーンインストールまたはリカバリディスクからの再セットアップ（Windows 7）と考えています。

以前のOSからWin10への無料アップグレード時にも直後にトラブル噴出して大問題になりましたが、事前にバックアップ準備して正しい手順で操作すればアップグレード後でも旧OSに戻すことができました。
つまり以前のユーザーデータは保存できるわけなので、同時に曲者プログラムも隠れて残ることもあります。

>メーカー曰く、Windows 10へのアップグレード後にリカバリディスクは作成できないとのことでしたが、
>専用のツールでリカバリディスクらしきものが焼けました。

それでもディスクを準備できているなら最悪の事態に備えることは可能です。

さて、それでは確認がてら作業をお願いします。

まずCCを起動して「スケジュール」タブ内の下記をともに「無効」にしておいてください。
>有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
>有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

間違って「エントリの削除」しないように注意です。

CCを終了したら次に以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです。

このOTLはHJTやCC以上に高い解析力を持つツールです。
これで何が見つかるかどうかが判断の分かれ目になりそうです

家族所有のChromebookでリダイレクトが再発しました。

こんばんは。
作業と報告、ご苦労様です。

本日またうちの回線がほとんどつながらずネット上に出てこれない状態でした。
今少しだけ超低速ながらつながったので取り急ぎレスします。

OTLスキャンログを見せてもらいました。

>家族所有のChromebookでリダイレクトが再発しました

またひとつ確認させてください。
該当PCのネット接続に無線LANをお使いですか？
お使いならルーターのメーカーと型番を時間レスで教えてください。
ルーターのファームウェアを改ざんする形でリダイレクトを起こす攻撃も現れているのです。
http://elmpty.sumomo.ne.jp/essay1009.html

そして可能なら、ルーターを使わず直接PCにモデム接続で、リダイレクトが起きるかどうかも見てもらえますか。

ではOTL解析で見えた物を掃除しましょう。
とは言ってもこの処置で異常が改善する望みは薄いですが、ゴミ掃除だけでもしておきましょう。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-1349322033-3545516471-3174312935-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-1349322033-3545516471-3174312935-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-1349322033-3545516471-3174312935-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 DC B6 C6 3C FA D2 01 [binary data]
IE - HKU\S-1-5-21-1349322033-3545516471-3174312935-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 41 80 9B CA 3C FA D2 01 [binary data]
IE - HKU\S-1-5-21-1349322033-3545516471-3174312935-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.

:Files

:reg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

接続困難な中ありがとうございます。
OTLの処理から半日後にリダイレクト発生しました。以前のように頻発はしませんが。

ルーターは Interbras 社の IWR 3000Nです。
モデムがないためルーターを介さないとなると外から引いてきたケーブル直挿しという形になり、確認していません。

リカバリディスクで再セットアップ試みます。

作業と報告、ご苦労様です。

>ルーターは Interbras 社の IWR 3000Nです。
>モデムがないためルーターを介さないとなると外から引いてきたケーブル直挿しという形になり、確認していません。

>リカバリディスクで再セットアップ試みます。

はい、ではそのリカバリが済んだらまた状態確認後にレスください。
OTL処置はできたようですが、処置後も異常が出ていたようなのでそれは置いときましょう。
一応次回レス時にOTLの処置後ログを保存していたらその内容もレスで見せてもらえますか

ご無沙汰しております。
HDD消去及びリカバリディスクからWindows 7インストールはうまく行きました。
が、再び同じ道にハマり再再(？)セットアップ中です。
(全てのパーティションを感染前に巻き戻しても治りませんでした。)

ブラウザで "olx.com*"を開くと感染するように見えました。
海外版ヤフオク、メルカリのようなサイトで、以前は問題なく利用していたのですが。
このサイトはうっかり訪問しないようにブロックするとして、
他の危険な広告等が配置された未知のサイトからどう身を守れば良いでしょうか。
Flashやjavaを無効にして防げるものなのでしょうか。

リカバリ作業を始めてから気づいたのですが、ルーターのDNSが書き換えられていました。
ルーターの設定画面にも入れず。工場出荷状態に戻して再設定しました。
リダイレクト発生以降、OPENDNSやCOMODOのセキュアDNSを利用していたのですが、
実は昨日インターネット接続の問題(ウイルスと別の理由で)を解消するために
来てくれたプロバイダーのスタッフがDNSを初期設定にして帰ったのです。
うっかり変更するのを忘れていました。

数年前のトレンドマイクロリポートによると、ここはDNSチェンジャー被害が最も多い地域のようで…。
とにかくセキュリティにしろ著作権にしろ、
一般人の意識が日本国内のものとはかけ離れていて気が遠くなります。
そもそも強盗だらけで抵抗するとあっさり撃たれて命を落とすようなところなので
それがどうしたの？という程度かもしれません。

レスが遅くなってすみません。

>リカバリ作業を始めてから気づいたのですが、ルーターのDNSが書き換えられていました。
>ルーターの設定画面にも入れず。工場出荷状態に戻して再設定しました。

はい、先にもリンクを貼ったIVNOさん既述のページで説明されていた攻撃にやられてましたか。
http://pcmainbuilding.blog.fc2.com/blog-entry-5.html

海外と言うこともあってか、ルーター乗っ取りも日本国内より被害に遭う確率が高いわけですか。

現在は再設定できて、異常も出てませんか？
出てなければいいのですが、設定修復前にPCにまた感染受けていたらそれも対処が必要なので、お手数ですがまたHJTログとCCでインストール情報と各タブのログを取り直してそれを見せてください。
また、ACとMBAMでのスキャンと処置も行って、そのログも見せてください

リダイレクトがiOSで発生した時にこの国の言語で色々と検索しまして、
ルーター乗っ取りと推定したのは当たりでした。
動転して確認もせずにルーターを初期化してしまいましたが。

PCから大元を取り除く方法がHDD消去しかないというのはこの先なんとも心細いです。
ブラウザでページを開いただけで感染するとは、恐ろしい世の中になったものです。
この20年、ウイルスなど自分には無縁と思っていました。

さて、現在MBAMでスキャンしております。終わりましたら全ログを添付します。

実はACでブラウザスタートページ設定(例によってブラウザは自動的にリセットされていました)が見つかり、
HJTでも最初の作業で消したものと類似のBTOが引っかかりまして、
勝手に前回同様の処置をしてしまいました。

再び悪夢のループに陥ったかと悪寒が走りましたが、今の所再発なしです。

トラウマが酷く、アプリがブラウザを開く度に心臓が早打ち、
時折ランサムウェアに感染する悪夢にうなされて目が覚めます。

下記は2年前のトレンドマイクロのリポートで、某国がダントツ！
http://blog.trendmicro.co.jp/archives/11564

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:51:38, on 2017/07/20
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)


Boot mode: Normal

Running processes:
C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE
C:\Program Files\DispSw\DispSw.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Apoint2K\ApImeWrapper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
D:\ユーザー名\デスクトップ\HijackThis.exe
C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECEE351D-DBAE-4E88-A338-E85D5172FCE4}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: EaseUS Agentサービス (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NT Meter - NEC Corporation, NEC Personal Products, Ltd. - C:\Windows\SYSWOW64\NTMETER.exe
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

--
End of file - 7111 bytes



# AdwCleaner v6.047 - ログファイルの作成日 20/07/2017 作成時間 12:36:57
# Malwarebytesによる 19/05/2017 の更新日
# データベース : 2017-07-13.1 [サーバー]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (X64)
# ユーザー名 : KY - NOTEBOOK
# 実行場所 : D:\ユーザー名\デスクトップ\AdwCleaner.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support



***** [ サービス ] *****



***** [ フォルダ ] *****



***** [ ファイル ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ ショートカット ] *****



***** [ スケジュール済みタスク ] *****



***** [ レジストリ ] *****



***** [ ブラウザ ] *****

[-] [C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default] [startup_urls] 削除済み：hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyE0D0B0B0AyCtBtByC0D0DtN0D0Tzu0CtAtByDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1275656494
[-] [C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default] [startup_urls] 削除済み：hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EBR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBR&apn_dbr=cr_35.0.1916.153&apn_uid=2525CE32-83F4-4F54-AD07-D60145C3CC8A&itbv=12.15.1.20&doi=2014-07-17&psv=&pt=tb


*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1543 バイト] - [20/07/2017 12:36:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [2238 バイト] - [20/07/2017 12:34:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1697 バイト] ##########

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:30:12, on 2017/07/20
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)


Boot mode: Normal

Running processes:
C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE
C:\Program Files\DispSw\DispSw.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Apoint2K\ApImeWrapper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
D:\ユーザー名\デスクトップ\HijackThis.exe
C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECEE351D-DBAE-4E88-A338-E85D5172FCE4}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: EaseUS Agentサービス (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NT Meter - NEC Corporation, NEC Personal Products, Ltd. - C:\Windows\SYSWOW64\NTMETER.exe
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

--
End of file - 7037 bytes

[CCインストール]
Apple Application Support（32 ビット） Apple Inc. 2017/07/20 128 MB 5.6
Apple Application Support（64 ビット） Apple Inc. 2017/07/20 143 MB 5.6
Apple Mobile Device Support Apple Inc. 2017/07/20 27.4 MB 10.3.2.3
Apple Software Update Apple Inc. 2017/07/20 2.70 MB 2.3.0.177
Backup and Sync from Google Google, Inc. 2017/07/20 38.3 MB 3.35.5978.2967
Bonjour Apple Inc. 2017/07/20 2.01 MB 3.1.0.1
Brave Brave Software 2017/07/20 108 MB 0.17.16
CCleaner Piriform 2017/07/19 5.32
Comodo Dragon Comodo 2017/07/19 70.6 MB 57.0.2987.93
COMODO Internet Security Premium COMODO Security Solutions Inc. 2017/07/20 10.0.1.6258
EaseUS Todo Backup Free 10.5 CHENGDU YIWO Tech Development Co., Ltd 2017/07/19 501 MB 10.5
Google Photos Backup Google, Inc. 2017/07/20 7.51 MB 1.1.2.13
iCloud Apple Inc. 2017/07/20 137 MB 6.2.3.17
Intel(R) Graphics Media Accelerator Driver Intel Corporation 2017/07/19 8.15.10.2202
Internet Security Essentials Comodo 2017/07/19 1.2.422025.92
iTunes Apple Inc. 2017/07/20 429 MB 12.6.2.20
Lhaplus 2017/07/19
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2017/07/20 19.2 MB 1.75.0.1300
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2017/07/20 38.8 MB 4.5.51209
Microsoft Office File Validation Add-In Microsoft Corporation 2017/07/20 10.7 MB 14.0.5130.5003
Microsoft Office Personal 2007 Microsoft Corporation 2017/07/19 12.0.6612.1000
Microsoft OneDrive Microsoft Corporation 2017/07/20 102 MB 17.3.6917.0607
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2017/07/19 300 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2010/01/06 620 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2010/01/06 792 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2017/07/19 242 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2010/01/06 788 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2017/07/19 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2010/01/06 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2010/01/06 596 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2017/07/19 600 KB 9.0.30729.6161
MSXML 4.0 SP3 Parser Microsoft Corporation 2010/01/06 1.42 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 2017/07/20 1.48 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 2010/03/04 1.47 MB 4.30.2107.0
NX PAD Driver NEC 2017/07/19 7.105.909.707
O2Micro Flash Memory Card Windows Driver O2Micro International LTD. 2017/07/19 2.0.31
PDF-XChange Editor Tracker Software Products (Canada) Ltd. 2017/07/19 332 MB 6.0.322.5
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2010/03/04 6.0.1.6024
Roxio Creator LJ Roxio 2017/07/19 118 MB 10.3
SetPoint 6.1 2017/07/19 39.0 MB 6.10.65
Spotify Spotify AB 2017/07/20 1.0.58.573.g57c9cd87

[CC Windows スタートアップ]
有効 HKCU:Run AppleIEDAV Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
有効 HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
有効 HKCU:Run Google Update Google Inc. C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
有効 HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
有効 HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
有効 HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
無効 HKCU:Run Spotify Web Helper Spotify Ltd C:\Users\KY\AppData\Roaming\Spotify\Spotify.exe --autostart
有効 HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Apoint2K\Apoint.exe
有効 HKLM:Run COMODO Internet Security COMODO C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
有効 HKLM:Run DispSw NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\DispSw\DispSw.exe
有効 HKLM:Run EvtMgr6 Logicool, Inc. C:\Program Files\SetPointP\SetPoint.exe /launchGaming
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IME JPN 2007 Migration Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
有効 HKLM:Run IseUI COMODO C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
無効 HKLM:Run SoftNavi NEC Corporation / NEC Personal Products, Ltd. "C:\Program Files (x86)\Softnavi\ImgLnch.exe" /RESIDENT

[タスクスケジュール]
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-238233554-254357902-350102063-1000Core Google Inc. C:\Users\KY\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-238233554-254357902-350102063-1000UA Google Inc. C:\Users\KY\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

[コンテキストメニュー]
有効 Directory GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 Directory SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Drive Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Drive RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 Drive SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 File Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 File GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File PDFXChange Editor Context menu Tracker Software Products (Canada) Ltd. C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
有効 File SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Folder Comodo Antivirus COMODO C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder RXDCExtSvr Sonic Solutions C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll

[Chrome プラグイン]
無効 App Evernote Web 1.0.8 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.8_0
無効 App OneNote Online 2.0 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo\2.0_0
無効 App Spotify - Music for every moment 0.2.4 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.4_0
無効 Extension Backspace to go Back 1.1.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc\1.1.1_0
無効 Extension Checker Plus for Gmail™ 20.1.4 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\20.1.4_0
有効 Extension Comodo Drag&Drop Service 2.4.2 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\2.4.2_0
有効 Extension Comodo Media Downloader 1.5.6 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo\1.5.6_0
有効 Extension Comodo Share Page Service 0.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0
有効 Extension Comodo Web Inspector 0.3 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0
無効 Extension EditThisCookie 1.4.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.4.1_0
無効 Extension Evernote Web Clipper 6.12.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12.1_0
無効 Extension Google Keep - メモとリスト 3.1.17284.467 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.17284.467_0
無効 Extension Google Play Music 1.372.0 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.372.0_0
無効 Extension Google ドライブに保存 2.1.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0
無効 Extension Google ハングアウト 2017.420.419.1 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2017.420.419.1_0
無効 Extension iCloud ブックマーク 1.4.20 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.20_0
無効 Extension Pinterest 保存ボタン 2.0.8 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\2.0.8_0
有効 Extension Save to Pocket 2.1.42 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\2.1.42_0
無効 Extension Weblioポップアップ英和辞典 6.0.3 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oingodpdjohhkelnginmkagmkbplgema\6.0.3_0
無効 Extension 文字数カウンタ 1.2 最初のユーザー C:\Users\KY\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inhhfghhfjpmhleoidodhcgeecicfbep\1.2_0

ACログ

# AdwCleaner 7.0.0.0 - Logfile created on Thu Jul 20 19:33:25 2017
# Updated on 2017/17/07 by Malwarebytes
# Database: 07-19-2017.5
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1780 B] - [2017/7/20 15:36:57]
C:/AdwCleaner/AdwCleaner[S0].txt - [2238 B] - [2017/7/20 15:34:55]
C:/AdwCleaner/AdwCleaner[S1].txt - [1088 B] - [2017/7/20 16:3:4]
C:/AdwCleaner/AdwCleaner[S2].txt - [1154 B] - [2017/7/20 17:36:15]
C:/AdwCleaner/AdwCleaner[S3].txt - [1222 B] - [2017/7/20 18:36:24]


########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########

作業と報告、ご苦労様です。
ルーター乗っ取り事例は過去に見てもいたはずですが、かにさんの場合は海外在住と言うこともあってその危険性が日本よりも高くなるのを失念していました。
もっと早くにそちらにも目を向けていれば無駄な手間をかけずに済んだのに、申し訳ありません。

現在の各ログを見せてもらいました。
MBAMは検出ありませんがACでfunmoodsやaskの検出ありましたね。
それは隔離していればいいとして、今のところは再発ないとのことですね。

ですがルーターまでやられたことも考慮して、まだ気を抜ける段階でもありません。
引き続き解析しましょうか。

先にも使ったOTLで再度スキャンしてもらえますか。
http://oldtimer.geekstogo.com/OTL.exe

前回と同じ手順でスキャンしてから、そのログをレスで見せてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

OTL logfile created on: 2017/07/21 10:48:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\ユーザー名\デスクトップ
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18738)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.80 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 61.40% Memory free
7.60 Gb Paging File | 5.96 Gb Available in Paging File | 78.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.26 Gb Total Space | 141.83 Gb Free Space | 76.14% Space Free | Partition Type: NTFS
Drive D: | 277.63 Gb Total Space | 175.03 Gb Free Space | 63.04% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: KY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017/07/21 08:56:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\ユーザー名\デスクトップ\OTL.exe
PRC - [2017/07/20 02:19:13 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017/07/19 06:14:02 | 000,065,536 | ---- | M] () -- C:\Program Files\Apoint2K\ApImeWrapper.exe
PRC - [2017/07/14 12:08:30 | 000,067,384 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2017/07/14 12:08:14 | 000,110,392 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
PRC - [2017/07/13 20:51:18 | 001,332,024 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
PRC - [2017/07/13 20:51:18 | 000,067,896 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2017/07/05 04:30:09 | 003,632,848 | ---- | M] (COMODO) -- C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
PRC - [2017/07/05 04:30:09 | 000,133,840 | ---- | M] (COMODO) -- C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
PRC - [2017/06/21 21:13:56 | 026,773,912 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2017/06/19 03:07:46 | 000,259,776 | ---- | M] () -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
PRC - [2017/06/19 03:07:20 | 000,040,128 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2017/04/28 08:50:34 | 002,273,432 | ---- | M] (Comodo) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2017/02/16 05:37:28 | 001,092,920 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
PRC - [2009/09/30 08:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 08:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/06/11 23:21:19 | 000,106,936 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) -- C:\Windows\SysWOW64\NTMETER.exe
PRC - [2009/02/27 02:21:58 | 000,054,592 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) -- C:\Program Files\DispSw\DispSw.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017/07/21 08:30:58 | 001,176,576 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._core_.pyd
MOD - [2017/07/21 08:30:58 | 001,067,008 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._controls_.pyd
MOD - [2017/07/21 08:30:58 | 000,816,128 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._windows_.pyd
MOD - [2017/07/21 08:30:58 | 000,806,400 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._gdi_.pyd
MOD - [2017/07/21 08:30:58 | 000,736,256 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pysqlite2._sqlite.pyd
MOD - [2017/07/21 08:30:58 | 000,733,184 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._misc_.pyd
MOD - [2017/07/21 08:30:58 | 000,686,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\unicodedata.pyd
MOD - [2017/07/21 08:30:58 | 000,524,248 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows._lib_cacheinvalidation.pyd
MOD - [2017/07/21 08:30:58 | 000,364,544 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pythoncom27.dll
MOD - [2017/07/21 08:30:58 | 000,320,512 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32com.shell.shell.pyd
MOD - [2017/07/21 08:30:58 | 000,167,936 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32gui.pyd
MOD - [2017/07/21 08:30:58 | 000,127,488 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pyexpat.pyd
MOD - [2017/07/21 08:30:58 | 000,119,808 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32file.pyd
MOD - [2017/07/21 08:30:58 | 000,108,544 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32security.pyd
MOD - [2017/07/21 08:30:58 | 000,098,816 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32api.pyd
MOD - [2017/07/21 08:30:58 | 000,082,432 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\usb_ext.pyd
MOD - [2017/07/21 08:30:58 | 000,078,848 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._animate.pyd
MOD - [2017/07/21 08:30:58 | 000,077,312 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._html2.pyd
MOD - [2017/07/21 08:30:58 | 000,070,656 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.volumes.pyd
MOD - [2017/07/21 08:30:58 | 000,055,808 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.device_monitor.pyd
MOD - [2017/07/21 08:30:58 | 000,038,912 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32inet.pyd
MOD - [2017/07/21 08:30:58 | 000,035,840 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32process.pyd
MOD - [2017/07/21 08:30:58 | 000,025,600 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32pdh.pyd
MOD - [2017/07/21 08:30:58 | 000,024,064 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32pipe.pyd
MOD - [2017/07/21 08:30:58 | 000,022,528 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32ts.pyd
MOD - [2017/07/21 08:30:58 | 000,018,432 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32event.pyd
MOD - [2017/07/21 08:30:58 | 000,017,920 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\thumbnails_ext.pyd
MOD - [2017/07/21 08:30:58 | 000,017,408 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32profile.pyd
MOD - [2017/07/21 08:30:58 | 000,016,384 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.winwrap.pyd
MOD - [2017/07/21 08:30:58 | 000,011,264 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32crypt.pyd
MOD - [2017/07/21 08:30:58 | 000,010,240 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\select.pyd
MOD - [2017/07/21 08:30:57 | 001,307,648 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_ssl.pyd
MOD - [2017/07/21 08:30:57 | 000,917,504 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_hashlib.pyd
MOD - [2017/07/21 08:30:57 | 000,218,624 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\PIL._imaging.pyd
MOD - [2017/07/21 08:30:57 | 000,129,536 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_elementtree.pyd
MOD - [2017/07/21 08:30:57 | 000,110,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pywintypes27.dll
MOD - [2017/07/21 08:30:57 | 000,088,064 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_ctypes.pyd
MOD - [2017/07/21 08:30:57 | 000,046,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_socket.pyd
MOD - [2017/07/21 08:30:57 | 000,036,864 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_psutil_windows.pyd
MOD - [2017/07/21 08:30:57 | 000,027,648 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_multiprocessing.pyd
MOD - [2017/07/21 08:30:57 | 000,020,480 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_yappi.pyd
MOD - [2017/07/21 08:30:57 | 000,012,800 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\common.time34.pyd
MOD - [2017/07/21 08:30:57 | 000,007,168 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\hashobjs_ext.pyd
MOD - [2017/07/19 06:14:02 | 000,065,536 | ---- | M] () -- C:\Program Files\Apoint2K\ApImeWrapper.exe
MOD - [2017/07/19 06:14:02 | 000,013,824 | ---- | M] () -- C:\Program Files\Apoint2K\ApIMEdll.dll
MOD - [2017/07/13 20:51:24 | 001,041,720 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2017/07/13 20:50:58 | 000,189,752 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2017/05/09 00:45:04 | 000,080,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/07/11 08:44:49 | 010,501,104 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (CmdAgent)
SRV:[b]64bit:[/b] - [2017/07/11 08:37:30 | 002,876,096 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:[b]64bit:[/b] - [2017/06/29 02:50:26 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2016/08/22 13:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/03/25 16:04:04 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/03/25 15:59:37 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/05/06 06:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:[b]64bit:[/b] - [2009/12/21 10:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV:[b]64bit:[/b] - [2007/02/12 04:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2017/07/05 04:30:09 | 000,133,840 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe -- (isesrv)
SRV - [2017/06/19 03:07:20 | 000,040,128 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2017/04/28 08:50:34 | 002,273,432 | ---- | M] (Comodo) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2017/03/29 21:01:08 | 000,103,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/06/03 17:16:12 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/09/30 08:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 08:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/11 23:21:19 | 000,106,936 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/07/19 06:15:44 | 000,077,032 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:[b]64bit:[/b] - [2017/07/19 06:15:44 | 000,055,144 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:[b]64bit:[/b] - [2017/07/19 06:15:17 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2017/07/19 06:15:03 | 000,289,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2017/07/19 06:15:03 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2017/07/19 06:14:53 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2017/07/19 06:14:26 | 001,601,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2017/07/19 06:14:02 | 000,256,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2017/07/05 04:29:44 | 000,050,856 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\isedrv.sys -- (isedrv)
DRV:[b]64bit:[/b] - [2017/05/31 01:48:30 | 000,031,664 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:[b]64bit:[/b] - [2016/12/05 14:45:58 | 000,197,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:[b]64bit:[/b] - [2016/12/05 14:45:56 | 000,066,040 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:[b]64bit:[/b] - [2016/12/05 14:45:56 | 000,053,240 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:[b]64bit:[/b] - [2016/12/05 14:45:56 | 000,023,544 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:[b]64bit:[/b] - [2016/03/25 16:09:47 | 000,023,272 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/03/25 16:09:46 | 000,107,752 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/03/25 16:09:46 | 000,026,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/03/25 14:44:12 | 000,110,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/19 17:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/19 15:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/03/18 06:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:[b]64bit:[/b] - [2010/03/18 06:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2010/03/18 06:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2009/12/21 10:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:[b]64bit:[/b] - [2009/12/21 10:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:[b]64bit:[/b] - [2009/11/27 05:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/08/13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:[b]64bit:[/b] - [2009/07/21 12:41:22 | 000,011,776 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necbatt.sys -- (necbatt)
DRV:[b]64bit:[/b] - [2009/07/15 04:36:06 | 000,013,312 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nececfil.sys -- (Nececfilter)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/08 15:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/12/11 07:17:07 | 000,009,728 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Ps2LedIF.sys -- (Ps2LedIF)
DRV:[b]64bit:[/b] - [2008/12/09 09:01:37 | 000,020,480 | ---- | M] ((C)NEC Corporation, NEC Personal Products, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfkgtkey.sys -- (MFKGTKEY)
DRV:[b]64bit:[/b] - [2008/12/09 03:17:00 | 000,011,776 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ps2Led.sys -- (Ps2Led)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.biglobe.ne.jp/index-necpc.html
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://121ware.com/nec-support/ [binary data]
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,IE11UpgradePageShownTime = DD 73 87 90 EC 00 D3 01 [binary data]
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = AF 23 09 90 8A 01 D3 01 [binary data]
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\..\SearchScopes\{6E633F90-707B-4C3A-BE5B-E7A6B6F4E47A}: "URL" = http://search.goo.ne.jp/web.jsp?MT={searchTerms}&IE=UTF-8&OE=EUC-JP&IE7_WSG&PT=IE7_WSG
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\..\SearchScopes\{F2ACB823-0765-4296-AFE9-B3B779148B5E}: "URL" = http://search.yahoo.co.jp/search?ei=UTF-8&fr=neciec1&p={searchTerms}
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)



O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [DispSw] C:\Program Files\DispSw\DispSw.exe (NEC Corporation, NEC Personal Products, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\SetPointP\SetPoint.exe (Logicool, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NECMFK] C:\Program Files\NECMFK\necmfk.exe (NEC Corporation, NEC Personal Products, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IseUI] C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe (COMODO)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Apple Inc.)
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [Google Update] C:\Users\KY\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKU\S-1-5-21-238233554-254357902-350102063-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.26.56.26 8.20.247.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: DhcpNameServer = 8.26.56.26 8.20.247.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AAFBC89-135F-4BCC-9C61-6FB3CFB2B63F}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECEE351D-DBAE-4E88-A338-E85D5172FCE4}: DhcpNameServer = 8.26.56.26 8.20.247.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECEE351D-DBAE-4E88-A338-E85D5172FCE4}: NameServer = 156.154.70.22,156.154.71.22
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{797ECCE9-6AC0-4098-9697-8157B6836A40} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/07/21 08:56:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\ユーザー名\デスクトップ\OTL.exe
[2017/07/20 15:03:57 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Software
[2017/07/20 15:03:44 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\brave
[2017/07/20 15:03:02 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\brave
[2017/07/20 14:56:41 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2017/07/20 14:34:51 | 008,162,248 | ---- | C] (Malwarebytes) -- D:\ユーザー名\デスクトップ\adwcleaner_7.0.0.0.exe
[2017/07/20 14:19:58 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\SquirrelTemp
[2017/07/20 10:27:20 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Malwarebytes
[2017/07/20 10:23:49 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/07/20 10:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2017/07/20 10:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/07/20 10:23:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/07/20 10:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2017/07/20 02:34:41 | 000,000,000 | ---D | C] -- C:\easeus_tb_cloud
[2017/07/20 02:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Tracker Software
[2017/07/20 02:26:22 | 000,000,000 | R--D | C] -- C:\Users\KY\Google ドライブ
[2017/07/20 02:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
[2017/07/20 02:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2017/07/20 01:28:35 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Spotify
[2017/07/20 01:25:10 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Spotify
[2017/07/20 01:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2017/07/20 01:03:29 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Skype
[2017/07/20 01:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017/07/20 00:54:37 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Google
[2017/07/20 00:54:29 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
[2017/07/20 00:47:05 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
[2017/07/20 00:47:04 | 000,000,000 | R--D | C] -- C:\Users\KY\iCloudDrive
[2017/07/20 00:47:04 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Apple Inc
[2017/07/20 00:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2017/07/20 00:32:46 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Apps
[2017/07/20 00:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2017/07/20 00:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2017/07/20 00:31:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2017/07/20 00:12:19 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Apple Computer
[2017/07/20 00:12:19 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Apple Computer
[2017/07/20 00:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2017/07/20 00:10:15 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Apple
[2017/07/20 00:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2017/07/20 00:09:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2017/07/20 00:09:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2017/07/20 00:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2017/07/20 00:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2017/07/20 00:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2017/07/19 23:57:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017/07/19 22:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2017/07/19 22:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2017/07/19 22:57:39 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2017/07/19 22:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2017/07/19 22:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2017/07/19 22:54:40 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2017/07/19 22:54:31 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Microsoft Help
[2017/07/19 22:54:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2017/07/19 22:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2017/07/19 22:53:43 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2017/07/19 22:33:13 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2017/07/19 22:33:08 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2017/07/19 22:33:06 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2017/07/19 22:33:06 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2017/07/19 22:32:51 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2017/07/19 22:32:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2017/07/19 22:30:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017/07/19 22:30:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/07/19 22:30:51 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017/07/19 22:30:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017/07/19 22:30:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/07/19 22:30:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017/07/19 22:30:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/07/19 22:30:50 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/07/19 22:30:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017/07/19 22:30:50 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017/07/19 22:30:50 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017/07/19 22:30:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017/07/19 22:30:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/07/19 22:30:47 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/07/19 22:30:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017/07/19 22:30:47 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/07/19 22:30:46 | 002,057,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/07/19 22:30:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017/07/19 22:30:45 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/07/19 22:30:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/07/19 22:30:44 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017/07/19 22:30:44 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/07/19 22:30:44 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017/07/19 22:30:44 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/07/19 22:30:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017/07/19 22:30:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017/07/19 22:30:43 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/07/19 22:30:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/07/19 22:30:42 | 002,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/07/19 22:30:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017/07/19 22:30:40 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/07/19 22:30:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017/07/19 22:30:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017/07/19 22:30:39 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017/07/19 22:30:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017/07/19 22:30:39 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017/07/19 22:30:39 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017/07/19 22:30:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017/07/19 22:30:38 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/07/19 22:30:38 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/07/19 22:30:38 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/07/19 22:30:37 | 005,975,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/07/19 22:30:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017/07/19 22:30:37 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017/07/19 22:30:37 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Comodo Dragon アプリ
[2017/07/19 22:30:36 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017/07/19 22:30:35 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2017/07/19 22:30:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2017/07/19 22:30:34 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2017/07/19 22:23:46 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2017/07/19 22:23:44 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2017/07/19 22:17:11 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Adobe
[2017/07/19 22:12:57 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2017/07/19 22:09:45 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2017/07/19 22:09:40 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2017/07/19 22:09:40 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2017/07/19 22:09:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2017/07/19 22:09:38 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2017/07/19 22:09:38 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2017/07/19 22:09:37 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2017/07/19 22:09:37 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2017/07/19 22:09:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2017/07/19 22:09:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2017/07/19 22:09:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2017/07/19 22:09:35 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2017/07/19 22:09:35 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2017/07/19 22:09:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2017/07/19 22:09:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2017/07/19 22:09:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2017/07/19 22:09:34 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2017/07/19 22:09:32 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2017/07/19 22:09:32 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2017/07/19 22:09:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2017/07/19 22:09:32 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2017/07/19 22:09:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2017/07/19 22:09:32 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2017/07/19 22:09:32 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2017/07/19 22:09:32 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2017/07/19 22:09:32 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2017/07/19 22:09:32 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2017/07/19 22:09:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2017/07/19 22:09:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2017/07/19 22:09:32 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2017/07/19 22:09:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2017/07/19 22:09:31 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2017/07/19 22:09:31 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2017/07/19 22:09:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2017/07/19 22:09:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2017/07/19 22:08:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2017/07/19 22:08:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2017/07/19 22:08:00 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2017/07/19 22:08:00 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2017/07/19 22:08:00 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2017/07/19 22:08:00 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2017/07/19 22:08:00 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2017/07/19 22:08:00 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2017/07/19 22:08:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2017/07/19 22:08:00 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2017/07/19 22:07:59 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2017/07/19 22:07:59 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2017/07/19 22:07:59 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2017/07/19 22:07:59 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2017/07/19 22:07:59 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2017/07/19 22:07:59 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2017/07/19 22:06:11 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2017/07/19 22:06:11 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2017/07/19 21:07:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2017/07/19 21:07:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2017/07/19 21:05:35 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2017/07/19 20:57:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2017/07/19 20:53:34 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2017/07/19 20:53:34 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2017/07/19 20:53:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.exe
[2017/07/19 20:53:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.exe
[2017/07/19 20:51:32 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\polstore.dll
[2017/07/19 20:51:32 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2017/07/19 20:51:32 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winipsec.dll
[2017/07/19 20:51:32 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2017/07/19 20:51:32 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2017/07/19 20:51:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2017/07/19 20:51:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2017/07/19 20:51:08 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2017/07/19 20:51:07 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2017/07/19 20:51:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2017/07/19 20:51:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netbtugc.exe
[2017/07/19 08:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2017/07/19 08:45:13 | 000,256,040 | ---- | C] (COMODO) -- C:\Windows\SysNative\iseguard64.dll
[2017/07/19 08:45:13 | 000,205,536 | ---- | C] (COMODO) -- C:\Windows\SysWow64\iseguard32.dll
[2017/07/19 08:45:13 | 000,050,856 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\isedrv.sys
[2017/07/19 08:45:05 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Comodo
[2017/07/19 08:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2017/07/19 08:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2017/07/19 08:33:07 | 000,000,000 | ---D | C] -- D:\ユーザー名\ドキュメント\CCleaner reg
[2017/07/19 08:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2017/07/19 08:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Shared Space
[2017/07/19 08:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2017/07/19 08:15:23 | 000,197,624 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\SysNative\drivers\EuFdDisk.sys
[2017/07/19 08:15:23 | 000,066,040 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\SysNative\drivers\eubakup.sys
[2017/07/19 08:15:23 | 000,023,544 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\SysNative\drivers\eudskacs.sys
[2017/07/19 08:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.5
[2017/07/19 08:14:05 | 000,026,304 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\SysNative\fbnative.exe
[2017/07/19 08:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2017/07/19 08:03:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017/07/19 08:03:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017/07/19 08:02:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2017/07/19 08:02:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2017/07/19 08:02:55 | 000,876,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017/07/19 08:02:55 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2017/07/19 08:02:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdhui.dll
[2017/07/19 08:02:55 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2017/07/19 08:02:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017/07/19 08:02:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2017/07/19 08:02:54 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hlink.dll
[2017/07/19 08:02:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2017/07/19 08:02:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2017/07/19 08:02:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2017/07/19 08:02:52 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2017/07/19 08:02:52 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2017/07/19 08:02:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2017/07/19 08:02:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2017/07/19 08:02:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2017/07/19 08:02:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcawrk.exe
[2017/07/19 08:02:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2017/07/19 08:02:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2017/07/19 08:02:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017/07/19 08:02:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017/07/19 08:02:50 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2017/07/19 08:02:50 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2017/07/19 08:02:50 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pintlgnt.ime
[2017/07/19 08:02:50 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017/07/19 08:02:46 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icm32.dll
[2017/07/19 08:02:46 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017/07/19 08:02:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017/07/19 08:02:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2017/07/19 08:02:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2017/07/19 08:02:43 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2017/07/19 08:02:43 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\INETRES.dll
[2017/07/19 08:02:43 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rundll32.exe
[2017/07/19 08:02:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2017/07/19 08:02:42 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2017/07/19 08:02:42 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2017/07/19 08:02:42 | 000,287,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2017/07/19 08:02:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2017/07/19 08:02:42 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017/07/19 08:02:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2017/07/19 08:02:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017/07/19 08:02:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017/07/19 08:02:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017/07/19 08:02:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017/07/19 08:02:41 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017/07/19 08:02:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017/07/19 08:02:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017/07/19 08:02:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017/07/19 08:02:39 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2017/07/19 08:02:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017/07/19 08:02:39 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2017/07/19 08:02:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017/07/19 08:02:38 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017/07/19 08:02:38 | 000,114,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2017/07/19 08:02:38 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2017/07/19 08:02:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2017/07/19 08:02:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2017/07/19 08:02:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017/07/19 08:02:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017/07/19 08:02:36 | 000,382,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2017/07/19 08:02:36 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2017/07/19 08:02:36 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2017/07/19 08:02:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2017/07/19 08:02:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2017/07/19 08:02:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2017/07/19 08:02:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/07/19 08:02:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017/07/19 08:02:35 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017/07/19 08:02:35 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017/07/19 08:02:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017/07/19 08:02:33 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2017/07/19 08:02:33 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2017/07/19 08:02:33 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2017/07/19 08:02:33 | 000,265,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2017/07/19 08:02:33 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2017/07/19 08:02:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UtcResources.dll
[2017/07/19 08:02:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2017/07/19 08:02:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2017/07/19 08:02:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2017/07/19 08:02:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\plasrv.exe
[2017/07/19 08:02:32 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2017/07/19 08:02:32 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2017/07/19 08:02:32 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2017/07/19 08:02:32 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2017/07/19 08:02:31 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2017/07/19 08:02:31 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017/07/19 08:02:31 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2017/07/19 08:02:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2017/07/19 08:02:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2017/07/19 08:02:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2017/07/19 08:02:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2017/07/19 08:02:30 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017/07/19 08:02:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017/07/19 08:02:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017/07/19 08:02:28 | 000,091,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MigAutoPlay.exe
[2017/07/19 08:02:28 | 000,091,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MigAutoPlay.exe
[2017/07/19 08:02:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017/07/19 08:02:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017/07/19 08:02:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017/07/19 08:02:27 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2017/07/19 08:02:27 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2017/07/19 08:02:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2017/07/19 08:02:27 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2017/07/19 08:02:26 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017/07/19 08:02:26 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017/07/19 08:02:25 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017/07/19 08:02:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017/07/19 08:02:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017/07/19 08:02:21 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tintlgnt.ime
[2017/07/19 08:02:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quick.ime
[2017/07/19 08:02:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qintlgnt.ime
[2017/07/19 08:02:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\phon.ime
[2017/07/19 08:02:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cintlgnt.ime
[2017/07/19 08:02:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chajei.ime
[2017/07/19 08:02:20 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2017/07/19 08:02:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2017/07/19 08:02:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2017/07/19 08:02:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2017/07/19 08:02:18 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017/07/19 08:02:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017/07/19 08:02:16 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2017/07/19 08:02:16 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2017/07/19 08:02:16 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2017/07/19 08:02:16 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017/07/19 08:02:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017/07/19 08:02:16 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2017/07/19 08:02:16 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmjpegdec.dll
[2017/07/19 08:02:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2017/07/19 08:02:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017/07/19 08:02:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017/07/19 08:02:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017/07/19 08:02:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017/07/19 08:02:15 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2017/07/19 08:02:15 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2017/07/19 08:02:15 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2017/07/19 08:02:15 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017/07/19 08:02:15 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2017/07/19 08:02:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmjpegdec.dll
[2017/07/19 08:02:14 | 000,249,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2017/07/19 08:02:14 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2017/07/19 08:02:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2017/07/19 08:02:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2017/07/19 08:02:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2017/07/19 08:02:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2017/07/19 08:02:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2017/07/19 08:02:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2017/07/19 08:02:13 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2017/07/19 08:02:13 | 000,733,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2017/07/19 08:02:13 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2017/07/19 08:02:13 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2017/07/19 08:02:13 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2017/07/19 08:02:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017/07/19 08:02:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017/07/19 08:02:12 | 001,867,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2017/07/19 08:02:12 | 001,499,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2017/07/19 08:02:12 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2017/07/19 08:02:12 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2017/07/19 08:02:11 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2017/07/19 08:02:11 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017/07/19 08:02:11 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2017/07/19 08:02:11 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2017/07/19 08:02:11 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2017/07/19 08:02:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2017/07/19 08:02:11 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resmon.exe
[2017/07/19 08:02:11 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resmon.exe
[2017/07/19 08:02:10 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2017/07/19 08:02:10 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2017/07/19 08:02:10 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017/07/19 08:02:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2017/07/19 08:02:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2017/07/19 08:02:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2017/07/19 08:02:05 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017/07/19 08:02:05 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2017/07/19 08:02:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017/07/19 08:02:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017/07/19 08:02:05 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2017/07/19 08:02:05 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2017/07/19 08:02:05 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2017/07/19 08:02:05 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2017/07/19 08:02:05 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2017/07/19 08:02:05 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2017/07/19 08:02:05 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2017/07/19 08:02:05 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2017/07/19 08:02:04 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2017/07/19 08:02:03 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2017/07/19 08:02:03 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2017/07/19 08:02:03 | 000,377,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2017/07/19 08:02:03 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2017/07/19 08:02:03 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2017/07/19 08:02:03 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2017/07/19 08:02:01 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2017/07/19 08:02:01 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2017/07/19 08:02:01 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2017/07/19 08:02:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2017/07/19 08:02:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2017/07/19 08:02:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2017/07/19 08:02:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2017/07/19 08:02:00 | 001,483,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017/07/19 08:02:00 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2017/07/19 08:02:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2017/07/19 08:02:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2017/07/19 08:02:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2017/07/19 08:02:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2017/07/19 08:02:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2017/07/19 08:01:58 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017/07/19 08:01:57 | 000,706,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017/07/19 08:01:57 | 000,633,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2017/07/19 08:01:56 | 003,244,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2017/07/19 08:01:56 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2017/07/19 08:01:56 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2017/07/19 08:01:55 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017/07/19 08:01:54 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017/07/19 08:01:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017/07/19 08:01:54 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2017/07/19 08:01:54 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2017/07/19 08:01:53 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2017/07/19 08:01:53 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2017/07/19 08:01:53 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2017/07/19 08:01:53 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2017/07/19 08:01:53 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2017/07/19 08:01:53 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2017/07/19 08:01:53 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2017/07/19 08:01:53 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2017/07/19 08:01:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2017/07/19 08:01:53 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2017/07/19 08:01:53 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2017/07/19 08:01:53 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2017/07/19 08:01:53 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2017/07/19 08:01:53 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2017/07/19 08:01:53 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/07/19 08:01:53 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/07/19 08:01:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2017/07/19 08:01:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2017/07/19 08:01:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2017/07/19 08:01:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2017/07/19 08:01:53 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2017/07/19 08:01:53 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2017/07/19 08:01:53 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2017/07/19 08:01:53 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2017/07/19 08:01:53 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2017/07/19 08:01:53 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2017/07/19 08:01:53 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2017/07/19 08:01:53 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2017/07/19 08:01:53 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/07/19 08:01:53 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2017/07/19 08:01:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2017/07/19 08:01:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2017/07/19 08:01:53 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2017/07/19 08:01:51 | 002,065,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017/07/19 08:01:51 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2017/07/19 08:01:50 | 004,296,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_47.dll
[2017/07/19 08:01:50 | 003,550,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_47.dll
[2017/07/19 08:01:49 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2017/07/19 08:01:49 | 000,994,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2017/07/19 08:01:49 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2017/07/19 08:01:49 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2017/07/19 08:01:49 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2017/07/19 08:01:49 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2017/07/19 08:01:48 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2017/07/19 08:01:47 | 002,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2017/07/19 08:01:47 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2017/07/19 08:01:47 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2017/07/19 08:01:47 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017/07/19 08:01:47 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2017/07/19 08:01:47 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2017/07/19 08:01:47 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017/07/19 08:01:46 | 003,165,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2017/07/19 08:01:46 | 002,319,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2017/07/19 08:01:46 | 002,058,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2017/07/19 08:01:46 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2017/07/19 08:01:46 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2017/07/19 08:01:46 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2017/07/19 08:01:46 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2017/07/19 08:01:46 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2017/07/19 08:01:46 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2017/07/19 08:01:45 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2017/07/19 08:01:45 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2017/07/19 08:01:45 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2017/07/19 08:01:45 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2017/07/19 08:01:45 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2017/07/19 08:01:45 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2017/07/19 08:01:44 | 005,547,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017/07/19 08:01:44 | 004,001,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017/07/19 08:01:44 | 003,945,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017/07/19 08:01:43 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2017/07/19 08:01:43 | 003,209,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2017/07/19 08:01:43 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2017/07/19 08:01:42 | 001,574,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2017/07/19 08:01:42 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2017/07/19 08:01:42 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2017/07/19 08:01:42 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2017/07/19 08:01:41 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2017/07/19 08:01:40 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2017/07/19 08:01:40 | 012,574,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2017/07/19 08:01:40 | 012,574,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2017/07/19 07:36:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappprxy.dll
[2017/07/19 07:36:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappprxy.dll
[2017/07/19 07:36:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eventcls.dll
[2017/07/19 07:36:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eventcls.dll
[2017/07/19 07:36:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2017/07/19 07:36:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setspn.exe
[2017/07/19 07:36:02 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2017/07/19 07:36:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWNet.dll
[2017/07/19 07:35:57 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2017/07/19 07:35:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2017/07/19 07:35:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2017/07/19 07:35:55 | 000,0

続き
[2017/07/19 07:35:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2017/07/19 07:35:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2017/07/19 07:35:52 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uexfat.dll
[2017/07/19 07:35:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uexfat.dll
[2017/07/19 07:35:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2017/07/19 07:35:43 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2017/07/19 07:35:43 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2017/07/19 07:35:43 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2017/07/19 07:35:43 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2017/07/19 07:35:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2017/07/19 07:35:43 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2017/07/19 07:35:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2017/07/19 07:35:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2017/07/19 07:35:38 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\linkinfo.dll
[2017/07/19 07:35:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\format.com
[2017/07/19 07:35:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2017/07/19 07:35:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2017/07/19 07:35:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2017/07/19 07:35:32 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2017/07/19 07:35:32 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2017/07/19 07:35:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollCtrl.exe
[2017/07/19 07:35:32 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsjob.dll
[2017/07/19 07:35:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dtsh.dll
[2017/07/19 07:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsjob.dll
[2017/07/19 07:35:32 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2017/07/19 07:35:29 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tvratings.dll
[2017/07/19 07:35:28 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2017/07/19 07:35:28 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2017/07/19 07:35:28 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tvratings.dll
[2017/07/19 07:35:27 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2017/07/19 07:35:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshcon.dll
[2017/07/19 07:35:26 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mgmtapi.dll
[2017/07/19 07:35:26 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcmonitor.dll
[2017/07/19 07:35:25 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2017/07/19 07:35:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2017/07/19 07:35:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2017/07/19 07:35:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2017/07/19 07:35:24 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2017/07/19 07:35:23 | 001,039,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\opengl32.dll
[2017/07/19 07:35:22 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SCardDlg.dll
[2017/07/19 07:35:22 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SCardDlg.dll
[2017/07/19 07:35:21 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\racpldlg.dll
[2017/07/19 07:35:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\racpldlg.dll
[2017/07/19 07:35:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdll.dll
[2017/07/19 07:35:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\format.com
[2017/07/19 07:35:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2017/07/19 07:35:20 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2017/07/19 07:35:20 | 000,069,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2017/07/19 07:35:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wowreg32.exe
[2017/07/19 07:35:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wowreg32.exe
[2017/07/19 07:35:19 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2017/07/19 07:35:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2017/07/19 07:35:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2017/07/19 07:35:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bderepair.dll
[2017/07/19 07:35:13 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2017/07/19 07:35:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2017/07/19 07:35:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2017/07/19 07:35:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollCtrl.exe
[2017/07/19 07:35:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2017/07/19 07:35:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2017/07/19 07:35:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2017/07/19 07:35:11 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2017/07/19 07:35:11 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtm.dll
[2017/07/19 07:35:11 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtm.dll
[2017/07/19 07:35:11 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2017/07/19 07:35:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2017/07/19 07:35:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2017/07/19 07:35:11 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2017/07/19 07:35:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsraLegacy.tlb
[2017/07/19 07:35:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsraLegacy.tlb
[2017/07/19 07:35:10 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2017/07/19 07:35:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3dlg.dll
[2017/07/19 07:35:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2017/07/19 07:35:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2017/07/19 07:35:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2017/07/19 07:35:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2017/07/19 07:35:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2017/07/19 07:35:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2017/07/19 07:35:06 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2017/07/19 07:35:06 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2017/07/19 07:35:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshcon.dll
[2017/07/19 07:35:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2017/07/19 07:35:05 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2017/07/19 07:35:02 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2017/07/19 07:35:02 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2017/07/19 07:35:02 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2017/07/19 07:35:02 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2017/07/19 07:35:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mgmtapi.dll
[2017/07/19 07:35:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcmonitor.dll
[2017/07/19 07:35:01 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\opengl32.dll
[2017/07/19 07:35:01 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2017/07/19 07:35:01 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2017/07/19 07:35:00 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2017/07/19 07:35:00 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2017/07/19 07:35:00 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2017/07/19 07:35:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2017/07/19 07:35:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2017/07/19 07:35:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2017/07/19 07:35:00 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfapigp.dll
[2017/07/19 07:35:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacchooks.dll
[2017/07/19 07:34:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2017/07/19 07:34:58 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2017/07/19 07:34:58 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\svchost.exe
[2017/07/19 07:34:57 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2017/07/19 07:34:57 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2017/07/19 07:34:57 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2017/07/19 07:34:57 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2017/07/19 07:34:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxstrace.exe
[2017/07/19 07:34:54 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msra.exe
[2017/07/19 07:34:54 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2017/07/19 07:34:54 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2017/07/19 07:34:54 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msra.exe
[2017/07/19 07:34:54 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2017/07/19 07:34:53 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\activeds.dll
[2017/07/19 07:34:53 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2017/07/19 07:34:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2017/07/19 07:34:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2017/07/19 07:34:51 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncpa.cpl
[2017/07/19 07:34:51 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncpa.cpl
[2017/07/19 07:34:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2017/07/19 07:34:51 | 000,023,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\streamci.dll
[2017/07/19 07:34:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2017/07/19 07:34:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CIRCoInst.dll
[2017/07/19 07:34:50 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstplua.dll
[2017/07/19 07:34:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2017/07/19 07:34:49 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2017/07/19 07:34:49 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2017/07/19 07:34:49 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2017/07/19 07:34:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2017/07/19 07:34:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2017/07/19 07:34:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstplua.dll
[2017/07/19 07:34:48 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2017/07/19 07:34:48 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2017/07/19 07:34:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2017/07/19 07:34:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2017/07/19 07:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2017/07/19 07:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2017/07/19 07:34:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tbs.dll
[2017/07/19 07:34:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2017/07/19 07:34:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icsunattend.exe
[2017/07/19 07:34:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tbs.dll
[2017/07/19 07:34:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2017/07/19 07:34:42 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2017/07/19 07:34:42 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2017/07/19 07:34:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2017/07/19 07:34:41 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2017/07/19 07:34:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2017/07/19 07:34:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2017/07/19 07:34:40 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2017/07/19 07:34:40 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2017/07/19 07:34:40 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2017/07/19 07:34:39 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2017/07/19 07:34:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe
[2017/07/19 07:34:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe
[2017/07/19 07:34:39 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2017/07/19 07:34:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2017/07/19 07:34:39 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe
[2017/07/19 07:34:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe
[2017/07/19 07:34:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2017/07/19 07:34:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2017/07/19 07:34:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmib.dll
[2017/07/19 07:34:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmib.dll
[2017/07/19 07:34:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nsi.dll
[2017/07/19 07:34:38 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2017/07/19 07:34:38 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2017/07/19 07:34:38 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2017/07/19 07:34:38 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2017/07/19 07:34:38 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2017/07/19 07:34:38 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3dlg.dll
[2017/07/19 07:34:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werdiagcontroller.dll
[2017/07/19 07:34:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\werdiagcontroller.dll
[2017/07/19 07:34:38 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brdgcfg.dll
[2017/07/19 07:34:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2017/07/19 07:34:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2017/07/19 07:34:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2017/07/19 07:34:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2017/07/19 07:34:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2017/07/19 07:34:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2017/07/19 07:34:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2017/07/19 07:34:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2017/07/19 07:34:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2017/07/19 07:34:33 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2017/07/19 07:34:33 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdchange.exe
[2017/07/19 07:34:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2017/07/19 07:34:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2017/07/19 07:34:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rshx32.dll
[2017/07/19 07:34:31 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll
[2017/07/19 07:34:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2017/07/19 07:34:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiarpc.dll
[2017/07/19 07:34:30 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2017/07/19 07:34:30 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2017/07/19 07:34:30 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2017/07/19 07:34:30 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2017/07/19 07:34:30 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2017/07/19 07:34:30 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2017/07/19 07:34:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2017/07/19 07:34:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshnetbs.dll
[2017/07/19 07:34:26 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glu32.dll
[2017/07/19 07:34:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glu32.dll
[2017/07/19 07:34:25 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2017/07/19 07:34:25 | 000,055,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys
[2017/07/19 07:34:24 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2017/07/19 07:34:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2017/07/19 07:34:24 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2017/07/19 07:34:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efslsaext.dll
[2017/07/19 07:34:24 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efssvc.dll
[2017/07/19 07:34:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2017/07/19 07:34:23 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2017/07/19 07:34:23 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2017/07/19 07:34:23 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2017/07/19 07:34:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2017/07/19 07:34:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2017/07/19 07:34:22 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2017/07/19 07:34:22 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2017/07/19 07:34:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2017/07/19 07:34:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2017/07/19 07:34:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2017/07/19 07:34:21 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2017/07/19 07:34:21 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2017/07/19 07:34:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2017/07/19 07:34:21 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devobj.dll
[2017/07/19 07:34:21 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2017/07/19 07:34:21 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2017/07/19 07:34:21 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2017/07/19 07:34:21 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2017/07/19 07:34:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfapigp.dll
[2017/07/19 07:34:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacchooks.dll
[2017/07/19 07:34:20 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2017/07/19 07:34:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2017/07/19 07:34:20 | 000,027,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2017/07/19 07:34:19 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2017/07/19 07:34:19 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2017/07/19 07:34:19 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2017/07/19 07:34:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanpref.dll
[2017/07/19 07:34:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sxstrace.exe
[2017/07/19 07:34:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2017/07/19 07:34:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2017/07/19 07:34:15 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2017/07/19 07:34:15 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2017/07/19 07:34:15 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2017/07/19 07:34:15 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2017/07/19 07:34:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2017/07/19 07:34:15 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2017/07/19 07:34:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlaninst.dll
[2017/07/19 07:34:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
[2017/07/19 07:34:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2017/07/19 07:34:13 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2017/07/19 07:34:13 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icfupgd.dll
[2017/07/19 07:34:11 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2017/07/19 07:34:11 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2017/07/19 07:34:11 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2017/07/19 07:34:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.tlb
[2017/07/19 07:34:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\activeds.tlb
[2017/07/19 07:34:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2017/07/19 07:34:11 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2017/07/19 07:34:10 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2017/07/19 07:34:10 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2017/07/19 07:34:10 | 000,107,752 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2017/07/19 07:34:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2017/07/19 07:34:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2017/07/19 07:34:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devrtl.dll
[2017/07/19 07:34:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2017/07/19 07:34:05 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2017/07/19 07:34:05 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2017/07/19 07:34:05 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2017/07/19 07:34:05 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2017/07/19 07:34:05 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2017/07/19 07:34:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2017/07/19 07:34:04 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2017/07/19 07:34:04 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2017/07/19 07:34:04 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2017/07/19 07:34:04 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2017/07/19 07:34:04 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2017/07/19 07:34:04 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdl32.exe
[2017/07/19 07:34:04 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmutil.dll
[2017/07/19 07:34:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmutil.dll
[2017/07/19 07:34:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2017/07/19 07:34:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2017/07/19 07:34:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmlua.dll
[2017/07/19 07:34:04 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmcfg32.dll
[2017/07/19 07:34:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmcfg32.dll
[2017/07/19 07:34:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmlua.dll
[2017/07/19 07:34:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmpbk32.dll
[2017/07/19 07:34:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmpbk32.dll
[2017/07/19 07:34:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2017/07/19 07:34:03 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2017/07/19 07:34:03 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2017/07/19 07:34:03 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2017/07/19 07:34:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2017/07/19 07:34:03 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll
[2017/07/19 07:34:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2017/07/19 07:34:03 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2017/07/19 07:34:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2017/07/19 07:34:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bdeui.dll
[2017/07/19 07:34:02 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2017/07/19 07:34:02 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2017/07/19 07:34:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2017/07/19 07:34:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2017/07/19 07:34:02 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2017/07/19 07:34:02 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2017/07/19 07:34:02 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2017/07/19 07:34:02 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2017/07/19 07:34:02 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2017/07/19 07:34:02 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2017/07/19 07:34:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2017/07/19 07:34:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2017/07/19 07:34:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2017/07/19 07:34:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2017/07/19 07:34:01 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2017/07/19 07:34:01 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2017/07/19 07:34:01 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2017/07/19 07:34:01 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys

続き
[2017/07/19 07:34:00 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2017/07/19 07:34:00 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2017/07/19 07:34:00 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2017/07/19 07:34:00 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2017/07/19 07:34:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2017/07/19 07:34:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2017/07/19 07:34:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2017/07/19 07:34:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2017/07/19 07:34:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2017/07/19 07:34:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2017/07/19 07:34:00 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2017/07/19 07:34:00 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2017/07/19 07:34:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2017/07/19 07:34:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2017/07/19 07:34:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2017/07/19 07:34:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2017/07/19 07:34:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2017/07/19 07:34:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2017/07/19 07:33:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2017/07/19 07:33:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2017/07/19 07:33:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icsunattend.exe
[2017/07/19 07:33:56 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\colbact.dll
[2017/07/19 07:33:55 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2017/07/19 07:33:55 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2017/07/19 07:33:55 | 000,253,440 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2017/07/19 07:33:55 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2017/07/19 07:33:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2017/07/19 07:33:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2017/07/19 07:33:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe
[2017/07/19 07:33:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2017/07/19 07:33:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fixmapi.exe
[2017/07/19 07:33:54 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2017/07/19 07:33:53 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2017/07/19 07:33:53 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2017/07/19 07:33:53 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2017/07/19 07:33:53 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2017/07/19 07:33:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys
[2017/07/19 07:33:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmonui.dll
[2017/07/19 07:33:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2017/07/19 07:33:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2017/07/19 07:33:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2017/07/19 07:33:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icmui.dll
[2017/07/19 07:33:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2017/07/19 07:33:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2017/07/19 07:33:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localui.dll
[2017/07/19 07:33:51 | 000,484,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2017/07/19 07:33:51 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditcse.dll
[2017/07/19 07:33:51 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wermgr.exe
[2017/07/19 07:33:51 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wermgr.exe
[2017/07/19 07:33:50 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2017/07/19 07:33:50 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2017/07/19 07:33:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3gpclnt.dll
[2017/07/19 07:33:50 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2017/07/19 07:33:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2017/07/19 07:33:50 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\typeperf.exe
[2017/07/19 07:33:50 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2017/07/19 07:33:50 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\typeperf.exe
[2017/07/19 07:33:50 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2017/07/19 07:33:49 | 000,262,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2017/07/19 07:33:49 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2017/07/19 07:33:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2017/07/19 07:33:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2017/07/19 07:33:49 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsldr.exe
[2017/07/19 07:33:49 | 000,020,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2017/07/19 07:33:49 | 000,019,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2017/07/19 07:33:48 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raserver.exe
[2017/07/19 07:33:48 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raserver.exe
[2017/07/19 07:33:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdchange.exe
[2017/07/19 07:33:48 | 000,017,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2017/07/19 07:33:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrleakdiag.exe
[2017/07/19 07:33:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdrleakdiag.exe
[2017/07/19 07:33:42 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2017/07/19 07:33:42 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2017/07/19 07:33:42 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdl32.exe
[2017/07/19 07:33:41 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2017/07/19 07:33:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2017/07/19 07:33:41 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2017/07/19 07:33:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecerts.dll
[2017/07/19 07:33:39 | 001,338,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2017/07/19 07:33:39 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2017/07/19 07:33:39 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2017/07/19 07:33:39 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2017/07/19 07:33:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2017/07/19 07:33:39 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2017/07/19 07:33:39 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2017/07/19 07:33:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2017/07/19 07:33:39 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2017/07/19 07:33:39 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2017/07/19 07:33:39 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2017/07/19 07:33:38 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2017/07/19 07:33:38 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2017/07/19 07:33:38 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2017/07/19 07:33:38 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2017/07/19 07:33:37 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdprint.dll
[2017/07/19 07:33:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sti.dll
[2017/07/19 07:33:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2017/07/19 07:33:36 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2017/07/19 07:33:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2017/07/19 07:33:35 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2017/07/19 07:33:34 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll
[2017/07/19 07:33:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2017/07/19 07:33:33 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2017/07/19 07:33:33 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2017/07/19 07:33:33 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2017/07/19 07:33:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2017/07/19 07:33:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2017/07/19 07:33:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2017/07/19 07:33:32 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2017/07/19 07:33:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icaapi.dll
[2017/07/19 07:33:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnification.dll
[2017/07/19 07:33:30 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnification.dll
[2017/07/19 07:33:28 | 000,732,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2017/07/19 07:33:28 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbeio.dll
[2017/07/19 07:33:27 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2017/07/19 07:33:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2017/07/19 07:33:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bridgeunattend.exe
[2017/07/19 07:33:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskperf.exe
[2017/07/19 07:33:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2017/07/19 07:33:26 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2017/07/19 07:33:26 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2017/07/19 07:33:26 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2017/07/19 07:33:25 | 000,752,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2017/07/19 07:33:25 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2017/07/19 07:33:25 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2017/07/19 07:33:25 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2017/07/19 07:33:25 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2017/07/19 07:33:25 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2017/07/19 07:33:25 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2017/07/19 07:33:25 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2017/07/19 07:33:25 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2017/07/19 07:33:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2017/07/19 07:33:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2017/07/19 07:33:25 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2017/07/19 07:33:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2017/07/19 07:33:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dispex.dll
[2017/07/19 07:33:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rendezvousSession.tlb
[2017/07/19 07:33:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rendezvousSession.tlb
[2017/07/19 07:33:24 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2017/07/19 07:33:24 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2017/07/19 07:33:24 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2017/07/19 07:33:24 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2017/07/19 07:33:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2017/07/19 07:33:24 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2017/07/19 07:33:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2017/07/19 07:33:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2017/07/19 07:33:24 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xolehlp.dll
[2017/07/19 07:33:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlaninst.dll
[2017/07/19 07:33:23 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2017/07/19 07:33:23 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2017/07/19 07:33:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2017/07/19 07:33:23 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2017/07/19 07:33:23 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2017/07/19 07:33:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2017/07/19 07:33:23 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2017/07/19 07:33:23 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2017/07/19 07:33:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2017/07/19 07:33:23 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2017/07/19 07:33:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2017/07/19 07:33:23 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2017/07/19 07:33:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2017/07/19 07:33:23 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2017/07/19 07:33:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2017/07/19 07:33:23 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2017/07/19 07:33:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndptsp.tsp
[2017/07/19 07:33:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2017/07/19 07:33:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2017/07/19 07:33:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\docprop.dll
[2017/07/19 07:33:23 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2017/07/19 07:33:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2017/07/19 07:33:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kmddsp.tsp
[2017/07/19 07:33:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\docprop.dll
[2017/07/19 07:33:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winnsi.dll
[2017/07/19 07:33:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtprio.dll
[2017/07/19 07:33:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll
[2017/07/19 07:33:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll
[2017/07/19 07:33:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2017/07/19 07:33:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiougc.exe
[2017/07/19 07:33:21 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2017/07/19 07:33:21 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2017/07/19 07:33:21 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2017/07/19 07:33:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vsstrace.dll
[2017/07/19 07:33:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll
[2017/07/19 07:33:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2017/07/19 07:33:19 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2017/07/19 07:33:19 | 000,282,112 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2017/07/19 07:33:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll
[2017/07/19 07:33:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfg.exe
[2017/07/19 07:33:18 | 000,026,856 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2017/07/19 07:33:17 | 001,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm60.dll
[2017/07/19 07:33:17 | 000,722,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2017/07/19 07:33:17 | 000,546,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2017/07/19 07:33:17 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2017/07/19 07:33:17 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2017/07/19 07:33:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2017/07/19 07:33:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2017/07/19 07:33:16 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2017/07/19 07:33:16 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2017/07/19 07:33:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2017/07/19 07:33:15 | 000,510,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2017/07/19 07:33:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstUI.exe
[2017/07/19 07:33:15 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe
[2017/07/19 07:33:14 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2017/07/19 07:33:14 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2017/07/19 07:33:14 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2017/07/19 07:33:14 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2017/07/19 07:33:13 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2017/07/19 07:33:13 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2017/07/19 07:33:13 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TpmInit.exe
[2017/07/19 07:33:13 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TpmInit.exe
[2017/07/19 07:33:13 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tpmcompc.dll
[2017/07/19 07:33:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tpmcompc.dll
[2017/07/19 07:33:11 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2017/07/19 07:33:11 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2017/07/19 07:33:11 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2017/07/19 07:33:11 | 000,023,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2017/07/19 07:33:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2017/07/19 07:33:09 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2017/07/19 07:33:09 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2017/07/19 07:33:09 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2017/07/19 07:33:09 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2017/07/19 07:33:09 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2017/07/19 07:33:09 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2017/07/19 07:33:09 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2017/07/19 07:33:09 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2017/07/19 07:33:08 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2017/07/19 07:33:07 | 000,434,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2017/07/19 07:33:07 | 000,423,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2017/07/19 07:33:07 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2017/07/19 07:33:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeUISrv.exe
[2017/07/19 07:33:07 | 000,040,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2017/07/19 07:33:04 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2017/07/19 07:33:04 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll
[2017/07/19 07:33:03 | 001,245,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2017/07/19 07:33:03 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2017/07/19 07:33:03 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2017/07/19 07:33:02 | 001,118,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2017/07/19 07:33:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2017/07/19 07:33:02 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2017/07/19 07:33:02 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clbcatq.dll
[2017/07/19 07:33:02 | 000,525,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2017/07/19 07:33:02 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2017/07/19 07:33:02 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2017/07/19 07:33:02 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrv.dll
[2017/07/19 07:33:02 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrv.dll
[2017/07/19 07:33:02 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2017/07/19 07:33:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2017/07/19 07:33:02 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2017/07/19 07:33:02 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2017/07/19 07:33:02 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfAACEnc.dll
[2017/07/19 07:33:02 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2017/07/19 07:33:02 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfAACEnc.dll
[2017/07/19 07:33:02 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2017/07/19 07:33:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\colbact.dll
[2017/07/19 07:33:00 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2017/07/19 07:33:00 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2017/07/19 07:33:00 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2017/07/19 07:33:00 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2017/07/19 07:33:00 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2017/07/19 07:33:00 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysWow64\ir32_32.dll
[2017/07/19 07:33:00 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2017/07/19 07:32:59 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2017/07/19 07:32:59 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2017/07/19 07:32:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2017/07/19 07:32:58 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2017/07/19 07:32:58 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2017/07/19 07:32:57 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2017/07/19 07:32:56 | 000,186,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2017/07/19 07:32:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2017/07/19 07:32:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2017/07/19 07:32:53 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2017/07/19 07:32:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icmui.dll
[2017/07/19 07:32:52 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprnext.dll
[2017/07/19 07:32:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprnext.dll
[2017/07/19 07:32:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2017/07/19 07:32:50 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2017/07/19 07:32:50 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2017/07/19 07:32:48 | 000,581,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\p2pcollab.dll
[2017/07/19 07:32:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2017/07/19 07:32:48 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p2pcollab.dll
[2017/07/19 07:32:48 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2017/07/19 07:32:48 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2017/07/19 07:32:48 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2017/07/19 07:32:48 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2017/07/19 07:32:48 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2P.dll
[2017/07/19 07:32:48 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2017/07/19 07:32:48 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2017/07/19 07:32:48 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2P.dll
[2017/07/19 07:32:48 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2017/07/19 07:32:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\p2pnetsh.dll
[2017/07/19 07:32:48 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p2pnetsh.dll
[2017/07/19 07:32:48 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2017/07/19 07:32:48 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2017/07/19 07:32:48 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3gpclnt.dll
[2017/07/19 07:32:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasser.dll
[2017/07/19 07:32:47 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2017/07/19 07:32:47 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2017/07/19 07:32:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vds_ps.dll
[2017/07/19 07:32:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmxs.dll
[2017/07/19 07:32:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmxs.dll
[2017/07/19 07:32:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2017/07/19 07:32:47 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasser.dll
[2017/07/19 07:32:47 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2017/07/19 07:32:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiatrace.dll
[2017/07/19 07:32:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlmsprep.dll
[2017/07/19 07:32:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll
[2017/07/19 07:32:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2017/07/19 07:32:46 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2017/07/19 07:32:46 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2017/07/19 07:32:45 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2017/07/19 07:32:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfctrs.dll
[2017/07/19 07:32:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfctrs.dll
[2017/07/19 07:32:45 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfproc.dll
[2017/07/19 07:32:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfproc.dll
[2017/07/19 07:32:45 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2017/07/19 07:32:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2017/07/19 07:32:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfos.dll
[2017/07/19 07:32:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfos.dll
[2017/07/19 07:32:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfnet.dll
[2017/07/19 07:32:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfnet.dll
[2017/07/19 07:32:43 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveui.dll
[2017/07/19 07:32:42 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveRecover.dll
[2017/07/19 07:32:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeUnlockWizard.exe
[2017/07/19 07:32:42 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\colorcpl.exe
[2017/07/19 07:32:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\colorcpl.exe
[2017/07/19 07:32:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2017/07/19 07:32:42 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2017/07/19 07:32:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2017/07/19 07:32:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2017/07/19 07:32:40 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2017/07/19 07:32:40 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2017/07/19 07:32:38 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2017/07/19 07:32:38 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2017/07/19 07:32:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2017/07/19 07:32:38 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2017/07/19 07:32:38 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2017/07/19 07:32:38 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2017/07/19 07:32:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2017/07/19 07:32:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2017/07/19 07:32:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2017/07/19 07:32:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2017/07/19 07:32:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bridgeres.dll
[2017/07/19 07:32:36 | 000,321,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2017/07/19 07:32:36 | 000,296,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2017/07/19 07:32:36 | 000,110,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2017/07/19 07:32:36 | 000,100,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2017/07/19 07:32:35 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2017/07/19 07:32:34 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2017/07/19 07:32:34 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2017/07/19 07:32:34 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2017/07/19 07:32:34 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2017/07/19 07:32:33 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2017/07/19 07:32:32 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbeio.dll
[2017/07/19 07:32:31 | 001,752,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2017/07/19 07:32:31 | 001,507,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2017/07/19 07:32:31 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2017/07/19 07:32:31 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2017/07/19 07:32:31 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2017/07/19 07:32:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2017/07/19 07:32:30 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2017/07/19 07:32:30 | 000,706,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2017/07/19 07:32:30 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2017/07/19 07:32:30 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2017/07/19 07:32:30 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2017/07/19 07:32:30 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2017/07/19 07:32:30 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2017/07/19 07:32:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2017/07/19 07:32:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2017/07/19 07:32:30 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2017/07/19 07:32:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2017/07/19 07:32:29 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2017/07/19 07:32:29 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2017/07/19 07:32:29 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2017/07/19 07:32:29 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2017/07/19 07:32:29 | 000,170,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2017/07/19 07:32:29 | 000,148,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2017/07/19 07:32:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2017/07/19 07:32:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2017/07/19 07:32:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2017/07/19 07:32:27 | 001,978,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2017/07/19 07:32:27 | 001,335,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2017/07/19 07:32:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2017/07/19 07:32:27 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2017/07/19 07:32:27 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
[2017/07/19 07:32:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2017/07/19 07:32:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2017/07/19 07:32:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2017/07/19 07:32:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2017/07/19 07:32:27 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2017/07/19 07:32:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2017/07/19 07:32:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2017/07/19 07:32:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskperf.exe
[2017/07/19 07:32:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
[2017/07/19 07:32:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2017/07/19 07:32:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2017/07/19 07:32:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2017/07/19 07:32:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2017/07/19 07:32:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2017/07/19 07:32:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2017/07/19 07:32:24 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2017/07/19 07:32:24 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2017/07/19 07:32:24 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2017/07/19 07:32:24 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2017/07/19 07:32:24 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2017/07/19 07:32:24 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2017/07/19 07:32:24 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2017/07/19 07:32:23 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2017/07/19 07:32:23 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2017/07/19 07:32:23 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2017/07/19 07:32:23 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2017/07/19 07:32:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dispex.dll
[2017/07/19 07:32:22 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dui70.dll
[2017/07/19 07:32:22 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2017/07/19 07:32:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2017/07/19 07:32:18 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dui70.dll
[2017/07/19 07:32:18 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2017/07/19 07:32:17 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2017/07/19 07:32:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2017/07/19 07:32:17 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2017/07/19 07:32:17 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2017/07/19 07:32:17 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2017/07/19 07:32:17 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2017/07/19 07:32:17 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2017/07/19 07:32:16 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2017/07/19 07:32:16 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2017/07/19 07:32:16 | 000,771,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2017/07/19 07:32:16 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2017/07/19 07:32:16 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2017/07/19 07:32:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sccls.dll
[2017/07/19 07:32:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2017/07/19 07:32:15 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2017/07/19 07:32:15 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2017/07/19 07:32:15 | 000,930,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2017/07/19 07:32:15 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\colorui.dll
[2017/07/19 07:32:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\colorui.dll
[2017/07/19 07:32:15 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds_ps.dll
[2017/07/19 07:32:15 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2017/07/19 07:32:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2017/07/19 07:32:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\npmproxy.dll
[2017/07/19 07:32:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtprio.dll
[2017/07/19 07:32:14 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2017/07/19 07:32:14 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2017/07/19 07:32:14 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2017/07/19 07:32:14 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll
[2017/07/19 07:32:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll
[2017/07/19 07:32:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll
[2017/07/19 07:32:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icmp.dll
[2017/07/19 07:32:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icmp.dll
[2017/07/19 07:32:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll
[2017/07/19 07:32:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2017/07/19 07:32:13 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2017/07/19 07:32:12 | 002,651,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2017/07/19 07:32:12 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2017/07/19 07:32:12 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsecedit.dll
[2017/07/19 07:32:12 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsecedit.dll
[2017/07/19 07:32:07 | 001,901,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2017/07/19 07:32:07 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2017/07/19 07:32:06 | 001,394,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2017/07/19 07:32:06 | 001,358,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2017/07/19 07:32:06 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2017/07/19 07:32:05 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2017/07/19 07:32:04 | 002,566,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2017/07/19 07:32:04 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2017/07/19 07:32:04 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2017/07/19 07:32:03 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2017/07/19 07:32:02 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2017/07/19 07:32:00 | 000,192,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2017/07/19 07:32:00 | 000,155,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2017/07/19 07:32:00 | 000,048,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
[2017/07/19 07:31:59 | 001,001,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2017/07/19 07:31:59 | 000,953,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2017/07/19 07:31:58 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2017/07/19 07:31:58 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2017/07/19 07:31:58 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2017/07/19 07:31:57 | 001,393,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMALFXGFXDSP.dll
[2017/07/19 07:31:57 | 001,307,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2017/07/19 07:31:57 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2017/07/19 07:31:57 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2017/07/19 07:31:57 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2017/07/19 07:31:57 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2017/07/19 07:31:57 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2017/07/19 07:31:57 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2017/07/19 07:31:57 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2017/07/19 07:31:57 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2017/07/19 07:31:57 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2017/07/19 07:31:56 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2017/07/19 07:31:56 | 000,606,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2017/07/19 07:31:56 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2017/07/19 07:31:56 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2017/07/19 07:31:56 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2017/07/19 07:31:56 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2017/07/19 07:31:56 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2017/07/19 07:31:56 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2017/07/19 07:31:56 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2017/07/19 07:31:55 | 001,955,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2017/07/19 07:31:55 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2017/07/19 07:31:55 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2017/07/19 07:31:55 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2017/07/19 07:31:55 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2017/07/19 07:31:55 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2017/07/19 07:31:55 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2017/07/19 07:31:55 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2017/07/19 07:31:55 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2017/07/19 07:31:54 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2017/07/19 07:31:54 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2017/07/19 07:31:54 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2017/07/19 07:31:54 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2017/07/19 07:31:54 | 001,153,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2017/07/19 07:31:54 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2017/07/19 07:31:54 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2017/07/19 07:31:54 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2017/07/19 07:31:53 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2017/07/19 07:31:52 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2017/07/19 07:31:51 | 000,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2017/07/19 07:31:48 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2017/07/19 07:31:48 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2017/07/19 07:31:46 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2017/07/19 07:31:46 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2017/07/19 07:31:46 | 001,632,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2017/07/19 07:31:46 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2017/07/19 07:31:46 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2017/07/19 07:31:45 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2017/07/19 07:31:41 | 001,734,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2017/07/19 07:31:41 | 001,241,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2017/07/19 07:31:40 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2017/07/19 07:31:39 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2017/07/19 07:31:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2017/07/19 07:31:39 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2017/07/19 07:31:39 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2017/07/19 07:31:39 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2017/07/19 07:31:38 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2017/07/19 07:31:38 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2017/07/19 07:31:38 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2017/07/19 07:31:37 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2017/07/19 07:31:36 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2017/07/19 07:31:36 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2017/07/19 07:31:36 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2017/07/19 07:31:34 | 004,834,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsrchvw.exe
[2017/07/19 07:31:34 | 003,404,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsrchvw.exe
[2017/07/19 07:31:34 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2017/07/19 07:31:33 | 003,230,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2017/07/19 07:31:33 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2017/07/19 07:31:33 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2017/07/19 07:31:33 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2017/07/19 07:31:33 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2017/07/19 07:31:33 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2017/07/19 07:31:33 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2017/07/19 07:31:33 | 001,039,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2017/07/19 07:31:33 | 001,030,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2017/07/19 07:31:33 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2017/07/19 07:31:33 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2017/07/19 07:31:32 | 003,223,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2017/07/19 07:31:30 | 003,724,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2017/07/19 07:31:30 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2017/07/19 07:31:30 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2017/07/19 07:31:29 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2017/07/19 07:31:29 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2017/07/19 07:31:29 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psr.exe
[2017/07/19 07:31:29 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psr.exe
[2017/07/19 07:31:29 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2017/07/19 07:28:41 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2017/07/19 07:28:41 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2017/07/19 07:19:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2017/07/19 06:58:23 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lzhfldr2.dll
[2017/07/19 06:58:23 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lzhfldr2.dll
[2017/07/19 06:52:31 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2017/07/19 06:52:31 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2017/07/19 06:52:31 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2017/07/19 06:52:31 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2017/07/19 06:52:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2017/07/19 06:52:31 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2017/07/19 06:52:31 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2017/07/19 06:52:31 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2017/07/19 06:52:31 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2017/07/19 06:52:31 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2017/07/19 06:52:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2017/07/19 06:52:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2017/07/19 06:52:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2017/07/19 06:52:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2017/07/19 06:52:30 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2017/07/19 06:52:30 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2017/07/19 06:52:30 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2017/07/19 06:52:30 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2017/07/19 06:52:30 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2017/07/19 06:52:30 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2017/07/19 06:52:30 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2017/07/19 06:52:30 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2017/07/19 06:52:30 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2017/07/19 06:52:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2017/07/19 06:52:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2017/07/19 06:52:29 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2017/07/19 06:52:29 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2017/07/19 06:52:29 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2017/07/19 06:52:29 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2017/07/19 06:52:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2017/07/19 06:52:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2017/07/19 06:52:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2017/07/19 06:52:28 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2017/07/19 06:52:28 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2017/07/19 06:52:28 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2017/07/19 06:52:28 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2017/07/19 06:52:28 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2017/07/19 06:52:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2017/07/19 06:52:28 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2017/07/19 06:52:28 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2017/07/19 06:52:28 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2017/07/19 06:52:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2017/07/19 06:52:27 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2017/07/19 06:52:27 | 000,527,872 | ---- | C]

続き
[2017/07/19 06:52:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2017/07/19 06:52:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2017/07/19 06:52:27 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2017/07/19 06:52:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
[2017/07/19 06:52:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2017/07/19 06:52:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2017/07/19 06:52:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2017/07/19 06:52:26 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2017/07/19 06:52:26 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2017/07/19 06:52:26 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2017/07/19 06:52:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2017/07/19 06:52:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2017/07/19 06:52:25 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2017/07/19 06:52:25 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2017/07/19 06:52:25 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2017/07/19 06:52:25 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2017/07/19 06:52:25 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2017/07/19 06:52:25 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2017/07/19 06:52:25 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2017/07/19 06:52:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2017/07/19 06:52:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2017/07/19 06:52:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2017/07/19 06:52:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2017/07/19 06:52:24 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2017/07/19 06:52:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2017/07/19 06:52:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2017/07/19 06:52:23 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2017/07/19 06:52:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2017/07/19 06:52:22 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2017/07/19 06:52:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2017/07/19 06:52:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2017/07/19 06:52:21 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2017/07/19 06:52:21 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2017/07/19 06:52:21 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2017/07/19 06:52:21 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2017/07/19 06:52:21 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2017/07/19 06:52:21 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2017/07/19 06:52:21 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2017/07/19 06:52:21 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2017/07/19 06:52:21 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2017/07/19 06:52:21 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2017/07/19 06:52:21 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2017/07/19 06:52:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2017/07/19 06:52:21 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2017/07/19 06:52:21 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2017/07/19 06:52:21 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2017/07/19 06:52:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2017/07/19 06:52:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2017/07/19 06:52:20 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2017/07/19 06:52:20 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2017/07/19 06:52:20 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2017/07/19 06:52:20 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2017/07/19 06:52:20 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2017/07/19 06:52:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2017/07/19 06:52:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2017/07/19 06:52:19 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2017/07/19 06:52:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2017/07/19 06:52:19 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2017/07/19 06:52:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2017/07/19 06:52:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2017/07/19 06:52:18 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2017/07/19 06:52:17 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2017/07/19 06:52:17 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2017/07/19 06:52:17 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2017/07/19 06:52:17 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2017/07/19 06:52:17 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2017/07/19 06:52:17 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2017/07/19 06:52:17 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2017/07/19 06:52:17 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2017/07/19 06:52:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2017/07/19 06:52:17 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2017/07/19 06:52:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2017/07/19 06:52:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2017/07/19 06:52:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2017/07/19 06:52:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2017/07/19 06:52:17 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2017/07/19 06:52:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2017/07/19 06:52:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2017/07/19 06:52:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2017/07/19 06:52:17 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2017/07/19 06:52:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2017/07/19 06:52:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2017/07/19 06:52:16 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2017/07/19 06:52:16 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2017/07/19 06:52:16 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2017/07/19 06:52:16 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2017/07/19 06:52:16 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2017/07/19 06:52:15 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2017/07/19 06:52:15 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2017/07/19 06:52:15 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2017/07/19 06:52:15 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2017/07/19 06:52:15 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2017/07/19 06:52:15 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2017/07/19 06:52:15 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2017/07/19 06:52:15 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2017/07/19 06:52:15 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2017/07/19 06:52:15 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2017/07/19 06:52:15 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2017/07/19 06:52:15 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2017/07/19 06:52:15 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2017/07/19 06:52:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2017/07/19 06:52:15 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2017/07/19 06:52:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2017/07/19 06:52:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2017/07/19 06:52:15 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2017/07/19 06:52:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2017/07/19 06:52:15 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2017/07/19 06:52:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2017/07/19 06:52:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2017/07/19 06:52:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2017/07/19 06:52:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2017/07/19 06:52:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2017/07/19 06:52:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2017/07/19 06:52:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2017/07/19 06:52:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2017/07/19 06:52:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2017/07/19 06:52:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2017/07/19 06:52:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2017/07/19 06:52:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2017/07/19 06:52:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2017/07/19 06:52:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2017/07/19 06:52:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2017/07/19 06:52:14 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2017/07/19 06:52:14 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2017/07/19 06:52:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2017/07/19 06:52:14 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2017/07/19 06:52:14 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2017/07/19 06:52:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2017/07/19 06:52:13 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2017/07/19 06:52:13 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2017/07/19 06:52:13 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2017/07/19 06:52:13 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2017/07/19 06:52:13 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2017/07/19 06:52:13 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2017/07/19 06:52:13 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2017/07/19 06:52:13 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2017/07/19 06:52:13 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2017/07/19 06:52:13 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2017/07/19 06:52:13 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2017/07/19 06:52:13 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2017/07/19 06:52:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2017/07/19 06:52:13 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2017/07/19 06:52:13 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2017/07/19 06:52:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2017/07/19 06:52:13 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2017/07/19 06:52:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2017/07/19 06:52:13 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2017/07/19 06:52:13 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2017/07/19 06:52:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2017/07/19 06:52:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2017/07/19 06:52:13 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2017/07/19 06:52:13 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2017/07/19 06:52:13 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2017/07/19 06:52:13 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2017/07/19 06:52:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2017/07/19 06:52:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2017/07/19 06:52:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2017/07/19 06:52:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2017/07/19 06:52:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2017/07/19 06:52:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2017/07/19 06:52:12 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2017/07/19 06:52:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2017/07/19 06:52:11 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2017/07/19 06:52:11 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2017/07/19 06:52:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2017/07/19 06:52:11 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2017/07/19 06:52:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2017/07/19 06:52:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2017/07/19 06:52:10 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2017/07/19 06:52:06 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2017/07/19 06:52:06 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2017/07/19 06:52:06 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2017/07/19 06:52:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2017/07/19 06:52:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2017/07/19 06:52:06 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2017/07/19 06:52:05 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2017/07/19 06:52:05 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2017/07/19 06:52:05 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2017/07/19 06:52:05 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2017/07/19 06:52:05 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2017/07/19 06:52:05 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2017/07/19 06:52:05 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2017/07/19 06:52:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2017/07/19 06:52:05 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2017/07/19 06:52:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2017/07/19 06:52:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
[2017/07/19 06:52:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2017/07/19 06:52:04 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2017/07/19 06:52:04 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2017/07/19 06:52:04 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2017/07/19 06:52:04 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2017/07/19 06:52:04 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2017/07/19 06:52:04 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2017/07/19 06:52:04 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2017/07/19 06:52:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2017/07/19 06:52:04 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2017/07/19 06:52:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2017/07/19 06:52:04 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2017/07/19 06:52:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2017/07/19 06:52:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2017/07/19 06:52:02 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2017/07/19 06:52:02 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2017/07/19 06:52:02 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2017/07/19 06:52:02 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2017/07/19 06:52:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2017/07/19 06:52:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2017/07/19 06:52:02 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2017/07/19 06:52:02 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2017/07/19 06:52:02 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2017/07/19 06:52:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2017/07/19 06:52:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2017/07/19 06:52:02 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2017/07/19 06:52:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2017/07/19 06:52:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2017/07/19 06:52:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2017/07/19 06:52:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2017/07/19 06:52:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2017/07/19 06:52:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2017/07/19 06:52:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2017/07/19 06:52:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2017/07/19 06:52:01 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2017/07/19 06:52:01 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2017/07/19 06:52:01 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2017/07/19 06:52:01 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2017/07/19 06:52:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2017/07/19 06:52:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2017/07/19 06:52:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2017/07/19 06:52:00 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2017/07/19 06:52:00 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2017/07/19 06:52:00 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2017/07/19 06:52:00 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2017/07/19 06:52:00 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2017/07/19 06:52:00 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2017/07/19 06:52:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2017/07/19 06:52:00 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2017/07/19 06:52:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2017/07/19 06:51:59 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2017/07/19 06:51:59 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2017/07/19 06:51:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2017/07/19 06:51:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2017/07/19 06:51:59 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2017/07/19 06:51:59 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2017/07/19 06:51:58 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2017/07/19 06:51:58 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2017/07/19 06:51:58 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2017/07/19 06:51:58 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2017/07/19 06:51:58 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2017/07/19 06:51:58 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2017/07/19 06:51:58 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2017/07/19 06:51:58 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2017/07/19 06:51:58 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2017/07/19 06:51:58 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2017/07/19 06:51:58 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2017/07/19 06:51:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2017/07/19 06:51:58 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2017/07/19 06:51:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2017/07/19 06:51:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2017/07/19 06:51:57 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2017/07/19 06:51:57 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2017/07/19 06:51:57 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2017/07/19 06:51:57 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2017/07/19 06:51:57 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2017/07/19 06:51:57 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2017/07/19 06:51:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2017/07/19 06:51:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2017/07/19 06:51:57 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2017/07/19 06:51:56 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2017/07/19 06:51:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2017/07/19 06:51:55 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2017/07/19 06:51:55 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2017/07/19 06:51:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2017/07/19 06:51:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2017/07/19 06:51:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2017/07/19 06:51:54 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2017/07/19 06:51:54 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2017/07/19 06:51:54 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2017/07/19 06:51:54 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2017/07/19 06:51:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2017/07/19 06:51:54 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2017/07/19 06:51:54 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2017/07/19 06:51:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2017/07/19 06:51:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2017/07/19 06:51:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2017/07/19 06:51:53 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2017/07/19 06:51:52 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2017/07/19 06:51:52 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2017/07/19 06:51:52 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2017/07/19 06:51:52 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2017/07/19 06:51:52 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2017/07/19 06:51:52 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2017/07/19 06:51:52 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2017/07/19 06:51:52 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2017/07/19 06:51:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2017/07/19 06:51:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2017/07/19 06:51:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2017/07/19 06:51:52 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2017/07/19 06:51:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2017/07/19 06:51:52 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2017/07/19 06:51:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2017/07/19 06:51:52 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2017/07/19 06:51:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2017/07/19 06:51:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2017/07/19 06:51:52 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2017/07/19 06:51:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2017/07/19 06:51:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2017/07/19 06:51:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2017/07/19 06:51:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2017/07/19 06:51:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2017/07/19 06:51:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2017/07/19 06:51:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2017/07/19 06:51:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2017/07/19 06:51:50 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2017/07/19 06:51:50 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2017/07/19 06:51:50 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2017/07/19 06:51:50 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2017/07/19 06:51:50 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2017/07/19 06:51:50 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2017/07/19 06:51:50 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2017/07/19 06:51:50 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2017/07/19 06:51:50 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2017/07/19 06:51:50 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2017/07/19 06:51:50 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2017/07/19 06:51:50 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2017/07/19 06:51:50 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2017/07/19 06:51:50 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2017/07/19 06:51:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2017/07/19 06:51:50 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2017/07/19 06:51:50 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2017/07/19 06:51:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2017/07/19 06:51:50 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2017/07/19 06:51:50 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2017/07/19 06:51:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2017/07/19 06:51:50 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2017/07/19 06:51:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2017/07/19 06:51:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2017/07/19 06:51:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2017/07/19 06:51:49 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2017/07/19 06:51:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2017/07/19 06:51:49 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2017/07/19 06:51:49 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2017/07/19 06:51:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2017/07/19 06:51:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2017/07/19 06:51:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2017/07/19 06:51:46 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2017/07/19 06:51:46 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2017/07/19 06:51:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2017/07/19 06:51:45 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2017/07/19 06:51:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2017/07/19 06:51:44 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2017/07/19 06:51:44 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2017/07/19 06:51:44 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2017/07/19 06:51:44 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2017/07/19 06:51:43 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2017/07/19 06:51:43 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2017/07/19 06:51:43 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2017/07/19 06:51:42 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2017/07/19 06:51:42 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2017/07/19 06:51:42 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2017/07/19 06:51:42 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2017/07/19 06:51:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2017/07/19 06:51:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2017/07/19 06:51:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2017/07/19 06:51:41 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2017/07/19 06:51:41 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2017/07/19 06:51:41 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2017/07/19 06:51:41 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2017/07/19 06:51:41 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2017/07/19 06:51:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2017/07/19 06:51:40 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2017/07/19 06:51:40 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2017/07/19 06:51:40 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2017/07/19 06:51:40 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2017/07/19 06:51:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2017/07/19 06:51:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2017/07/19 06:51:40 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2017/07/19 06:51:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2017/07/19 06:51:40 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2017/07/19 06:51:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2017/07/19 06:51:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2017/07/19 06:51:39 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2017/07/19 06:51:38 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2017/07/19 06:51:38 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2017/07/19 06:51:38 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2017/07/19 06:51:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2017/07/19 06:51:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2017/07/19 06:51:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2017/07/19 06:51:37 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2017/07/19 06:51:37 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2017/07/19 06:51:37 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2017/07/19 06:51:35 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2017/07/19 06:51:35 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2017/07/19 06:51:35 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2017/07/19 06:51:35 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2017/07/19 06:51:35 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2017/07/19 06:51:35 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2017/07/19 06:51:35 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2017/07/19 06:51:35 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2017/07/19 06:51:35 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2017/07/19 06:51:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2017/07/19 06:51:35 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2017/07/19 06:51:35 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2017/07/19 06:51:35 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2017/07/19 06:51:35 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2017/07/19 06:51:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2017/07/19 06:51:35 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2017/07/19 06:51:35 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2017/07/19 06:51:35 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2017/07/19 06:51:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2017/07/19 06:51:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2017/07/19 06:51:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2017/07/19 06:51:34 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2017/07/19 06:51:34 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2017/07/19 06:51:34 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2017/07/19 06:51:34 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2017/07/19 06:51:34 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2017/07/19 06:51:34 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2017/07/19 06:51:33 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2017/07/19 06:51:33 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2017/07/19 06:51:33 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2017/07/19 06:51:33 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2017/07/19 06:51:33 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2017/07/19 06:51:33 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2017/07/19 06:51:33 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2017/07/19 06:51:33 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2017/07/19 06:51:33 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2017/07/19 06:51:33 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2017/07/19 06:51:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2017/07/19 06:51:33 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2017/07/19 06:51:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2017/07/19 06:51:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2017/07/19 06:51:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2017/07/19 06:51:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2017/07/19 06:51:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2017/07/19 06:51:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2017/07/19 06:51:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2017/07/19 06:51:32 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2017/07/19 06:51:32 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2017/07/19 06:51:32 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2017/07/19 06:51:32 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2017/07/19 06:51:32 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2017/07/19 06:51:32 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2017/07/19 06:51:32 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2017/07/19 06:51:32 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2017/07/19 06:51:32 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2017/07/19 06:51:32 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2017/07/19 06:51:32 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2017/07/19 06:51:32 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2017/07/19 06:51:32 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2017/07/19 06:51:32 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2017/07/19 06:51:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2017/07/19 06:51:32 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2017/07/19 06:51:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2017/07/19 06:51:32 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2017/07/19 06:51:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2017/07/19 06:51:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2017/07/19 06:51:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2017/07/19 06:51:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2017/07/19 06:51:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2017/07/19 06:51:31 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2017/07/19 06:51:31 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2017/07/19 06:51:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2017/07/19 06:51:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2017/07/19 06:51:29 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2017/07/19 06:51:29 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2017/07/19 06:51:29 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2017/07/19 06:51:29 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2017/07/19 06:51:29 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2017/07/19 06:51:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2017/07/19 06:48:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2017/07/19 06:43:16 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Logitech
[2017/07/19 06:43:04 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2017/07/19 06:41:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2017/07/19 06:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\SetPointG
[2017/07/19 06:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2017/07/19 06:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\SetPointP
[2017/07/19 06:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2017/07/19 06:40:07 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Logishrd
[2017/07/19 06:31:39 | 000,150,720 | ---- | C] (Tracker Software Products (Canada) Ltd.) -- C:\Windows\SysNative\pxcpm5L.dll
[2017/07/19 06:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
[2017/07/19 06:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2017/07/19 06:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2017/07/19 06:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2017/07/19 06:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lhaplus
[2017/07/19 06:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lhaplus
[2017/07/19 06:30:19 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Programs
[2017/07/19 06:29:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/07/19 06:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017/07/19 06:17:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SDA
[2017/07/19 06:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro
[2017/07/19 06:15:44 | 001,178,216 | ---- | C] (O2Micro) -- C:\Windows\SysWow64\O2Icon_2.dll
[2017/07/19 06:15:44 | 001,178,216 | ---- | C] (O2Micro) -- C:\Windows\SysNative\O2Icon_2.dll
[2017/07/19 06:15:44 | 001,145,448 | ---- | C] (O2Micro) -- C:\Windows\SysWow64\O2Icon.dll
[2017/07/19 06:15:44 | 001,145,448 | ---- | C] (O2Micro) -- C:\Windows\SysNative\O2Icon.dll
[2017/07/19 06:15:44 | 000,077,032 | ---- | C] (O2Micro ) -- C:\Windows\SysNative\drivers\o2mdgx64.sys
[2017/07/19 06:15:44 | 000,055,144 | ---- | C] (O2Micro ) -- C:\Windows\SysNative\drivers\o2sdgx64.sys
[2017/07/19 05:31:05 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Adobe
[2017/07/19 05:29:52 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Geek Uninstaller
[2017/07/19 05:26:05 | 000,000,000 | ---D | C] -- D:\ユーザー名\ドキュメント\ウイルス除去顛末
[2017/07/19 05:26:02 | 000,000,000 | ---D | C] -- D:\ユーザー名\ドキュメント\JobMoney
[2017/07/19 05:18:23 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- D:\ユーザー名\デスクトップ\HijackThis.exe
[2017/07/19 05:09:19 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\OsusumeGadget
[2017/07/19 05:09:16 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\VirtualStore
[2017/07/19 04:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JustSystems
[2017/07/19 04:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\FlyFolder
[2017/07/19 04:58:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BackupNx
[2017/07/19 04:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVDm
[2017/07/19 04:57:28 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Downloaded Installations
[2017/07/19 04:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2017/07/19 04:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2017/07/19 04:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2017/07/19 04:56:55 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2017/07/19 04:56:55 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2017/07/19 04:56:55 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2017/07/19 04:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2017/07/19 04:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2017/07/19 04:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2017/07/19 04:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2017/07/19 04:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2017/07/19 04:56:29 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Roxio Log Files
[2017/07/19 04:48:47 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\SoftNavi
[2017/07/19 04:48:33 | 000,000,000 | R--D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2017/07/19 04:48:33 | 000,000,000 | R--D | C] -- C:\Users\KY\Searches
[2017/07/19 04:48:33 | 000,000,000 | R--D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017/07/19 04:48:33 | 000,000,000 | -H-D | C] -- C:\Users\KY\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/07/19 04:48:25 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Identities
[2017/07/19 04:48:23 | 000,000,000 | R--D | C] -- C:\Users\KY\Contacts
[2017/07/19 04:48:04 | 000,000,000 | --SD | C] -- C:\Users\KY\AppData\Roaming\Microsoft
[2017/07/19 04:48:04 | 000,000,000 | R--D | C] -- C:\Users\KY\Saved Games
[2017/07/19 04:48:04 | 000,000,000 | R--D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/07/19 04:48:04 | 000,000,000 | R--D | C] -- C:\Users\KY\Links
[2017/07/19 04:48:04 | 000,000,000 | R--D | C] -- C:\Users\KY\Favorites
[2017/07/19 04:48:04 | 000,000,000 | R--D | C] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\スタート メニュー
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\AppData\Local\Temporary Internet Files
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\Templates
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\SendTo
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\Recent
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\PrintHood
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\NetHood
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\My Documents
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\Local Settings
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\AppData\Local\History
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\Cookies
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\Application Data
[2017/07/19 04:48:04 | 000,000,000 | -HSD | C] -- C:\Users\KY\AppData\Local\Application Data
[2017/07/19 04:48:04 | 000,000,000 | -H-D | C] -- C:\Users\KY\AppData
[2017/07/19 04:48:04 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Temp
[2017/07/19 04:48:04 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Local\Microsoft
[2017/07/19 04:48:04 | 000,000,000 | ---D | C] -- C:\Users\KY\AppData\Roaming\Media Center Programs
[2017/07/19 04:47:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\デスクトップ
[2017/07/19 04:47:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\スタート メニュー
[2017/07/19 04:47:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2017/07/05 17:29:04 | 000,051,808 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2017/07/05 17:28:52 | 000,732,944 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2017/07/05 17:28:46 | 000,942,280 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2017/07/05 17:26:22 | 000,457,408 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2017/07/05 17:24:28 | 000,363,712 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2017/07/04 02:07:52 | 007,137,216 | ---- | C] (Geek Unіnstaller) -- D:\ユーザー名\デスクトップ\geek.exe
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/07/21 10:56:31 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2017/07/21 08:56:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\ユーザー名\デスクトップ\OTL.exe
[2017/07/21 08:35:22 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/07/21 08:35:22 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/07/21 08:32:34 | 001,310,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/07/21 08:32:34 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/07/21 08:32:34 | 000,410,672 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2017/07/21 08:32:34 | 000,121,686 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2017/07/21 08:32:34 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/07/21 08:26:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/07/21 08:26:36 | 3061,235,712 | -HS- | M] () -- C:\hiberfil.sys
[2017/07/20 20:14:28 | 000,004,096 | -HS- | M] () -- C:\{F0C7D3A3-5B0D-455F-AE3F-98FE1DC8DB79}.CBM
[2017/07/20 20:12:25 | 000,382,464 | -HS- | M] () -- C:\EUMONBMP.SYS
[2017/07/20 20:07:45 | 001,290,842 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/07/20 16:14:37 | 000,106,825 | ---- | M] () -- D:\ユーザー名\ドキュメント\bookmarks_2017_07_20.html
[2017/07/20 12:47:19 | 008,162,248 | ---- | M] (Malwarebytes) -- D:\ユーザー名\デスクトップ\adwcleaner_7.0.0.0.exe
[2017/07/20 12:26:56 | 000,028,576 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2017/07/20 07:15:31 | 000,015,736 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2017/07/19 23:17:01 | 000,327,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/07/19 22:09:45 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2017/07/19 22:09:40 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2017/07/19 22:09:40 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2017/07/19 22:09:40 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2017/07/19 22:09:38 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2017/07/19 22:09:38 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2017/07/19 22:09:37 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2017/07/19 22:09:37 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2017/07/19 22:09:37 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2017/07/19 22:09:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2017/07/19 22:09:37 | 000,016,303 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2017/07/19 22:09:36 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2017/07/19 22:09:35 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2017/07/19 22:09:35 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2017/07/19 22:09:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2017/07/19 22:09:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2017/07/19 22:09:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2017/07/19 22:09:34 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2017/07/19 22:09:32 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2017/07/19 22:09:32 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2017/07/19 22:09:32 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2017/07/19 22:09:32 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2017/07/19 22:09:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2017/07/19 22:09:32 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2017/07/19 22:09:32 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2017/07/19 22:09:32 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2017/07/19 22:09:32 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2017/07/19 22:09:32 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2017/07/19 22:09:32 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2017/07/19 22:09:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2017/07/19 22:09:32 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2017/07/19 22:09:32 | 000,016,303 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2017/07/19 22:09:32 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2017/07/19 22:09:31 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2017/07/19 22:09:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2017/07/19 22:09:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2017/07/19 22:09:31 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2017/07/19 22:08:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

[2017/07/19 22:08:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2017/07/19 22:08:00 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2017/07/19 22:08:00 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2017/07/19 22:08:00 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2017/07/19 22:08:00 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2017/07/19 22:08:00 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2017/07/19 22:08:00 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2017/07/19 22:08:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2017/07/19 22:08:00 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2017/07/19 22:08:00 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2017/07/19 22:07:59 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2017/07/19 22:07:59 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2017/07/19 22:07:59 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2017/07/19 22:07:59 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2017/07/19 22:07:59 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2017/07/19 22:07:59 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2017/07/19 22:06:11 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2017/07/19 22:06:11 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2017/07/19 08:15:29 | 000,001,386 | ---- | M] () -- C:\Users\KY\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2017/07/19 07:47:33 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2017/07/19 07:47:33 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2017/07/19 06:43:04 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2017/07/19 06:34:07 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2017/07/19 06:15:44 | 001,178,216 | ---- | M] (O2Micro) -- C:\Windows\SysWow64\O2Icon_2.dll
[2017/07/19 06:15:44 | 001,178,216 | ---- | M] (O2Micro) -- C:\Windows\SysNative\O2Icon_2.dll
[2017/07/19 06:15:44 | 001,145,448 | ---- | M] (O2Micro) -- C:\Windows\SysWow64\O2Icon.dll
[2017/07/19 06:15:44 | 001,145,448 | ---- | M] (O2Micro) -- C:\Windows\SysNative\O2Icon.dll
[2017/07/19 06:15:44 | 000,077,032 | ---- | M] (O2Micro ) -- C:\Windows\SysNative\drivers\o2mdgx64.sys
[2017/07/19 06:15:44 | 000,055,144 | ---- | M] (O2Micro ) -- C:\Windows\SysNative\drivers\o2sdgx64.sys
[2017/07/19 06:15:17 | 000,540,696 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2017/07/19 06:15:03 | 000,289,280 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2017/07/19 06:15:03 | 000,158,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys
[2017/07/19 06:15:03 | 000,014,848 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2017/07/19 06:15:02 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2202.dll
[2017/07/19 06:15:02 | 000,005,396 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2017/07/19 06:14:59 | 000,870,560 | ---- | M] () -- C:\Windows\SysWow64\igkrng575.bin
[2017/07/19 06:14:59 | 000,870,560 | ---- | M] () -- C:\Windows\SysNative\igkrng575.bin
[2017/07/19 06:14:59 | 000,508,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2017/07/19 06:14:59 | 000,380,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2017/07/19 06:14:59 | 000,161,304 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2017/07/19 06:14:59 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2017/07/19 06:14:59 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2017/07/19 06:14:59 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2017/07/19 06:14:59 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2017/07/19 06:14:59 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2017/07/19 06:14:59 | 000,061,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2017/07/19 06:14:58 | 000,830,464 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2017/07/19 06:14:58 | 000,243,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2017/07/19 06:14:58 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2017/07/19 06:14:58 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2017/07/19 06:14:58 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2017/07/19 06:14:58 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2017/07/19 06:14:58 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2017/07/19 06:14:58 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2017/07/19 06:14:58 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2017/07/19 06:14:58 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2017/07/19 06:14:58 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2017/07/19 06:14:58 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2017/07/19 06:14:58 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2017/07/19 06:14:58 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2017/07/19 06:14:57 | 006,547,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2017/07/19 06:14:57 | 000,571,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2017/07/19 06:14:57 | 000,415,256 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2017/07/19 06:14:57 | 000,271,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2017/07/19 06:14:57 | 000,228,864 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2017/07/19 06:14:57 | 000,223,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2017/07/19 06:14:57 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2017/07/19 06:14:57 | 000,122,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2017/07/19 06:14:57 | 000,104,796 | ---- | M] () -- C:\Windows\SysWow64\igfcg575m.bin
[2017/07/19 06:14:57 | 000,104,796 | ---- | M] () -- C:\Windows\SysNative\igfcg575m.bin
[2017/07/19 06:14:57 | 000,027,648 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2017/07/19 06:14:57 | 000,023,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2017/07/19 06:14:57 | 000,004,096 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2017/07/19 06:14:56 | 004,967,424 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2017/07/19 06:14:53 | 010,611,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2017/07/19 06:14:53 | 004,720,128 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2017/07/19 06:14:53 | 004,411,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2017/07/19 06:14:51 | 015,032,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2017/07/19 06:14:51 | 000,127,868 | ---- | M] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2017/07/19 06:14:51 | 000,127,868 | ---- | M] () -- C:\Windows\SysNative\igcompkrng575.bin
[2017/07/19 06:14:49 | 011,040,256 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2017/07/19 06:14:47 | 003,156,504 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2017/07/19 06:14:47 | 000,386,584 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2017/07/19 06:14:47 | 000,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2017/07/19 06:14:43 | 000,189,408 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2017/07/19 06:14:43 | 000,165,251 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2017/07/19 06:14:43 | 000,121,121 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2017/07/19 06:14:43 | 000,119,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2017/07/19 06:14:43 | 000,119,286 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2017/07/19 06:14:43 | 000,118,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2017/07/19 06:14:43 | 000,117,984 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2017/07/19 06:14:43 | 000,114,308 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2017/07/19 06:14:43 | 000,103,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2017/07/19 06:14:43 | 000,102,843 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2017/07/19 06:14:41 | 000,136,327 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2017/07/19 06:14:41 | 000,125,477 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2017/07/19 06:14:41 | 000,123,164 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2017/07/19 06:14:41 | 000,120,287 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2017/07/19 06:14:41 | 000,119,533 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2017/07/19 06:14:41 | 000,119,513 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2017/07/19 06:14:41 | 000,118,317 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2017/07/19 06:14:41 | 000,114,779 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2017/07/19 06:14:40 | 000,178,288 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2017/07/19 06:14:40 | 000,133,680 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2017/07/19 06:14:40 | 000,122,858 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2017/07/19 06:14:40 | 000,122,638 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2017/07/19 06:14:40 | 000,120,695 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2017/07/19 06:14:40 | 000,118,684 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2017/07/19 06:14:40 | 000,118,631 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2017/07/19 06:14:40 | 000,114,179 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2017/07/19 06:14:40 | 000,110,156 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2017/07/19 06:14:39 | 000,152,600 | ---- | M] () -- C:\Windows\SysNative\difx64.exe
[2017/07/19 06:14:39 | 000,139,830 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2017/07/19 06:14:26 | 001,601,024 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2017/07/19 06:14:02 | 000,256,120 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\drivers\Apfiltr.sys
[2017/07/19 05:29:11 | 007,137,216 | ---- | M] (Geek Unіnstaller) -- D:\ユーザー名\デスクトップ\geek.exe
[2017/07/19 04:49:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2017/07/19 04:49:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2017/07/19 04:49:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2017/07/19 04:47:24 | 000,156,936 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2017/07/19 04:47:24 | 000,156,936 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2017/07/11 08:44:37 | 000,051,808 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2017/07/11 08:44:25 | 000,732,944 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2017/07/11 08:44:19 | 000,942,280 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2017/07/11 08:41:54 | 000,457,408 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2017/07/11 08:40:00 | 000,363,712 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2017/07/07 09:33:26 | 000,189,524 | ---- | M] () -- D:\ユーザー名\ドキュメント\Chrome bookmarks_2017_07_07.html
[2017/07/05 04:30:09 | 000,256,040 | ---- | M] (COMODO) -- C:\Windows\SysNative\iseguard64.dll
[2017/07/05 04:29:59 | 000,205,536 | ---- | M] (COMODO) -- C:\Windows\SysWow64\iseguard32.dll
[2017/07/05 04:29:44 | 000,050,856 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\isedrv.sys
[2017/07/02 16:16:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- D:\ユーザー名\デスクトップ\HijackThis.exe
[2017/06/29 23:57:24 | 002,319,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2017/06/29 23:57:21 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2017/06/29 23:57:17 | 002,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2017/06/29 23:57:17 | 000,778,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2017/06/29 23:57:17 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2017/06/29 23:57:17 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2017/06/29 23:57:17 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2017/06/29 23:57:17 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2017/06/29 23:57:17 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2017/06/29 23:57:17 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2017/06/29 23:40:18 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2017/06/29 23:39:38 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2017/06/29 23:39:01 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2017/06/29 23:38:54 | 001,400,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2017/06/29 23:38:54 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2017/06/29 23:38:54 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2017/06/29 23:38:54 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2017/06/29 23:38:54 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2017/06/29 23:26:20 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2017/06/29 03:36:22 | 000,150,720 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Windows\SysNative\pxcpm5L.dll
[2017/06/29 03:18:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017/06/29 03:04:12 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/06/29 03:03:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017/06/29 03:03:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017/06/29 03:02:52 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017/06/29 03:02:46 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/06/29 02:54:43 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/06/29 02:51:23 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017/06/29 02:50:26 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017/06/29 02:50:26 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017/06/29 02:50:10 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/06/29 02:50:02 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/06/29 02:44:36 | 005,975,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/06/29 02:43:07 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017/06/29 02:39:27 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017/06/29 02:31:50 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017/06/29 02:31:23 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017/06/29 02:30:17 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017/06/29 02:27:10 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017/06/29 02:26:28 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/06/29 02:23:59 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/06/29 02:23:40 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/06/29 02:23:03 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017/06/29 02:22:54 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017/06/29 02:22:34 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017/06/29 02:22:01 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017/06/29 02:16:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/06/29 02:14:38 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017/06/29 02:13:38 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/06/29 02:13:38 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017/06/29 02:13:19 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/06/29 02:09:52 | 000,725,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/06/29 02:09:45 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/06/29 02:08:32 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017/06/29 02:07:16 | 002,132,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/06/29 02:01:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/06/29 02:00:32 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017/06/29 02:00:07 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017/06/29 01:58:07 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017/06/29 01:56:53 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/06/29 01:54:53 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017/06/29 01:46:33 | 002,057,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/06/29 01:46:20 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017/06/29 01:29:55 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/06/29 01:23:23 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/07/20 16:14:36 | 000,106,825 | ---- | C] () -- D:\ユーザー名\ドキュメント\bookmarks_2017_07_20.html
[2017/07/20 14:58:16 | 001,290,842 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/07/20 07:15:31 | 000,015,736 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2017/07/20 04:03:00 | 000,004,096 | -HS- | C] () -- C:\{F0C7D3A3-5B0D-455F-AE3F-98FE1DC8DB79}.CBM
[2017/07/20 03:48:56 | 000,382,464 | -HS- | C] () -- C:\EUMONBMP.SYS
[2017/07/20 01:28:33 | 000,001,747 | ---- | C] () -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2017/07/20 01:19:40 | 000,002,052 | ---- | C] () -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2017/07/20 00:10:14 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2017/07/19 22:09:37 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2017/07/19 22:09:32 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2017/07/19 21:05:34 | 000,028,576 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2017/07/19 08:46:16 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2017/07/19 08:15:29 | 000,001,386 | ---- | C] () -- C:\Users\KY\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2017/07/19 08:15:23 | 000,053,240 | ---- | C] () -- C:\Windows\SysNative\drivers\EUBKMON.sys
[2017/07/19 07:34:42 | 000,069,632 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll
[2017/07/19 07:33:55 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2017/07/19 07:33:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2017/07/19 07:33:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2017/07/19 06:52:28 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2017/07/19 06:52:11 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2017/07/19 06:51:33 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2017/07/19 06:51:33 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2017/07/19 06:51:33 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2017/07/19 05:26:06 | 000,189,524 | ---- | C] () -- D:\ユーザー名\ドキュメント\Chrome bookmarks_2017_07_07.html
[2017/07/19 05:06:05 | 000,033,329 | ---- | C] () -- C:\Windows\bstlogo.png
[2017/07/19 04:58:33 | 000,001,342 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberSupport for NEC.lnk
[2017/07/19 04:57:22 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\PasoGuide.dll
[2017/07/19 04:49:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2017/07/19 04:49:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2017/07/19 04:49:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2017/07/19 04:48:34 | 000,001,362 | ---- | C] () -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2017/07/19 04:48:04 | 000,000,290 | ---- | C] () -- C:\Users\KY\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/07/19 04:48:04 | 000,000,272 | ---- | C] () -- C:\Users\KY\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/07/19 04:40:24 | 3061,235,712 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2017/05/10 12:29:53 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2017/05/10 12:12:47 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/19 16:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2017/07/19 22:53:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2017/07/20 10:23:04 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/07/20 10:05:36 | 000,000,000 | -H-D | M] -- C:\VTRoot
[2009/12/28 05:13:00 | 003,024,288 | -H-- | M] (富士ソフト株式会社) -- C:\APSETUP\FUDEGRM\FgwA.exe
[2009/12/28 05:13:00 | 003,044,768 | -H-- | M] (富士ソフト株式会社) -- C:\APSETUP\FUDEGRM\FgwW.exe
[2017/07/19 06:17:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/03/03 23:24:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2017/07/20 12:24:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2009/07/14 02:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2009/07/14 02:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2017/07/19 04:47:55 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2017/07/20 12:24:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2009/07/14 02:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2009/07/14 02:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 00:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2017/07/19 04:48:04 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData
[2017/07/19 06:49:55 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2017/07/19 04:48:35 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2017/07/20 11:01:00 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2017/07/19 04:48:40 | 000,000,000 | RH-D | M] -- C:\Users\KY\AppData\Local\Microsoft\Windows\Burn\Burn
[2017/07/19 04:48:40 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/07/19 22:17:11 | 000,000,000 | -H-D | M] -- C:\Users\KY\AppData\Roaming\Microsoft\Windows\DNTException\Low
[2017/07/20 09:11:15 | 000,000,000 | -H-D | M] -- C:\Users\KY\Google ドライブ\.tmp.drivedownload
[2017/07/20 02:36:21 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/13 23:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2009/07/14 01:54:24 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2017/07/19 05:09:32 | 000,000,000 | -H-D | M] -- C:\Users\Public\Recorded TV\TempRec
[2017/07/19 04:48:04 | 000,000,000 | -H-D | M] -- C:\VTRoot\HarddiskVolume2\Users\KY\AppData
[2010/03/03 23:34:07 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2017/07/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2009/07/14 01:45:47 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK5065GSX
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 2.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 186.00GB
Starting Offset: 2000683008
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 278.00GB
Starting Offset: 201999777792
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2016/03/25 15:54:58 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2016/11/09 13:33:26 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/13 22:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2016/03/25 16:02:28 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2016/03/25 15:55:07 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2017/06/12 19:11:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/13 22:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 22:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2016/03/25 15:55:09 | 000,135,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2017/04/12 12:32:10 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2017/04/12 12:25:04 | 000,145,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2017/04/17 12:37:31 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2016/03/25 15:57:09 | 000,318,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2016/03/25 15:26:48 | 000,256,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2016/03/25 15:57:36 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/13 22:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 22:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2016/03/25 15:58:27 | 000,358,912 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/12 14:14:48 | 000,502,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2016/03/25 16:03:39 | 000,523,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2016/03/25 16:00:11 | 000,459,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2016/03/25 15:30:01 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/03/25 16:00:13 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2016/03/25 16:01:35 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2016/03/25 16:03:52 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2016/03/25 15:28:14 | 000,559,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2017/06/12 19:11:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/13 22:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2016/03/25 16:02:30 | 000,344,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2017/04/17 12:37:31 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/03/25 16:02:41 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2017/06/12 19:11:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2016/03/25 16:03:37 | 000,235,520 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2016/03/25 16:03:16 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2016/03/25 15:32:19 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2016/03/25 16:02:38 | 001,110,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2016/03/25 16:03:42 | 000,316,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2016/03/25 15:32:31 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2016/03/25 16:02:16 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2016/03/25 14:48:43 | 001,601,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/06/14 14:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2016/06/14 14:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/19 17:27:26 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2016/03/25 15:59:37 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/03/25 16:04:04 | 001,659,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2016/03/25 15:59:37 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2016/03/25 16:04:05 | 000,582,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2016/11/09 13:02:19 | 000,128,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2016/11/09 12:55:06 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/13 22:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/05/10 12:14:53 | 002,651,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2016/03/25 15:57:37 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2016/03/25 16:04:09 | 000,886,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2016/03/25 16:04:08 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

OTL Extras logfile created on: 2017/07/21 10:48:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\ユーザー名\デスクトップ
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18738)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.80 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 61.40% Memory free
7.60 Gb Paging File | 5.96 Gb Available in Paging File | 78.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.26 Gb Total Space | 141.83 Gb Free Space | 76.14% Space Free | Partition Type: NTFS
Drive D: | 277.63 Gb Total Space | 175.03 Gb Free Space | 63.04% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: KY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05CC937B-1803-4B2C-9B70-C23CAD640496}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{36C1BDD5-DA77-412D-9AE5-2D3A7148DE7C}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{36E716B9-D9AE-4C9E-8A82-9B69AB999BB8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3BB313C3-DDFB-46E8-9B02-C87B883EA1F8}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\todobackupservice.exe |
"{40A2761E-F322-44E4-AD69-E2C8FFEB8242}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{4DFE09E9-69F0-49AA-8026-FFCE2EFA25A6}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6A3A570C-3275-4478-A43E-57606985BC9D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C6DB33B-BB9D-452C-A6C5-A57532AD88CC}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{AE00EA18-F34F-4F6F-8D2A-1310F167503A}" = protocol=6 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{E4014D32-019F-4276-AF53-C1896728D362}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD82471E-D885-4A29-866F-3FC3EB5F53F5}" = protocol=17 | dir=in | app=c:\program files (x86)\easeus\todo backup\bin\tbservice.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F95875-9527-49CC-B32F-970ADAEBD1EF}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0A596141-97D5-45FA-9281-98DFAF48D579}" = Apple Mobile Device Support
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{2DC6DE6F-ABAF-410D-B0A9-C67117E60EC7}" = ディスプレイの切り換え
"{487D044D-6426-4FD4-A521-1CF9456E7DB2}" = ワンタッチスタートボタンの設定(9.18.1011)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{69B96ED0-18FB-4935-8B33-30C94D4CCB81}" = O2Micro Flash Memory Card Windows Driver
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{77650E61-3B7D-4C1E-A2C1-D9F1BA561A0F}" = One-Touch Start Button Settings(1.18.1024)
"{7A60C521-D2CC-431B-BC09-63B4FA8B77D1}" = おすすめメニューガジェット
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{897FA7E3-17BF-405F-BC91-FB72A669DCD3}" = COMODO Internet Security Premium
"{90120000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = NX PAD Driver
"{A96702F7-EFC8-3EED-BE46-22C809D4EBE5}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BB109E24-EE90-485B-A28B-ADDEFB40540B}" = Apple Application Support（64 ビット）
"{C37431B6-A592-40C6-9C46-C3AF8141BBBF}" = PDF-XChange Editor
"{C510BB61-AE0B-4420-87AF-9CF646E86364}" = iCloud
"{D22A42E3-47C5-4042-80FF-79AE22F018ED}" = One-Touch Start Button Settings(1.18.1022)
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{DFA0E609-8481-4E32-828E-7311E4936F99}" = パワーオフUSB充電の設定
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security Premium
"SP6" = SetPoint 6.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{31704E73-FB79-4C79-A4CE-4E6477EFA383}" =
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{52D87F32-70E4-4348-8148-C0B9F35B1314}" = Apple Software Update
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6CB949F1-4495-48F6-A815-26F6CABA85D7}" = Backup and Sync from Google
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{90120000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2007
"{90120000-0016-0411-0000-0000000FF1CE}_PERSONALR_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2007
"{90120000-001A-0411-0000-0000000FF1CE}_PERSONALR_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2007
"{90120000-001B-0411-0000-0000000FF1CE}_PERSONALR_{209FA1DF-E70E-436A-BB71-9ECB81FC3776}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PERSONALR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2007
"{90120000-001F-0411-0000-0000000FF1CE}_PERSONALR_{8B0BBAAA-BB10-41E1-B27E-24CF08CBB253}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0411-0000-0000000FF1CE}_PERSONALR_{277B1BCF-97A7-40F2-87A5-3CACB0E9714B}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0028-0411-1000-0000000FF1CE}_PERSONALR_{8A3FCBEB-9029-40E2-8799-2299CBBEF4D8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PERSONALR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0411-1000-0000000FF1CE}_PERSONALR_{84C84010-F698-443E-84B4-A82DD01A17FE}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2007
"{90120000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2007
"{90120000-006E-0411-0000-0000000FF1CE}_PERSONALR_{84C84010-F698-443E-84B4-A82DD01A17FE}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0033-0000-0000-0000000FF1CE}" = Microsoft Office Personal 2007
"{91120000-0033-0000-0000-0000000FF1CE}_PERSONALR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Creator LJ
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}" = Apple Application Support（32 ビット）
"{db059b99-8f2e-4c05-943f-981cb75a75e4}" = PDF-XChange Editor
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Creator LJ
"Comodo Dragon" = Comodo Dragon
"ComodoIse" = Internet Security Essentials
"EaseUS Todo Backup_is1" = EaseUS Todo Backup Free 10.5
"InstallShield_{31704E73-FB79-4C79-A4CE-4E6477EFA383}" =
"InstallShield_{69B96ED0-18FB-4935-8B33-30C94D4CCB81}" = O2Micro Flash Memory Card Windows Driver
"Lhaplus" = Lhaplus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"PERSONALR" = Microsoft Office Personal 2007

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"brave" = Brave
"Google Photos Backup" = Google Photos Backup
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2017/07/19 20:07:13 | Computer Name = Notebook | Source = PerfNet | ID = 2004
Description =

Error - 2017/07/20 0:12:41 | Computer Name = Notebook | Source = Application Hang | ID = 1002
Description = プログラム iTunes.exe バージョン 12.6.2.20 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 1678 開始時刻: 01d3010ae4ea0cb9 終了時刻: 93 アプリケーション
パス: C:\Program Files\iTunes\iTunes.exe レポート ID:

Error - 2017/07/20 10:03:08 | Computer Name = Notebook | Source = VSS | ID = 8194
Description =

Error - 2017/07/20 14:09:48 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2017/07/20 14:09:48 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7394

Error - 2017/07/20 14:09:48 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7394

Error - 2017/07/20 17:03:33 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = 暗号化サービスは VSS バックアップ "System Writer" オブジェクトを初期化できませんでした。 Details: Could
not query the status of the EventSystem service. System Error: システム シャットダウンが実行中です。
。

Error - 2017/07/20 18:28:29 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2017/07/20 18:28:29 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7410

Error - 2017/07/20 18:28:29 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7410

[ System Events ]
Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = DCOM | ID = 10005
Description =

Error - 2017/07/20 14:39:58 | Computer Name = Notebook | Source = DCOM | ID = 10005
Description =

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:39:57 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:40:01 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2017/07/20 14:40:01 | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068


< End of report >

OTLログを載せました。たいへんお手数ですが引き続きよろしくお願いいたします。

今夜もレスが遅くなってすみません。

再度のOTLスキャンログを見せてもらいました。

>今までのところ平穏

と言うことで、おかしな挙動は出てないなら何よりです。

ログを見ましたが、またちょっと確認させてください。
オンラインストレージのDropboxをお使いでしょうか？
DBでなければ他のストレージをお使いならそのサイト名を教えてください。

OTLログでDBらしい痕跡が見えているのですが、当掲示板の過去相談でDB絡みでよくないモノを拾ったり感染受けたという事例がかなりありましたので。
またDB自体がアクセスしてきたユーザーのPCに履歴なのか、結構うざい痕跡も残すこともあるので、そのあたりも確認してから対応を考えましょう。
DBを含めてストレージ等はまったく使ったこともないならそのことだけ教えてくれればいいです

オンラインストレージは利用しています。
Dropboxは使っていません(アプリもインストールしていません)のでアカウントを閉じます。
EvernoteからOneNoteに乗り換えようとしたためOnedriveにいくらか保存しています。

メインで利用しているのはGoogle DriveとEvernoteです。
iCloudはiPhone、iPadのバックアップ先となっています。

おはようございます。
説明を見せていただきました。

>オンラインストレージは利用しています。
>Dropboxは使っていません(アプリもインストールしていません)のでアカウントを閉じます。
>EvernoteからOneNoteに乗り換えようとしたためOnedriveにいくらか保存しています

はい、了解です。DBを使ってないならそこはいいでしょう。
ただ、ストレージはどこのサイトでもあまり多用しないことを覚えておきましょう。
特に重要なファイル程ストレージに預けるのは非推奨です。

別の面では、ストレージは不特定ユーザー間で違法ファイルの温床に使われることも問題です。
同時にそれらのファイルに危険なマルウェアも仕込まれ、「お宝ファイル」と思ってDLしたモノを再生したらその時点でPCからデータが外部に漏えいさせられたという被害も平気で起きます。

かにさんがストレージに置いているのはご自身のみがアクセスするバックアップファイルで他の人は一切タッチしないとか、他の人からのファイルもDLしないならその危険も薄いのでいいですがストレージの危険性は常に頭に入れておいてください。

ではPC内にたまっているゴミをOTLで掃除しましょう。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動して、そこでディスククリーンアップ実行してください。

続いてセーフモードのままOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
MOD - [2017/07/21 08:30:58 | 001,176,576 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._core_.pyd
MOD - [2017/07/21 08:30:58 | 001,067,008 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._controls_.pyd
MOD - [2017/07/21 08:30:58 | 000,816,128 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._windows_.pyd
MOD - [2017/07/21 08:30:58 | 000,806,400 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._gdi_.pyd
MOD - [2017/07/21 08:30:58 | 000,736,256 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pysqlite2._sqlite.pyd
MOD - [2017/07/21 08:30:58 | 000,733,184 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._misc_.pyd
MOD - [2017/07/21 08:30:58 | 000,686,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\unicodedata.pyd
MOD - [2017/07/21 08:30:58 | 000,524,248 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows._lib_cacheinvalidation.pyd
MOD - [2017/07/21 08:30:58 | 000,364,544 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pythoncom27.dll
MOD - [2017/07/21 08:30:58 | 000,320,512 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32com.shell.shell.pyd
MOD - [2017/07/21 08:30:58 | 000,167,936 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32gui.pyd
MOD - [2017/07/21 08:30:58 | 000,127,488 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pyexpat.pyd
MOD - [2017/07/21 08:30:58 | 000,119,808 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32file.pyd
MOD - [2017/07/21 08:30:58 | 000,108,544 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32security.pyd
MOD - [2017/07/21 08:30:58 | 000,098,816 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32api.pyd
MOD - [2017/07/21 08:30:58 | 000,082,432 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\usb_ext.pyd
MOD - [2017/07/21 08:30:58 | 000,078,848 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._animate.pyd
MOD - [2017/07/21 08:30:58 | 000,077,312 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\wx._html2.pyd
MOD - [2017/07/21 08:30:58 | 000,070,656 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.volumes.pyd
MOD - [2017/07/21 08:30:58 | 000,055,808 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.device_monitor.pyd
MOD - [2017/07/21 08:30:58 | 000,038,912 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32inet.pyd
MOD - [2017/07/21 08:30:58 | 000,035,840 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32process.pyd
MOD - [2017/07/21 08:30:58 | 000,025,600 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32pdh.pyd
MOD - [2017/07/21 08:30:58 | 000,024,064 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32pipe.pyd
MOD - [2017/07/21 08:30:58 | 000,022,528 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32ts.pyd
MOD - [2017/07/21 08:30:58 | 000,018,432 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32event.pyd
MOD - [2017/07/21 08:30:58 | 000,017,920 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\thumbnails_ext.pyd
MOD - [2017/07/21 08:30:58 | 000,017,408 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32profile.pyd
MOD - [2017/07/21 08:30:58 | 000,016,384 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\windows.winwrap.pyd
MOD - [2017/07/21 08:30:58 | 000,011,264 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\win32crypt.pyd
MOD - [2017/07/21 08:30:58 | 000,010,240 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\select.pyd
MOD - [2017/07/21 08:30:57 | 001,307,648 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_ssl.pyd
MOD - [2017/07/21 08:30:57 | 000,917,504 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_hashlib.pyd
MOD - [2017/07/21 08:30:57 | 000,218,624 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\PIL._imaging.pyd
MOD - [2017/07/21 08:30:57 | 000,129,536 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_elementtree.pyd
MOD - [2017/07/21 08:30:57 | 000,110,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\pywintypes27.dll
MOD - [2017/07/21 08:30:57 | 000,088,064 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_ctypes.pyd
MOD - [2017/07/21 08:30:57 | 000,046,080 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_socket.pyd
MOD - [2017/07/21 08:30:57 | 000,036,864 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_psutil_windows.pyd
MOD - [2017/07/21 08:30:57 | 000,027,648 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_multiprocessing.pyd
MOD - [2017/07/21 08:30:57 | 000,020,480 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\_yappi.pyd
MOD - [2017/07/21 08:30:57 | 000,012,800 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\common.time34.pyd
MOD - [2017/07/21 08:30:57 | 000,007,168 | ---- | M] () -- C:\Users\KY\AppData\Local\Temp\_MEI46242\hashobjs_ext.pyd
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,IE11UpgradePageShownTime = DD 73 87 90 EC 00 D3 01 [binary data]
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = AF 23 09 90 8A 01 D3 01 [binary data]
IE - HKU\S-1-5-21-238233554-254357902-350102063-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

:Files

:reg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------