悪代官の伏魔殿掲示板
PCの様子がおかしいです
初めまして。瀬野と申します。


先日、動画を見ている最中にPC画面が一瞬真っ暗になりました。

真っ暗になる少し前にノートンがバックグラウンドタスクを実行していますという通知を出していました。
なのでその関係かと思い、ノートンのセキュリティ履歴を見てみると、真っ暗になった時間帯にログインユーザーなしというものが出ていました。
その10秒後くらいにユーザーがログインしましたというものと、パブリックネットワークに接続しましたという履歴がありました。

イベントビューアーを見てみると、ログインユーザーなしと記録されていた時刻にノートンでエラーが発生したので、
windowsファイアウォールがフィルター処理を管理していますと記録されていました。
それと、いつもはほぼログインしたくらいの時刻に発生していたみたいなのですが、
イベントID360 User Device Registrationというものも同時刻に記録されていましたがなにか関係があるのでしょうか。

他にも、もう20日ほど前のことなのですが、PC起動時にノートンのタスクバーのアイコンに×が出ており、SONAR保護がオンにならないといったことや
(再起動でノートン上の表示は保護されていますになりましたが、SONAR保護のオンオフ切り替えをする設定ページを表示しようとクリックしても、
そこだけ反応しないので実際にオンになっているかは確認できず。
その後手動でライブアップデートをかけたところ元通りになりました)

自動保護とダウンロードインサイトが一瞬オフになってすぐに戻るということがありました。


今回画面が真っ暗になったとき、特に何も操作した覚えはなく、
ログアウトも自分ではしてないはずなのですが、ウイルスに感染したりしてこういった症状が出ているのでしょうか?
もしくは、ログインユーザーなしと表示されたときに誰かに乗っ取られたりしたのでしょうか…?

それともう1つなのですが、

上記のことでご相談したく、HJTをDLしたところ
ノートンから以下のような表示がありました。

81695c40536311678bc66a0f185bb1df8b9333b9 脅威名: Heur.AdvML.B

場所はfirefoxのキャッシュフォルダのようなのですが、この表示は出ても大丈夫ですか?
検出したので削除しましたといった内容でした。

1回目にアクセスした際、webサイトが英語表記だったのでうろたえているうちに、
DLしますかというダイアログが表示されたままwebページがどんどん切り替わってしまったのですがそういうのがまずかったとかあるのでしょうか…?

2回同じものが記録されているので、多分ページにアクセスしたときに記録されたのかなと思うのですがどうなのでしょう…。
脅威名で検索したところ誤検出の可能性が高そうでしたが、こういった表示がでるのが普通なのでしょうか?
特に問題がないようなら安心なのですが。

長々とすみませんが、お助けいただけますと幸いです。
どうかよろしくお願いいたします。

以下ログです。


HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:18:38, on 2018/08/30
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\owner\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 6570 bytes


CCログ

Candy Crush Saga king.com 2018/08/21 1.1320.2.0
Candy Crush Soda Saga king.com 2018/07/10 1.118.400.0
CCleaner Piriform 2018/08/30 5.44
CLIP STUDIO 1.7.4 CELSYS 2018/05/19 1.7.4
CLIP STUDIO PAINT 1.7.4 CELSYS 2018/05/19 1.7.4
Cooking Fever Nordcurrent 2018/08/15 2.8.0.7
CyberLink Media Suite 10 CyberLink Corp. 2018/08/21 683 MB 10.0
Groove ミュージック Microsoft Corporation 2018/08/11 10.18071.11711.0
Hidden City: アイテム探しアドベンチャー G5 Entertainment AB 2018/07/31 1.24.2400.0
Intel(R) Management Engine Components Intel Corporation 2018/05/10 11.7.0.1037
Intel(R) Network Connections 22.5.104.0 Intel 2018/05/10 39.8 MB 22.5.104.0
Intel(R) Rapid Storage Technology Intel Corporation 2018/05/10 15.8.0.1006
Metasequoia 4 (64bit) tetraface Inc. 2018/08/21 333 MB 4.6.5
Microsoft OneDrive Microsoft Corporation 2018/08/21 104 MB 18.131.0701.0007
Microsoft Pay Microsoft Corporation 2018/05/13 2.2.18065.0
Microsoft Solitaire Collection Microsoft Studios 2018/08/26 4.2.8172.0
Microsoft Sticky Notes Microsoft Corporation 2018/05/13 2.1.18.0
Microsoft Store Microsoft Corporation 2018/07/31 11807.1001.13.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2018/08/02 11807.1001.1.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/05/10 4.84 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2018/05/18 7.59 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2018/05/10 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/17 13.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/19 11.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2018/08/21 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2018/08/21 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2018/08/21 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2018/08/21 19.5 MB 14.0.24215.1
Minecraft Microsoft Studios 2018/08/29 1.6.14.0
Mixed Reality ビューアー Microsoft Corporation 2018/07/31 5.1807.6012.0
Mozilla Firefox 61.0.2 (x64 ja) Mozilla 2018/08/21 145 MB 61.0.2
Mozilla Maintenance Service Mozilla 2018/08/21 279 KB 60.0
My Office Microsoft Corporation 2018/07/03 17.10314.31700.0
Norton Security Symantec Corporation 2018/08/10 22.15.0.88
NVIDIA 3D Vision コントローラー ドライバー 390.41 NVIDIA Corporation 2018/05/10 390.41
NVIDIA GeForce Experience 3.12.0.84 NVIDIA Corporation 2018/05/10 3.12.0.84
NVIDIA HD オーディオ ドライバー 1.3.36.6 NVIDIA Corporation 2018/08/21 1.3.36.6
NVIDIA PhysX システム ソフトウェア 9.17.0524 NVIDIA Corporation 2018/05/10 9.17.0524
OneNote Microsoft Corporation 2018/08/21 16001.10730.20032.0
People Microsoft Corporation 2018/08/21 10.1807.2131.0
Print 3D Microsoft Corporation 2018/05/13 2.0.10611.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2018/05/10 399 MB 6.0.1.8210
Skype Skype 2018/07/17 12.1815.210.0
Update for Windows 10 for x64-based Systems (KB4023057) Microsoft Corporation 2018/08/21 790 KB 2.47.0.0
Web メディア拡張機能 Microsoft Corporation 2018/08/29 1.0.11904.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
Xbox Microsoft Corporation 2018/08/14 44.44.7002.0
Xbox Game bar Microsoft Corporation 2018/08/23 1.32.21002.0
Xbox Game Speech Window Microsoft Corporation 2018/05/13 1.21.13002.0
Xbox gaming overlay Microsoft Corporation 2018/08/29 1.16.1007.0
Xbox Identity Provider Microsoft Corporation 2018/05/30 12.41.24002.0
Xbox Live Microsoft Corporation 2018/05/13 1.11.29001.0
アプリ インストーラー Microsoft Corporation 2018/05/13 1.0.20921.0
アラーム & クロック Microsoft Corporation 2018/08/21 10.1805.1361.0
カメラ Microsoft Corporation 2018/08/29 2018.426.90.0
ドラゴンマニア・レジェンド Gameloft. 2018/08/29 4.0.0.17
バブルウィッチ3 king.com 2018/08/08 4.8.4.0
ヒント Microsoft Corporation 2018/08/23 6.14.12121.0
フィードバック Hub Microsoft Corporation 2018/05/13 1.1712.1141.0
フォト Microsoft Corporation 2018/08/21 2018.18061.17410.0
ペイント 3D Microsoft Corporation 2018/08/16 5.1808.8017.0
ボイス レコーダー Microsoft Corporation 2018/08/21 10.1805.1201.0
マップ Microsoft Corporation 2018/08/21 5.1805.1431.0
マーチ オブ エンパイア - 領土戦争 Gameloft. 2018/07/25 3.4.0.7
メッセージング Microsoft Corporation 2018/08/21 3.38.22001.0
メール/カレンダー Microsoft Corporation 2018/08/24 16005.10730.20053.0
モバイル通信プラン Microsoft Corporation 2018/08/21 5.1807.1991.0
ワコム タブレット Wacom Technology Corp. 2018/08/21 6.3.7-6
問い合わせ Microsoft Corporation 2018/07/19 10.1706.11801.0
天気 Microsoft Corporation 2018/08/15 4.26.12153.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2018/08/23 17134.8.14.0
映画 & テレビ Microsoft Corporation 2018/08/11 10.18071.11811.0
電卓 Microsoft Corporation 2018/08/21 10.1807.2121.0
  • 瀬野
  • 2018/08/30 (Thu) 01:06:24
まずはCCで探りますか
こんばんは。
ここの管理人の悪代官です。
見るからに怪しいIDですが日本語はもっと怪しいので安心してください(←国に帰れ

説明とログを見せてもらいました。

症状ではノートンがちょくちょく妙な動作になるようで、一時的な動作不全の可能性もありますが現時点のログでは感染らしい痕跡は見えませんね。

>81695c40536311678bc66a0f185bb1df8b9333b9 脅威名: Heur.AdvML.B

>場所はfirefoxのキャッシュフォルダのようなのですが、この表示は出ても大丈夫ですか?

ブラウザのキャッシュなら削除しても特に問題はないでしょうが、ノートンがどんなサイトの履歴やcookieを脅威と検出したかによってまた対応が変わってきますね。
まずは慎重に調べてみますか。
いくらか手間はかけてもらうことになりますが、時間はかかってもいいので落ち着いてひとつずつ進めてください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
https://www.piriform.com/ccleaner/builds
最新バージョンの「ポータブル版」(Portable)をダウンロード後、解凍して起動してください。
片付けるときはそのフォルダを削除すればいいです。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

ここでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとCCの各ログを返信に貼って見せてください。
それらを見てから続きの作業を指示します。

CCの各ログで何が見つかるかどうかが最初の鍵になりそうです
  • 悪代官
  • 2018/08/30 (Thu) 20:15:51
Re: PCの様子がおかしいです
こんばんは。
瀬野です。
お忙しい中返信いただき、ありがとうございます。

CCのログですが、ポータブル版とインストール版のどちらを使用して取るのが良いのでしょうか?
頂いた返信にポータブル版をDLして起動するようありましたので、今回ポータブル版にて取得していますが、インストール版でもログを取得した方がいいですか?


以下CCのログです。


windows

有効 HKCU:Run CCleaner Smart Cleaning Piriform Ltd "C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe" /MONITOR
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
無効 HKLM:Run YouCam Service CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s


スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
有効 Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
有効 Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
有効 Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
有効 Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
無効 Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
無効 Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
無効 Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
有効 Task OneDrive Standalone Update Task-S-1-5-21-959354603-2943148263-4103673731-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe


コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Drive Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 File BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 Folder BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 Folder Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"


InternetExplorer

有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll


Firefox

有効 Extension Activity Stream 2018.06.29.1026-fa231556 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Adblock Plus 3.3 eyeo GmbH default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Application Update Service Helper 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 32.1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Photon onboarding 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Web Compat 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Extension WebCompat Reporter 1.0.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

  • 瀬野
  • 2018/08/30 (Thu) 23:30:03
次は2つのツールで調べます
作業と報告、ご苦労様です。

>CCのログですが、ポータブル版とインストール版のどちらを使用して取るのが良いのでしょうか?

ポータブル版でいいですよ。
既にそれでログもとってくれてますね。

そのログも見せてもらいましたが、現時点では怪しいものも見えないようですね。

では続けて解析していきましょう。

次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「設定」タブを開いてその下段にある「アンインストール」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除したあと、PCをセーフモードで再起動してしてください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「今すぐスキャン」するとスキャン開始されます。

しばらく待ってスキャン終了したら結果が出るので、そこで画面左下の「スキャンのログファイルを表示」するとそのログが表示されるので、それをデスクトップ上に保存してから、ACは終了です。
ここでは検出があっても処置は市内でおいてください。

ACでの作業ができたら次はMBAMの作業です。
またセーフモード起動してからMBAM起動してスキャンしてください。
MBAM起動したら「スキャン」タブで「カスタムスキャン」選択後、Cドライブを含む全ドライブを選択してください。
それとルートキットスキャンの項目もチェック入れておいてください。

この形でスキャンすると時間はかかりますができるだけ細かくスキャンするためです。

こちらもスキャン終了したら「レポートを表示」で結果が表示されます。

そこで「エクスポート」選択するとMBAMのスキャンログが保存可能になるので、それをtxtファイルでデスクトップ上に保存したらMBAMは終了です。
MBAMでも検出された場合でも処置はしないように。

このあと両ツールのログをレスに貼って見せてください。
この結果を見てから対処を考えましょう
  • 悪代官
  • 2018/08/31 (Fri) 20:08:43
Re: PCの様子がおかしいです
こんばんは。

先日導入したCCがスタートアップに登録されてしまったようです。
できれば使うときにだけ起動したいのですが、無効化してしまっても大丈夫ですか?

それともう1点ログを取得する前の更新に関してお尋ねします。
ACを起動しても特に更新が行われなかったようなのですが、更新されたように見えないだけで実際は更新が行われているのでしょうか?
もしくは既に最新の定義であったため、行われなかったのでしょうか…?
そのままログを取ってみましたが、もし問題があったようでしたらご指摘いただけたらと思います。
宜しくお願い致します。


ACログ

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-12.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-01-2018
# Duration: 00:00:06
# OS: Windows 10 Pro
# Scanned: 41762
# Detected: 3


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nortonsafe.search.ask.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


MBAMログ

Malwarebytes
www.malwarebytes.com

-ログの詳細-
スキャン日付: 2018/09/01
スキャン時間: 0:16
ログファイル: ce884d67-ad30-11e8-91fc-000000000000.json

-ソフトウェア情報-
バージョン: 3.5.1.2522
コンポーネントバージョン: 1.0.441
パッケージバージョンをアップデート: 1.0.6583
ライセンス: トライアル版

-システム情報-
OS: Windows 8
CPU: x64
ファイルシステム: NTFS
ユーザー: コンピューター名\owner

-スキャン結果の概要-
スキャンタイプ: カスタムスキャン
スキャン開始日時: マニュアル
結果: 完了
スキャンされたオブジェクト: 481331
検出された脅威: 0
(悪意のあるアイテムは検出されませんでした)
隔離された脅威: 0
(悪意のあるアイテムは検出されませんでした)
経過時間: 2 時 9 分 3 秒

-スキャンオプション-
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 検出
PUM: 検出

-スキャンの詳細-
プロセス: 0
(悪意のあるアイテムは検出されませんでした)

モジュール: 0
(悪意のあるアイテムは検出されませんでした)

レジストリキー: 0
(悪意のあるアイテムは検出されませんでした)

レジストリ値: 0
(悪意のあるアイテムは検出されませんでした)

レジストリデータ: 0
(悪意のあるアイテムは検出されませんでした)

データストリーム: 0
(悪意のあるアイテムは検出されませんでした)

フォルダ: 0
(悪意のあるアイテムは検出されませんでした)

ファイル: 0
(悪意のあるアイテムは検出されませんでした)

物理セクタ: 0
(悪意のあるアイテムは検出されませんでした)

WMI: 0
(悪意のあるアイテムは検出されませんでした)


(end)
  • 瀬野
  • 2018/09/01 (Sat) 03:29:53
askを処置の後、OTLで解析します
こんばんは。
今夜もレスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて倒すのが悪代官の策略です(←いったい何と戦ってるんだ

両ツールのログを見せてもらいました、
MBAMでは検出ないものの、ACで少し検出されましたね。
レジストリも含めてそれらは全部ask関連のエントリです。
以前にaskツールバーでも入れてましたか?

askはツールバーも検索エンジンも行儀悪いことで悪評多いもので、普通にアンインストールしても綺麗には消えないこともわかっています。
もしかしたらノートンが反応したのもこのaskの可能性がありますが、見つかったなら処置しましょう。
再度ACを起動してスキャンして、今度は検出された対象を全部選択して「クリーニング&リペア」です。
このあとPCを再起動すれば対象も隔離されます。

ACでの処置ができたら別のツールで大詰めの解析しましょう。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2018/09/01 (Sat) 20:46:49
Re: PCの様子がおかしいです
ツールバーはIEにノートンセキュリティツールバーを入れた覚えしかないです。
少なくとも自分でaskツールバーを入れようと思って入れたことはないはずなのですが…。

ACでの処置についてですが、セーフモードと通常起動とどちらの状態で行うのが良いのでしょうか?
  • 瀬野
  • 2018/09/01 (Sat) 21:50:09
ACはセーフモードで作業を
>ツールバーはIEにノートンセキュリティツールバーを入れた覚えしかないです。
>少なくとも自分でaskツールバーを入れようと思って入れたことはないはずなのですが…。

なるほど、ノートンツールバーにaskが含まれていた可能性がありますね。
ではいったんセーフモードでAC作業して、そのあとノートンツールバーが使えなくなったらそれが確定します。
その場合はACで隔離したエントリを復元すればノートンツールバーも戻るので、試しにAC作業をお願いします。

OTLの作業はACの結果を見てからしたほうがいいので、今はスキャンせずにおいといてください
  • 悪代官
  • 2018/09/01 (Sat) 22:05:59
Re: PCの様子がおかしいです
ACでの作業を行いましたが、ノートンツールバーは問題なく使えていると思います。
試しにツールバーから検索したり、ツールバー内のクリックできる項目を押してみましたが、特に異常はなさそうです。
  • 瀬野
  • 2018/09/01 (Sat) 23:41:51
先に案内したOTLスキャンをお願いします
こんばんは。
ACでaskの隔離後も異常は出てないようですね。
まあノートンツールバーの異常だけならノートンを上書き再インストールし直せばまず修復できるはずなので、もしこのあとノートンがおかしくなったらその手順で対処を。

さてそれでは先に案内した手順でOTLのスキャン作業をお願いします。

このスキャンログではかなり詳細な内容がログに出ますが、スキャンだけなら良くも悪くも状態変化はないので不安がらなくていいです
  • 悪代官
  • 2018/09/02 (Sun) 18:39:21
OTLでのスキャンについて
こんばんは。

OTLでのスキャンについてお尋ねします。
起動するとき、他のプログラムを起動しない状態でとありますが、ノートンは起動したままで大丈夫でしょうか?
お手数をおかけして申し訳ないのですが、ご回答いただけると助かります。
よろしくお願い致します。
  • 瀬野
  • 2018/09/02 (Sun) 23:21:44
ノートンは停止させなくてもいいです
>起動するとき、他のプログラムを起動しない状態でとありますが、ノートンは起動したままで大丈夫でしょうか?

はい、OTLでスキャンするだけならノートンは止めなくてもいいです。
ブラウザなどは事前に終了させてからスキャンしてください
  • 悪代官
  • 2018/09/03 (Mon) 05:14:46
OTLログ1
こんばんは。

遅くなってしまいましたが、OTLのログを取得しましたので貼らせて頂きます。
宜しくお願い致します。


OTLログ

OTL logfile created on: 2018/09/05 20:45:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

15.94 Gb Total Physical Memory | 14.00 Gb Available Physical Memory | 87.86% Memory free
18.31 Gb Paging File | 15.18 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.17 Gb Total Space | 192.39 Gb Free Space | 81.12% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1855.39 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: コンピューター名 | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2018/09/05 20:42:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
PRC - [2018/08/21 23:37:07 | 000,663,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2018/08/21 23:37:04 | 003,932,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2018/08/06 02:34:17 | 000,328,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
PRC - [2018/04/12 08:34:55 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2018/02/24 05:01:13 | 000,462,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
PRC - [2017/07/25 21:06:02 | 000,321,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2017/07/25 21:06:02 | 000,017,992 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2015/07/06 21:38:56 | 000,110,008 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/12/05 01:35:56 | 001,945,880 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
PRC - [2013/12/05 01:35:56 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
PRC - [2012/10/09 08:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/12/08 16:28:07 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2014/12/08 15:28:12 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
  • 瀬野
  • 2018/09/05 (Wed) 23:39:10
OTLログ2
OTLログ2

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2018/08/21 23:37:25 | 000,106,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:22 | 004,737,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 001,456,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 001,359,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 000,976,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 000,949,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 000,858,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:01 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:59 | 000,835,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:58 | 003,395,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:58 | 000,760,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:55 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 001,487,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,847,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,784,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,091,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:53 | 002,248,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:53 | 000,235,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:52 | 001,395,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:52 | 000,667,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:52 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:51 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:50 | 001,364,992 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:50 | 000,684,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:50 | 000,673,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:49 | 003,086,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:49 | 001,374,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:49 | 000,826,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 001,457,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:47 | 004,970,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:46 | 000,061,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:45 | 000,885,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2018/08/06 02:34:17 | 000,328,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe -- (NortonSecurity)
SRV:[b]64bit:[/b] - [2018/08/06 02:28:57 | 000,913,128 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe -- (nsWscSvc)
SRV:[b]64bit:[/b] - [2018/05/09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [On_Demand | Stopped] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2018/04/13 01:36:17 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2018/04/13 01:36:13 | 001,189,376 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:[b]64bit:[/b] - [2018/04/13 01:36:13 | 000,604,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\assignedaccessmanagersvc.dll -- (AssignedAccessManagerSvc)
SRV:[b]64bit:[/b] - [2018/04/13 01:36:10 | 000,197,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2018/04/12 08:35:21 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2018/04/12 08:35:21 | 000,427,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2018/04/12 08:35:21 | 000,400,896 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:43 | 000,824,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:43 | 000,590,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:43 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:42 | 000,712,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:41 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:39 | 000,219,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:38 | 000,671,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:37 | 000,303,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:37 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:34 | 001,273,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:33 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:33 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:25 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:24 | 001,027,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:24 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:23 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,773,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,335,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_3f7c3)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:19 | 000,750,080 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:19 | 000,195,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,712,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,514,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,395,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 001,495,040 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 001,220,096 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,582,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,463,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,392,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,345,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,281,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,241,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,176,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:10 | 001,248,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:10 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:10 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:10 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:08 | 001,308,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:08 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:08 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:08 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:08 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:07 | 001,115,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:07 | 000,092,160 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:06 | 001,033,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:06 | 000,632,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:06 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 001,148,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,411,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,356,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,199,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,163,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:02 | 000,464,384 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:58 | 004,451,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 002,197,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:47 | 003,441,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2018/04/11 06:05:00 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2018/03/11 03:20:00 | 000,495,616 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2018/02/24 05:01:13 | 000,462,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV:[b]64bit:[/b] - [2018/01/10 23:22:55 | 000,519,240 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV:[b]64bit:[/b] - [2018/01/10 23:22:55 | 000,519,240 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV:[b]64bit:[/b] - [2017/07/25 21:06:02 | 000,017,992 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2017/06/20 11:25:06 | 000,516,160 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/12/05 01:35:56 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV - [2018/08/21 23:37:10 | 000,729,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2018/08/21 23:37:06 | 004,469,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2018/08/21 23:37:06 | 001,110,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018/08/21 23:37:06 | 000,593,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2018/08/21 23:37:05 | 001,000,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2018/08/21 23:36:45 | 000,568,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018/08/18 16:42:51 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018/04/12 08:35:22 | 000,312,832 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2018/04/12 08:34:57 | 000,138,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2018/04/12 08:34:45 | 000,965,632 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2018/04/12 08:34:45 | 000,072,192 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2018/04/12 08:34:45 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2018/04/12 08:33:47 | 003,441,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2018/01/10 23:25:04 | 000,460,872 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
  • 瀬野
  • 2018/09/05 (Wed) 23:41:38
OTLログ3
OTLログ3

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018/09/02 22:49:16 | 000,259,360 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2018/09/01 02:40:38 | 000,193,256 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 000,781,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2018/08/21 23:37:00 | 001,921,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2018/08/21 23:37:00 | 000,945,568 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2018/08/21 23:37:00 | 000,414,720 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:55 | 000,228,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,164,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,072,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:49 | 000,382,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:47 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:46 | 000,077,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,611,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,566,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,295,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,230,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,128,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,105,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,048,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2018/08/21 23:36:44 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2018/08/14 17:27:06 | 001,306,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\20180831.061\IDSvia64.sys -- (IDSVia64)
DRV:[b]64bit:[/b] - [2018/08/06 01:25:11 | 000,566,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2018/08/06 01:24:39 | 001,968,720 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\symefasi64.sys -- (SymEFASI)
DRV:[b]64bit:[/b] - [2018/08/06 01:24:39 | 000,025,608 | ---- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\symelam.sys -- (SymELAM)
DRV:[b]64bit:[/b] - [2018/08/06 01:24:23 | 001,002,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\wpctrldrv.sys -- (wpCtrlDrv_NGC)
DRV:[b]64bit:[/b] - [2018/08/06 01:22:05 | 000,307,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2018/08/06 01:20:46 | 000,187,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\ccsetx64.sys -- (ccSet_NGC)
DRV:[b]64bit:[/b] - [2018/08/06 01:20:19 | 000,846,928 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2018/08/06 01:20:19 | 000,049,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NGCx64\160F000.058\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2018/06/23 03:55:27 | 001,919,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\20180829.001\BHDrvx64.sys -- (BHDrvx64)
DRV:[b]64bit:[/b] - [2018/06/06 22:09:40 | 000,099,920 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:16 | 000,037,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:15 | 000,152,064 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smbdirect.sys -- (smbdirect)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:14 | 000,304,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:13 | 000,040,344 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:12 | 000,057,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:10 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:08 | 000,162,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:08 | 000,143,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:08 | 000,127,384 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:[b]64bit:[/b] - [2018/04/13 01:36:07 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:43 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 000,091,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 000,060,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:28 | 000,254,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:25 | 000,088,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,175,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,034,208 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:20 | 000,217,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:20 | 000,209,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:19 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:15 | 000,021,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,282,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,154,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,152,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,151,960 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,082,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,075,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,067,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,039,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,169,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,092,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,082,432 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,082,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:12 | 000,055,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,063,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,058,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2018/04/12 08:34:04 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:58 | 000,331,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:58 | 000,044,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:58 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:58 | 000,030,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,140,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,127,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,039,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:54 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,434,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,287,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,097,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,050,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,050,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:52 | 000,018,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,144,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,098,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,029,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,028,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:51 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 001,836,952 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,885,144 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,321,432 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,197,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,156,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,105,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,079,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,056,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,038,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,033,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,018,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,016,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 001,135,520 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,259,480 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,177,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,145,816 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,128,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,124,312 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,083,360 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,082,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,082,328 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,075,160 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,064,408 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,063,904 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:48 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,091,648 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,060,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2018/04/12 08:33:45 | 000,036,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2018/02/26 12:46:38 | 017,524,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nvaki.inf_amd64_1cce6cb8fb27a94d\nvlddmkm.sys -- (nvlddmkm)
DRV:[b]64bit:[/b] - [2018/02/26 07:11:33 | 000,226,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2018/01/10 23:25:52 | 000,057,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvhci.sys -- (nvvhci)
DRV:[b]64bit:[/b] - [2018/01/10 23:11:06 | 000,030,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2017/12/15 11:03:48 | 000,059,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2017/07/25 21:06:02 | 000,900,608 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2017/06/26 00:01:18 | 000,205,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2017/04/07 05:23:16 | 000,050,152 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iqvw64e.sys -- (NAL)
DRV:[b]64bit:[/b] - [2017/03/19 08:46:40 | 000,544,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d65x64.sys -- (e1dexpress)
DRV:[b]64bit:[/b] - [2014/01/28 12:58:37 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:[b]64bit:[/b] - [2013/11/12 14:25:22 | 000,091,912 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2013/11/12 09:16:02 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:[b]64bit:[/b] - [2013/11/12 09:16:02 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:[b]64bit:[/b] - [2013/11/12 09:16:02 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2018/05/13 21:30:35 | 000,153,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2018/05/12 17:18:12 | 000,507,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2018/04/12 08:34:58 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2018/04/12 08:33:49 | 000,018,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys -- (swenum)
DRV - [2018/04/12 08:33:45 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys -- (CompositeBus)
DRV - [2018/02/26 12:46:38 | 017,524,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_1cce6cb8fb27a94d\nvlddmkm.sys -- (nvlddmkm)
  • 瀬野
  • 2018/09/05 (Wed) 23:44:20
OTLログ4
OTLログ4

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co.jp/
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 56 AE 97 6C 95 EA D3 01 [binary data]
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = https://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=retail&geo=JP&ver=22.15.0.88&locale=ja_JP&guid=C3A0EFA5-6BC6-4433-8B03-772C6010FDB4&doi=2016-09-01&gct=kwd&qsrc=2869
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.2\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.2\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 61.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 61.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2018/05/13 21:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
[2018/05/13 21:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\SystemExtensionsDev
[2018/05/13 21:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\英数字.default\browser-extension-data
[2018/09/05 20:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\英数字.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2018/08/31 23:08:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\英数字.default\extensions
[2018/08/31 23:08:46 | 001,161,002 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\英数字.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

O1 HOSTS File: ([2017/09/29 22:44:25 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine\22.15.0.88\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coieplg.dll (Symantec Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.15.0.88\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coieplg.dll (Symantec Corporation)
O3:[b]64bit:[/b] - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.15.0.88\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coieplg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-959354603-2943148263-4103673731-1001..\Run: [CCleaner Smart Cleaning] C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d5bdb930-9f55-4e05-b4cd-b71d8ed0a3b6}: DhcpNameServer = 192.168.10.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C6658531-8DB9-3115-B6D1-F89B57830CFC} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B82EE9BD-ADE2-3058-8091-78419781EC8E} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
  • 瀬野
  • 2018/09/05 (Wed) 23:47:30
OTLログ5
OTLログ5

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/09/05 20:42:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2018/08/31 23:53:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2018/08/31 23:47:54 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\mbam
[2018/08/31 23:47:48 | 000,193,256 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2018/08/31 23:47:40 | 000,259,360 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2018/08/31 23:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018/08/31 23:47:35 | 000,152,688 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2018/08/31 23:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2018/08/31 23:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2018/08/30 00:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2018/08/30 00:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2018/08/25 02:50:17 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\D3DSCache
[2018/08/22 00:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Packages
[2018/08/21 23:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2018/08/21 23:56:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2018/08/21 23:56:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2018/08/21 23:56:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2018/08/21 23:56:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2018/08/21 23:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\wd
[2018/08/21 23:51:37 | 000,000,000 | --SD | C] -- C:\Users\owner\AppData\Roaming\Microsoft
[2018/08/21 23:51:37 | 000,000,000 | R--D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2018/08/21 23:51:37 | 000,000,000 | R--D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2018/08/21 23:51:37 | 000,000,000 | R--D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2018/08/21 23:51:37 | 000,000,000 | R--D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\スタート メニュー
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\AppData\Local\Temporary Internet Files
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Templates
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\SendTo
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Recent
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\PrintHood
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\NetHood
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Documents\My Videos
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Documents\My Pictures
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Documents\My Music
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\My Documents
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Local Settings
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\AppData\Local\History
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Cookies
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\Application Data
[2018/08/21 23:51:37 | 000,000,000 | -HSD | C] -- C:\Users\owner\AppData\Local\Application Data
[2018/08/21 23:51:37 | 000,000,000 | -H-D | C] -- C:\Users\owner\AppData
[2018/08/21 23:51:37 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Temp
[2018/08/21 23:51:37 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Microsoft
[2018/08/21 23:51:37 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2018/08/21 23:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2018/08/21 23:51:27 | 002,752,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2018/08/21 23:49:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2018/08/21 23:48:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2018/08/21 23:48:28 | 000,000,000 | ---D | C] -- C:\Windows.old
[2018/08/21 23:39:33 | 000,099,920 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2018/08/21 23:38:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2018/08/21 23:38:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2018/08/21 23:38:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2018/08/21 23:37:28 | 013,570,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018/08/21 23:37:28 | 012,500,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018/08/21 23:37:28 | 001,773,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2018/08/21 23:37:28 | 001,537,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2018/08/21 23:37:28 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EASPolicyManagerBrokerHost.exe
[2018/08/21 23:37:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EasPolicyManagerBrokerPS.dll
[2018/08/21 23:37:25 | 002,590,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2018/08/21 23:37:25 | 002,371,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018/08/21 23:37:25 | 002,331,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018/08/21 23:37:25 | 002,307,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2018/08/21 23:37:25 | 001,397,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2018/08/21 23:37:25 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2018/08/21 23:37:25 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2018/08/21 23:37:25 | 001,153,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2018/08/21 23:37:25 | 001,150,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2018/08/21 23:37:25 | 001,017,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2018/08/21 23:37:25 | 001,017,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2018/08/21 23:37:25 | 000,861,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2018/08/21 23:37:25 | 000,861,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2018/08/21 23:37:25 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2018/08/21 23:37:25 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2018/08/21 23:37:25 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpshell.exe
[2018/08/21 23:37:25 | 000,457,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2018/08/21 23:37:25 | 000,416,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2018/08/21 23:37:25 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinit.exe
[2018/08/21 23:37:25 | 000,247,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2018/08/21 23:37:25 | 000,232,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2018/08/21 23:37:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2018/08/21 23:37:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2018/08/21 23:37:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2018/08/21 23:37:24 | 006,527,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018/08/21 23:37:24 | 004,788,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018/08/21 23:37:24 | 004,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018/08/21 23:37:24 | 004,331,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018/08/21 23:37:24 | 002,563,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2018/08/21 23:37:24 | 002,535,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2018/08/21 23:37:24 | 002,163,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2018/08/21 23:37:24 | 001,710,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2018/08/21 23:37:24 | 001,708,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018/08/21 23:37:24 | 001,559,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018/08/21 23:37:24 | 001,380,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018/08/21 23:37:24 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018/08/21 23:37:24 | 001,342,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2018/08/21 23:37:24 | 001,288,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018/08/21 23:37:24 | 001,148,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018/08/21 23:37:24 | 001,143,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2018/08/21 23:37:24 | 001,131,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018/08/21 23:37:24 | 001,112,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2018/08/21 23:37:24 | 001,034,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2018/08/21 23:37:24 | 001,020,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018/08/21 23:37:24 | 001,012,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2018/08/21 23:37:24 | 000,988,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018/08/21 23:37:24 | 000,770,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2018/08/21 23:37:24 | 000,583,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2018/08/21 23:37:24 | 000,500,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2018/08/21 23:37:24 | 000,472,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2018/08/21 23:37:24 | 000,260,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018/08/21 23:37:24 | 000,129,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018/08/21 23:37:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSHEIF.dll
[2018/08/21 23:37:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSHEIF.dll
[2018/08/21 23:37:23 | 006,813,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018/08/21 23:37:23 | 004,559,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018/08/21 23:37:23 | 002,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2018/08/21 23:37:23 | 001,946,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018/08/21 23:37:23 | 001,784,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018/08/21 23:37:23 | 001,611,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2018/08/21 23:37:23 | 001,305,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2018/08/21 23:37:23 | 001,242,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2018/08/21 23:37:23 | 001,144,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2018/08/21 23:37:23 | 001,097,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018/08/21 23:37:23 | 000,713,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2018/08/21 23:37:22 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwcreator.exe
[2018/08/21 23:37:17 | 002,395,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018/08/21 23:37:17 | 000,908,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2018/08/21 23:37:17 | 000,753,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018/08/21 23:37:17 | 000,661,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018/08/21 23:37:16 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2018/08/21 23:37:16 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2018/08/21 23:37:16 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018/08/21 23:37:16 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018/08/21 23:37:15 | 022,007,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018/08/21 23:37:15 | 005,776,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018/08/21 23:37:15 | 002,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018/08/21 23:37:15 | 001,932,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeangle.dll
[2018/08/21 23:37:15 | 000,808,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018/08/21 23:37:15 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2018/08/21 23:37:15 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018/08/21 23:37:15 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018/08/21 23:37:15 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2018/08/21 23:37:14 | 025,846,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018/08/21 23:37:14 | 007,577,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018/08/21 23:37:14 | 004,867,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018/08/21 23:37:14 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018/08/21 23:37:14 | 001,586,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2018/08/21 23:37:14 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018/08/21 23:37:14 | 000,814,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018/08/21 23:37:14 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018/08/21 23:37:14 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018/08/21 23:37:14 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018/08/21 23:37:13 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018/08/21 23:37:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018/08/21 23:37:13 | 000,022,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hvsicontainerservice.dll
[2018/08/21 23:37:12 | 019,525,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018/08/21 23:37:12 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2018/08/21 23:37:12 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2018/08/21 23:37:12 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MixedReality.Broker.dll
[2018/08/21 23:37:12 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2018/08/21 23:37:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.Analog.dll
[2018/08/21 23:37:11 | 023,862,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018/08/21 23:37:11 | 001,271,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2018/08/21 23:37:11 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2018/08/21 23:37:11 | 000,672,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2018/08/21 23:37:11 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2018/08/21 23:37:10 | 007,987,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2018/08/21 23:37:10 | 005,657,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018/08/21 23:37:10 | 003,611,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018/08/21 23:37:10 | 003,444,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2018/08/21 23:37:10 | 002,401,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018/08/21 23:37:10 | 001,508,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdt.exe
[2018/08/21 23:37:10 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2018/08/21 23:37:10 | 001,308,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2018/08/21 23:37:10 | 000,908,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2018/08/21 23:37:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2018/08/21 23:37:10 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018/08/21 23:37:10 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2018/08/21 23:37:10 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2018/08/21 23:37:10 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2018/08/21 23:37:09 | 006,568,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018/08/21 23:37:09 | 001,454,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2018/08/21 23:37:09 | 001,032,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2018/08/21 23:37:09 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2018/08/21 23:37:09 | 000,917,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2018/08/21 23:37:09 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2018/08/21 23:37:09 | 000,653,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2018/08/21 23:37:09 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2018/08/21 23:37:09 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018/08/21 23:37:09 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.MediaPlayer.dll
[2018/08/21 23:37:09 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2018/08/21 23:37:09 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2018/08/21 23:37:09 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018/08/21 23:37:09 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018/08/21 23:37:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2018/08/21 23:37:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschap.dll
[2018/08/21 23:37:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2018/08/21 23:37:08 | 001,469,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2018/08/21 23:37:07 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018/08/21 23:37:07 | 001,380,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2018/08/21 23:37:07 | 000,871,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2018/08/21 23:37:07 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2018/08/21 23:37:07 | 000,831,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2018/08/21 23:37:07 | 000,747,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2018/08/21 23:37:07 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2018/08/21 23:37:07 | 000,663,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018/08/21 23:37:07 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2018/08/21 23:37:07 | 000,581,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hhctrl.ocx
[2018/08/21 23:37:07 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2018/08/21 23:37:07 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2018/08/21 23:37:07 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2018/08/21 23:37:07 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2018/08/21 23:37:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProv2faHelper.dll
[2018/08/21 23:37:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2018/08/21 23:37:06 | 006,647,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018/08/21 23:37:06 | 006,043,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018/08/21 23:37:06 | 005,883,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018/08/21 23:37:06 | 004,469,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2018/08/21 23:37:06 | 002,449,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018/08/21 23:37:06 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018/08/21 23:37:06 | 001,665,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2018/08/21 23:37:06 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2018/08/21 23:37:06 | 001,426,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2018/08/21 23:37:06 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018/08/21 23:37:06 | 000,993,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Vpn.dll
[2018/08/21 23:37:06 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018/08/21 23:37:06 | 000,864,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmsys.cpl
[2018/08/21 23:37:06 | 000,829,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2018/08/21 23:37:06 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2018/08/21 23:37:06 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018/08/21 23:37:06 | 000,705,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2018/08/21 23:37:06 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2018/08/21 23:37:06 | 000,568,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2018/08/21 23:37:06 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2018/08/21 23:37:06 | 000,443,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2018/08/21 23:37:06 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018/08/21 23:37:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2018/08/21 23:37:06 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2018/08/21 23:37:06 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Diagnostics.dll
[2018/08/21 23:37:06 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2018/08/21 23:37:06 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2018/08/21 23:37:06 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2018/08/21 23:37:06 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2018/08/21 23:37:06 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2018/08/21 23:37:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2018/08/21 23:37:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.XamlHost.dll
[2018/08/21 23:37:06 | 000,101,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rmclient.dll
[2018/08/21 23:37:06 | 000,050,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2018/08/21 23:37:05 | 013,873,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2018/08/21 23:37:05 | 006,661,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018/08/21 23:37:05 | 003,553,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2018/08/21 23:37:05 | 002,789,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2018/08/21 23:37:05 | 002,417,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018/08/21 23:37:05 | 001,703,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Controls.dll
[2018/08/21 23:37:05 | 001,462,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2018/08/21 23:37:05 | 001,356,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2018/08/21 23:37:05 | 001,299,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3D12.dll
[2018/08/21 23:37:05 | 001,235,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpbase.dll
[2018/08/21 23:37:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Maps.dll
[2018/08/21 23:37:05 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2018/08/21 23:37:05 | 001,005,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2018/08/21 23:37:05 | 001,000,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018/08/21 23:37:05 | 000,743,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2018/08/21 23:37:05 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018/08/21 23:37:05 | 000,675,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2018/08/21 23:37:05 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2018/08/21 23:37:05 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2018/08/21 23:37:05 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2018/08/21 23:37:05 | 000,560,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2018/08/21 23:37:05 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2018/08/21 23:37:05 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Core.dll
[2018/08/21 23:37:05 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smartscreenps.dll
[2018/08/21 23:37:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ApiSetHost.AppExecutionAlias.dll
[2018/08/21 23:37:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018/08/21 23:37:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2018/08/21 23:37:05 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2018/08/21 23:37:04 | 003,932,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018/08/21 23:37:04 | 002,962,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018/08/21 23:37:04 | 002,700,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2018/08/21 23:37:04 | 002,486,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2018/08/21 23:37:04 | 002,258,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2018/08/21 23:37:04 | 001,456,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcDesktopMonSvc.dll
[2018/08/21 23:37:04 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpasvc.dll
[2018/08/21 23:37:04 | 001,251,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2018/08/21 23:37:04 | 001,180,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2018/08/21 23:37:04 | 001,124,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2018/08/21 23:37:04 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2018/08/21 23:37:04 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2018/08/21 23:37:04 | 000,949,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2018/08/21 23:37:04 | 000,944,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.Internal.dll
[2018/08/21 23:37:04 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2018/08/21 23:37:04 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2018/08/21 23:37:04 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2018/08/21 23:37:04 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2018/08/21 23:37:04 | 000,717,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2018/08/21 23:37:04 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFDSConMgrSvc.dll
[2018/08/21 23:37:04 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2018/08/21 23:37:04 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2018/08/21 23:37:04 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2018/08/21 23:37:04 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018/08/21 23:37:04 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018/08/21 23:37:04 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTMediaFrame.dll
[2018/08/21 23:37:04 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2018/08/21 23:37:04 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Phoneutil.dll
[2018/08/21 23:37:04 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2018/08/21 23:37:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2018/08/21 23:37:04 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2018/08/21 23:37:04 | 000,281,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExecModelClient.dll
[2018/08/21 23:37:04 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FSClient.dll
[2018/08/21 23:37:04 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018/08/21 23:37:04 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2018/08/21 23:37:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2018/08/21 23:37:04 | 000,077,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2018/08/21 23:37:04 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll
[2018/08/21 23:37:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFDSConMgr.dll
[2018/08/21 23:37:04 | 000,064,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LanguageOverlayUtil.dll
[2018/08/21 23:37:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cellulardatacapabilityhandler.dll
[2018/08/21 23:37:04 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2018/08/21 23:37:02 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2018/08/21 23:37:02 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HeadTrackerStorage.dll
[2018/08/21 23:37:01 | 004,380,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018/08/21 23:37:01 | 002,571,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018/08/21 23:37:01 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018/08/21 23:37:01 | 001,945,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018/08/21 23:37:01 | 001,719,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2018/08/21 23:37:01 | 001,661,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2018/08/21 23:37:01 | 001,649,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2018/08/21 23:37:01 | 001,634,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2018/08/21 23:37:01 | 001,190,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018/08/21 23:37:01 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2018/08/21 23:37:01 | 000,790,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018/08/21 23:37:01 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018/08/21 23:37:01 | 000,695,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hhctrl.ocx
[2018/08/21 23:37:01 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018/08/21 23:37:01 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018/08/21 23:37:01 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DXP.dll
[2018/08/21 23:37:01 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2018/08/21 23:37:01 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2018/08/21 23:37:01 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2018/08/21 23:37:01 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2018/08/21 23:37:01 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll
[2018/08/21 23:37:01 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2018/08/21 23:37:01 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManagerAPI.dll
[2018/08/21 23:37:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018/08/21 23:37:01 | 000,115,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2018/08/21 23:37:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProv2faHelper.dll
[2018/08/21 23:37:01 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2018/08/21 23:37:01 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2018/08/21 23:37:01 | 000,088,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2018/08/21 23:37:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edpnotify.exe
[2018/08/21 23:37:01 | 000,046,592 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2018/08/21 23:37:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DsmUserTask.exe
[2018/08/21 23:37:01 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2018/08/21 23:37:00 | 009,091,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018/08/21 23:37:00 | 003,319,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018/08/21 23:37:00 | 002,868,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2018/08/21 23:37:00 | 001,921,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2018/08/21 23:37:00 | 001,665,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2018/08/21 23:37:00 | 001,610,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018/08/21 23:37:00 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2018/08/21 23:37:00 | 001,457,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018/08/21 23:37:00 | 001,376,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018/08/21 23:37:00 | 001,258,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018/08/21 23:37:00 | 001,140,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018/08/21 23:37:00 | 000,983,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018/08/21 23:37:00 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2018/08/21 23:37:00 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmsys.cpl
[2018/08/21 23:37:00 | 000,945,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys
[2018/08/21 23:37:00 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2018/08/21 23:37:00 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2018/08/21 23:37:00 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2018/08/21 23:37:00 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2018/08/21 23:37:00 | 000,792,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018/08/21 23:37:00 | 000,723,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2018/08/21 23:37:00 | 000,689,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018/08/21 23:37:00 | 000,612,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018/08/21 23:37:00 | 000,527,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2018/08/21 23:37:00 | 000,451,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2018/08/21 23:37:00 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2018/08/21 23:37:00 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2018/08/21 23:37:00 | 000,356,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2018/08/21 23:37:00 | 000,309,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018/08/21 23:37:00 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.XamlHost.dll
[2018/08/21 23:37:00 | 000,144,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2018/08/21 23:37:00 | 000,070,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2018/08/21 23:36:59 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018/08/21 23:36:59 | 003,376,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2018/08/21 23:36:59 | 001,214,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2018/08/21 23:36:59 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018/08/21 23:36:59 | 000,676,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2018/08/21 23:36:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QuietHours.dll
[2018/08/21 23:36:59 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2018/08/21 23:36:59 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2018/08/21 23:36:59 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RasMediaManager.dll
[2018/08/21 23:36:59 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2018/08/21 23:36:59 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2018/08/21 23:36:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2018/08/21 23:36:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2018/08/21 23:36:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TelephonyInteractiveUser.dll
[2018/08/21 23:36:58 | 008,624,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2018/08/21 23:36:58 | 007,519,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018/08/21 23:36:58 | 006,587,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018/08/21 23:36:58 | 003,640,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2018/08/21 23:36:58 | 003,395,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018/08/21 23:36:58 | 002,172,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018/08/21 23:36:58 | 002,051,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2018/08/21 23:36:58 | 001,787,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2018/08/21 23:36:58 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2018/08/21 23:36:58 | 001,560,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdt.exe
[2018/08/21 23:36:58 | 001,550,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018/08/21 23:36:58 | 001,127,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2018/08/21 23:36:58 | 001,121,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2018/08/21 23:36:58 | 001,046,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2018/08/21 23:36:58 | 001,034,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018/08/21 23:36:58 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018/08/21 23:36:58 | 000,871,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.BackgroundMediaPlayback.dll
[2018/08/21 23:36:58 | 000,869,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018/08/21 23:36:58 | 000,849,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.MediaPlayer.dll
[2018/08/21 23:36:58 | 000,760,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018/08/21 23:36:58 | 000,759,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2018/08/21 23:36:58 | 000,661,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenValObj.exe
[2018/08/21 23:36:58 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2018/08/21 23:36:58 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2018/08/21 23:36:58 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2018/08/21 23:36:58 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018/08/21 23:36:58 | 000,324,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018/08/21 23:36:58 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2018/08/21 23:36:58 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018/08/21 23:36:58 | 000,228,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2018/08/21 23:36:58 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018/08/21 23:36:58 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2018/08/21 23:36:58 | 000,093,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018/08/21 23:36:57 | 001,523,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2018/08/21 23:36:57 | 000,941,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2018/08/21 23:36:57 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2018/08/21 23:36:57 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018/08/21 23:36:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2018/08/21 23:36:56 | 003,999,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbon.dll
[2018/08/21 23:36:56 | 003,492,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbon.dll
[2018/08/21 23:36:56 | 002,364,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpcServices.dll
[2018/08/21 23:36:56 | 002,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2018/08/21 23:36:56 | 001,659,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2018/08/21 23:36:56 | 001,180,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2018/08/21 23:36:56 | 001,171,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2018/08/21 23:36:56 | 000,636,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2018/08/21 23:36:56 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2018/08/21 23:36:56 | 000,506,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2018/08/21 23:36:56 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2018/08/21 23:36:56 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2018/08/21 23:36:55 | 004,392,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2018/08/21 23:36:55 | 004,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2018/08/21 23:36:55 | 003,652,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018/08/21 23:36:55 | 001,254,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018/08/21 23:36:55 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2018/08/21 23:36:55 | 000,761,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2018/08/21 23:36:55 | 000,510,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2018/08/21 23:36:55 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2018/08/21 23:36:55 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2018/08/21 23:36:55 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2018/08/21 23:36:55 | 000,228,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ucx01000.sys
[2018/08/21 23:36:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2018/08/21 23:36:55 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VideoHandlers.dll
[2018/08/21 23:36:55 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2018/08/21 23:36:55 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2018/08/21 23:36:55 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2018/08/21 23:36:54 | 007,057,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018/08/21 23:36:54 | 003,381,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018/08/21 23:36:54 | 002,178,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2018/08/21 23:36:54 | 001,817,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2018/08/21 23:36:54 | 001,747,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2018/08/21 23:36:54 | 001,627,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2018/08/21 23:36:54 | 001,581,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2018/08/21 23:36:54 | 001,487,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018/08/21 23:36:54 | 001,421,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpbase.dll
[2018/08/21 23:36:54 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2018/08/21 23:36:54 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018/08/21 23:36:54 | 001,225,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018/08/21 23:36:54 | 001,210,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2018/08/21 23:36:54 | 001,128,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2018/08/21 23:36:54 | 000,981,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2018/08/21 23:36:54 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018/08/21 23:36:54 | 000,930,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2018/08/21 23:36:54 | 000,906,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.PhoneNumberFormatting.dll
[2018/08/21 23:36:54 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018/08/21 23:36:54 | 000,884,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2018/08/21 23:36:54 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018/08/21 23:36:54 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2018/08/21 23:36:54 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2018/08/21 23:36:54 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018/08/21 23:36:54 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs4.dll
[2018/08/21 23:36:54 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs3.dll
[2018/08/21 23:36:54 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2018/08/21 23:36:54 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2018/08/21 23:36:54 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs2.dll
[2018/08/21 23:36:54 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2018/08/21 23:36:54 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Diagnostics.dll
[2018/08/21 23:36:54 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Phoneutil.dll
[2018/08/21 23:36:54 | 000,335,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2018/08/21 23:36:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2018/08/21 23:36:54 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2018/08/21 23:36:54 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2018/08/21 23:36:54 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.th.dll
[2018/08/21 23:36:54 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018/08/21 23:36:54 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PushToInstall.dll
[2018/08/21 23:36:54 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.win81.dll
[2018/08/21 23:36:54 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018/08/21 23:36:54 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2018/08/21 23:36:54 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Geolocation.dll
[2018/08/21 23:36:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2018/08/21 23:36:54 | 000,164,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2018/08/21 23:36:54 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2018/08/21 23:36:54 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.win8rtm.dll
[2018/08/21 23:36:54 | 000,131,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rmclient.dll
[2018/08/21 23:36:54 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSAssessment.dll
[2018/08/21 23:36:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2018/08/21 23:36:54 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2018/08/21 23:36:54 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2018/08/21 23:36:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2018/08/21 23:36:54 | 000,072,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys
[2018/08/21 23:36:54 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2018/08/21 23:36:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2018/08/21 23:36:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsTelemetry.dll
[2018/08/21 23:36:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2018/08/21 23:36:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2018/08/21 23:36:53 | 009,084,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018/08/21 23:36:53 | 007,900,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2018/08/21 23:36:53 | 006,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2018/08/21 23:36:53 | 004,770,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2018/08/21 23:36:53 | 003,392,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2018/08/21 23:36:53 | 003,283,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2018/08/21 23:36:53 | 003,180,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018/08/21 23:36:53 | 002,825,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018/08/21 23:36:53 | 002,738,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2018/08/21 23:36:53 | 002,548,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2018/08/21 23:36:53 | 002,248,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2018/08/21 23:36:53 | 002,236,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018/08/21 23:36:53 | 001,724,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2018/08/21 23:36:53 | 001,613,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3D12.dll
[2018/08/21 23:36:53 | 001,318,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2018/08/21 23:36:53 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Maps.dll
[2018/08/21 23:36:53 | 000,910,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2018/08/21 23:36:53 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2018/08/21 23:36:53 | 000,792,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018/08/21 23:36:53 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2018/08/21 23:36:53 | 000,748,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2018/08/21 23:36:53 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2018/08/21 23:36:53 | 000,613,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018/08/21 23:36:53 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018/08/21 23:36:53 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs1.dll
[2018/08/21 23:36:53 | 000,413,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018/08/21 23:36:53 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2018/08/21 23:36:53 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2018/08/21 23:36:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2018/08/21 23:36:53 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2018/08/21 23:36:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2018/08/21 23:36:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2018/08/21 23:36:53 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2018/08/21 23:36:53 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018/08/21 23:36:53 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2018/08/21 23:36:52 | 016,592,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2018/08/21 23:36:52 | 003,348,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2018/08/21 23:36:52 | 002,697,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Controls.dll
[2018/08/21 23:36:52 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2018/08/21 23:36:52 | 001,825,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2018/08/21 23:36:52 | 001,668,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2018/08/21 23:36:52 | 001,395,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018/08/21 23:36:52 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2018/08/21 23:36:52 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018/08/21 23:36:52 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018/08/21 23:36:52 | 000,811,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2018/08/21 23:36:52 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2018/08/21 23:36:52 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2018/08/21 23:36:52 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2018/08/21 23:36:52 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2018/08/21 23:36:52 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2018/08/21 23:36:52 | 000,326,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExecModelClient.dll
[2018/08/21 23:36:52 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2018/08/21 23:36:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2018/08/21 23:36:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppHostRegistrationVerifier.exe
[2018/08/21 23:36:52 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2018/08/21 23:36:52 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2018/08/21 23:36:51 | 008,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018/08/21 23:36:51 | 004,706,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018/08/21 23:36:51 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTMediaFrame.dll
[2018/08/21 23:36:51 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2018/08/21 23:36:51 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApiSetHost.AppExecutionAlias.dll
[2018/08/21 23:36:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManagerClient.dll
[2018/08/21 23:36:50 | 001,934,400 | ---- | C]
  • 瀬野
  • 2018/09/05 (Wed) 23:52:54
OTLログ6
OTLログ6
途切れてしまったところからです。

[2018/08/21 23:36:50 | 001,934,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018/08/21 23:36:50 | 001,364,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018/08/21 23:36:50 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2018/08/21 23:36:50 | 001,213,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2018/08/21 23:36:50 | 001,209,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018/08/21 23:36:50 | 001,064,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018/08/21 23:36:50 | 001,004,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2018/08/21 23:36:50 | 000,783,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyHrtfEnc.dll
[2018/08/21 23:36:50 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018/08/21 23:36:50 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2018/08/21 23:36:50 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2018/08/21 23:36:50 | 000,594,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018/08/21 23:36:50 | 000,413,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018/08/21 23:36:50 | 000,338,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2018/08/21 23:36:50 | 000,313,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2018/08/21 23:36:50 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2018/08/21 23:36:50 | 000,272,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018/08/21 23:36:50 | 000,269,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018/08/21 23:36:50 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyMATEnc.dll
[2018/08/21 23:36:50 | 000,116,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2018/08/21 23:36:50 | 000,084,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayUtil.dll
[2018/08/21 23:36:50 | 000,057,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.ShellCommon.Broker.dll
[2018/08/21 23:36:49 | 005,951,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2018/08/21 23:36:49 | 004,929,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2018/08/21 23:36:49 | 003,086,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2018/08/21 23:36:49 | 002,546,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018/08/21 23:36:49 | 002,266,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2018/08/21 23:36:49 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2018/08/21 23:36:49 | 001,659,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2018/08/21 23:36:49 | 001,538,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2018/08/21 23:36:49 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018/08/21 23:36:49 | 001,364,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2018/08/21 23:36:49 | 001,186,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2018/08/21 23:36:49 | 001,127,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplySettingsTemplateCatalog.exe
[2018/08/21 23:36:49 | 000,916,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2018/08/21 23:36:49 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018/08/21 23:36:49 | 000,826,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVClient.exe
[2018/08/21 23:36:49 | 000,776,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2018/08/21 23:36:49 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2018/08/21 23:36:49 | 000,749,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVReporting.dll
[2018/08/21 23:36:49 | 000,665,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2018/08/21 23:36:49 | 000,652,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVPublishing.dll
[2018/08/21 23:36:49 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018/08/21 23:36:49 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PerceptionSimulationExtensions.dll
[2018/08/21 23:36:49 | 000,494,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2018/08/21 23:36:49 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2018/08/21 23:36:49 | 000,434,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2018/08/21 23:36:49 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018/08/21 23:36:49 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CscUnpinTool.exe
[2018/08/21 23:36:49 | 000,399,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVScripting.dll
[2018/08/21 23:36:49 | 000,382,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2018/08/21 23:36:49 | 000,348,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018/08/21 23:36:49 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserexport.exe
[2018/08/21 23:36:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018/08/21 23:36:49 | 000,267,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018/08/21 23:36:49 | 000,183,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mavinject.exe
[2018/08/21 23:36:49 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2018/08/21 23:36:49 | 000,148,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mavinject.exe
[2018/08/21 23:36:49 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2018/08/21 23:36:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2018/08/21 23:36:49 | 000,089,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2018/08/21 23:36:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppCore.dll
[2018/08/21 23:36:49 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UevAppMonitor.exe
[2018/08/21 23:36:49 | 000,040,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVClientPS.dll
[2018/08/21 23:36:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2018/08/21 23:36:49 | 000,019,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVTerminator.dll
[2018/08/21 23:36:48 | 003,296,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2018/08/21 23:36:48 | 003,293,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2018/08/21 23:36:48 | 002,479,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2018/08/21 23:36:48 | 001,792,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2018/08/21 23:36:48 | 001,742,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018/08/21 23:36:48 | 001,535,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018/08/21 23:36:48 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2018/08/21 23:36:48 | 001,363,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2018/08/21 23:36:48 | 001,174,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018/08/21 23:36:48 | 001,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2018/08/21 23:36:48 | 001,017,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018/08/21 23:36:48 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2018/08/21 23:36:48 | 000,880,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2018/08/21 23:36:48 | 000,873,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2018/08/21 23:36:48 | 000,788,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2018/08/21 23:36:48 | 000,766,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018/08/21 23:36:48 | 000,722,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2018/08/21 23:36:48 | 000,678,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2018/08/21 23:36:48 | 000,642,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp_win.dll
[2018/08/21 23:36:48 | 000,604,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018/08/21 23:36:48 | 000,562,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018/08/21 23:36:48 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2018/08/21 23:36:48 | 000,550,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2018/08/21 23:36:48 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2018/08/21 23:36:48 | 000,491,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018/08/21 23:36:48 | 000,483,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018/08/21 23:36:48 | 000,480,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2018/08/21 23:36:48 | 000,462,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2018/08/21 23:36:48 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2018/08/21 23:36:48 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll
[2018/08/21 23:36:48 | 000,380,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2018/08/21 23:36:48 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2018/08/21 23:36:48 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2018/08/21 23:36:48 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2018/08/21 23:36:48 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2018/08/21 23:36:48 | 000,203,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2018/08/21 23:36:48 | 000,194,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2018/08/21 23:36:48 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2018/08/21 23:36:48 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2018/08/21 23:36:48 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\datamarketsvc.dll
[2018/08/21 23:36:48 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2018/08/21 23:36:48 | 000,137,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2018/08/21 23:36:48 | 000,118,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2018/08/21 23:36:48 | 000,105,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2018/08/21 23:36:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018/08/21 23:36:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tokenbinding.dll
[2018/08/21 23:36:48 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tokenbinding.dll
[2018/08/21 23:36:48 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2018/08/21 23:36:47 | 007,436,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018/08/21 23:36:47 | 004,970,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2018/08/21 23:36:47 | 001,798,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2018/08/21 23:36:47 | 001,567,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2018/08/21 23:36:47 | 001,565,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2018/08/21 23:36:47 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2018/08/21 23:36:47 | 000,735,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2018/08/21 23:36:47 | 000,692,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2018/08/21 23:36:47 | 000,659,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2018/08/21 23:36:47 | 000,347,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2018/08/21 23:36:47 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018/08/21 23:36:47 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2018/08/21 23:36:47 | 000,072,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2018/08/21 23:36:47 | 000,057,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2018/08/21 23:36:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2018/08/21 23:36:46 | 002,895,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018/08/21 23:36:46 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2018/08/21 23:36:46 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2018/08/21 23:36:46 | 001,348,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpcServices.dll
[2018/08/21 23:36:46 | 001,221,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018/08/21 23:36:46 | 001,030,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018/08/21 23:36:46 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2018/08/21 23:36:46 | 000,607,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2018/08/21 23:36:46 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2018/08/21 23:36:46 | 000,568,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018/08/21 23:36:46 | 000,553,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2018/08/21 23:36:46 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2018/08/21 23:36:46 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpRelayTransport.dll
[2018/08/21 23:36:46 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll
[2018/08/21 23:36:46 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2018/08/21 23:36:46 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018/08/21 23:36:46 | 000,136,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018/08/21 23:36:46 | 000,130,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2018/08/21 23:36:46 | 000,077,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2018/08/21 23:36:46 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhvr.sys
[2018/08/21 23:36:46 | 000,061,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvhostsvc.dll
[2018/08/21 23:36:46 | 000,061,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2018/08/21 23:36:46 | 000,031,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys
[2018/08/21 23:36:45 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2018/08/21 23:36:45 | 001,077,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2018/08/21 23:36:45 | 000,885,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018/08/21 23:36:45 | 000,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2018/08/21 23:36:45 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2018/08/21 23:36:45 | 000,568,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018/08/21 23:36:45 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAC3ENC.DLL
[2018/08/21 23:36:45 | 000,094,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2018/08/21 23:36:44 | 000,611,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018/08/21 23:36:44 | 000,566,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2018/08/21 23:36:44 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2018/08/21 23:36:44 | 000,230,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2018/08/21 23:36:44 | 000,128,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scmbus.sys
[2018/08/21 23:36:44 | 000,105,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2018/08/21 23:36:44 | 000,075,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys
[2018/08/21 23:36:44 | 000,048,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018/08/21 23:36:44 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2018/08/21 23:36:44 | 000,029,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uefi.sys
[2018/08/21 23:36:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgid.sys
[2018/08/21 23:33:11 | 004,492,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2018/08/21 23:33:11 | 003,398,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2018/08/21 23:33:11 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsFilt.dll
[2018/08/21 23:33:11 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsFilt.dll
[2018/08/21 23:33:11 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XPSSHHDR.dll
[2018/08/21 23:33:11 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XPSSHHDR.dll
[2018/08/21 23:32:32 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2018/08/21 23:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\rempl
[2018/08/21 23:13:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2018/08/21 22:57:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2018/08/10 23:08:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/09/05 20:44:22 | 001,369,588 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018/09/05 20:44:22 | 000,665,504 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018/09/05 20:44:22 | 000,453,420 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2018/09/05 20:44:22 | 000,125,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018/09/05 20:44:22 | 000,124,482 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2018/09/05 20:42:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2018/09/05 20:41:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018/09/05 20:39:47 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2018/09/05 20:39:45 | 2549,829,631 | -HS- | M] () -- C:\hiberfil.sys
[2018/09/02 22:49:16 | 000,259,360 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2018/09/01 23:18:50 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018/09/01 02:40:38 | 000,193,256 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2018/08/31 23:47:37 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/08/30 22:04:00 | 004,599,496 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NGCx64\160F000.058\Cat.DB
[2018/08/30 00:21:38 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/08/21 23:57:52 | 000,001,417 | ---- | M] () -- C:\Users\owner\Desktop\Microsoft Edge.lnk
[2018/08/21 23:56:36 | 000,002,574 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2018/08/21 23:56:25 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2018/08/21 23:56:25 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2018/08/21 23:55:53 | 000,023,208 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2018/08/21 23:52:34 | 000,271,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018/08/21 23:37:28 | 013,570,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018/08/21 23:37:28 | 012,500,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018/08/21 23:37:28 | 001,773,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2018/08/21 23:37:28 | 001,537,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2018/08/21 23:37:28 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EASPolicyManagerBrokerHost.exe
[2018/08/21 23:37:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EasPolicyManagerBrokerPS.dll
[2018/08/21 23:37:25 | 002,590,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2018/08/21 23:37:25 | 002,371,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018/08/21 23:37:25 | 002,331,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018/08/21 23:37:25 | 002,307,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2018/08/21 23:37:25 | 001,710,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2018/08/21 23:37:25 | 001,397,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2018/08/21 23:37:25 | 001,307,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2018/08/21 23:37:25 | 001,295,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2018/08/21 23:37:25 | 001,153,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2018/08/21 23:37:25 | 001,150,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2018/08/21 23:37:25 | 001,017,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2018/08/21 23:37:25 | 001,017,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2018/08/21 23:37:25 | 000,861,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2018/08/21 23:37:25 | 000,861,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2018/08/21 23:37:25 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2018/08/21 23:37:25 | 000,839,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2018/08/21 23:37:25 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpshell.exe
[2018/08/21 23:37:25 | 000,457,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2018/08/21 23:37:25 | 000,416,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2018/08/21 23:37:25 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinit.exe
[2018/08/21 23:37:25 | 000,247,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2018/08/21 23:37:25 | 000,232,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2018/08/21 23:37:25 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2018/08/21 23:37:25 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2018/08/21 23:37:25 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2018/08/21 23:37:24 | 006,813,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018/08/21 23:37:24 | 006,527,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018/08/21 23:37:24 | 004,788,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018/08/21 23:37:24 | 004,403,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018/08/21 23:37:24 | 004,331,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018/08/21 23:37:24 | 002,563,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2018/08/21 23:37:24 | 002,535,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2018/08/21 23:37:24 | 002,163,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2018/08/21 23:37:24 | 001,708,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018/08/21 23:37:24 | 001,559,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018/08/21 23:37:24 | 001,380,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018/08/21 23:37:24 | 001,361,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018/08/21 23:37:24 | 001,342,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2018/08/21 23:37:24 | 001,288,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018/08/21 23:37:24 | 001,148,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018/08/21 23:37:24 | 001,143,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2018/08/21 23:37:24 | 001,131,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018/08/21 23:37:24 | 001,112,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2018/08/21 23:37:24 | 001,034,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2018/08/21 23:37:24 | 001,020,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018/08/21 23:37:24 | 001,012,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2018/08/21 23:37:24 | 000,988,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018/08/21 23:37:24 | 000,770,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2018/08/21 23:37:24 | 000,583,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2018/08/21 23:37:24 | 000,500,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2018/08/21 23:37:24 | 000,472,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2018/08/21 23:37:24 | 000,260,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018/08/21 23:37:24 | 000,129,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018/08/21 23:37:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSHEIF.dll
[2018/08/21 23:37:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSHEIF.dll
[2018/08/21 23:37:23 | 004,559,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018/08/21 23:37:23 | 002,062,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2018/08/21 23:37:23 | 001,946,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018/08/21 23:37:23 | 001,784,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018/08/21 23:37:23 | 001,611,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2018/08/21 23:37:23 | 001,305,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2018/08/21 23:37:23 | 001,242,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2018/08/21 23:37:23 | 001,144,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2018/08/21 23:37:23 | 001,097,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018/08/21 23:37:23 | 000,713,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2018/08/21 23:37:22 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwcreator.exe
[2018/08/21 23:37:17 | 002,395,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018/08/21 23:37:17 | 000,908,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2018/08/21 23:37:17 | 000,753,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018/08/21 23:37:17 | 000,661,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018/08/21 23:37:16 | 005,776,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018/08/21 23:37:16 | 001,466,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2018/08/21 23:37:16 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2018/08/21 23:37:16 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018/08/21 23:37:16 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018/08/21 23:37:15 | 025,846,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018/08/21 23:37:15 | 022,007,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018/08/21 23:37:15 | 002,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018/08/21 23:37:15 | 001,932,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeangle.dll
[2018/08/21 23:37:15 | 000,808,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018/08/21 23:37:15 | 000,776,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2018/08/21 23:37:15 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018/08/21 23:37:15 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018/08/21 23:37:15 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2018/08/21 23:37:14 | 007,577,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018/08/21 23:37:14 | 004,867,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018/08/21 23:37:14 | 002,084,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018/08/21 23:37:14 | 001,586,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2018/08/21 23:37:14 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018/08/21 23:37:14 | 000,814,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018/08/21 23:37:14 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018/08/21 23:37:14 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018/08/21 23:37:14 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018/08/21 23:37:14 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018/08/21 23:37:13 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018/08/21 23:37:13 | 000,022,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hvsicontainerservice.dll
[2018/08/21 23:37:12 | 023,862,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018/08/21 23:37:12 | 019,525,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018/08/21 23:37:12 | 000,868,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2018/08/21 23:37:12 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2018/08/21 23:37:12 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MixedReality.Broker.dll
[2018/08/21 23:37:12 | 000,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2018/08/21 23:37:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.Analog.dll
[2018/08/21 23:37:11 | 001,271,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2018/08/21 23:37:11 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2018/08/21 23:37:11 | 000,672,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2018/08/21 23:37:11 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2018/08/21 23:37:10 | 007,987,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2018/08/21 23:37:10 | 005,657,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018/08/21 23:37:10 | 003,611,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018/08/21 23:37:10 | 003,444,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2018/08/21 23:37:10 | 002,841,312 | ---- | M] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018/08/21 23:37:10 | 002,401,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018/08/21 23:37:10 | 001,508,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdt.exe
[2018/08/21 23:37:10 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2018/08/21 23:37:10 | 001,308,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2018/08/21 23:37:10 | 000,908,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2018/08/21 23:37:10 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2018/08/21 23:37:10 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018/08/21 23:37:10 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2018/08/21 23:37:10 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2018/08/21 23:37:10 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2018/08/21 23:37:10 | 000,018,716 | ---- | M] () -- C:\WINDOWS\SysWow64\srms-apr.dat
  • 瀬野
  • 2018/09/06 (Thu) 00:03:51
OTLログ7
OTLログ7

[2018/08/21 23:37:09 | 006,568,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018/08/21 23:37:09 | 001,454,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2018/08/21 23:37:09 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2018/08/21 23:37:09 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2018/08/21 23:37:09 | 000,917,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2018/08/21 23:37:09 | 000,863,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2018/08/21 23:37:09 | 000,653,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2018/08/21 23:37:09 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2018/08/21 23:37:09 | 000,646,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018/08/21 23:37:09 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.MediaPlayer.dll
[2018/08/21 23:37:09 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2018/08/21 23:37:09 | 000,340,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2018/08/21 23:37:09 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018/08/21 23:37:09 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018/08/21 23:37:09 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2018/08/21 23:37:09 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschap.dll
[2018/08/21 23:37:09 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2018/08/21 23:37:08 | 001,469,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2018/08/21 23:37:08 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hhctrl.ocx
[2018/08/21 23:37:07 | 002,900,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018/08/21 23:37:07 | 001,380,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2018/08/21 23:37:07 | 000,871,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2018/08/21 23:37:07 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2018/08/21 23:37:07 | 000,831,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2018/08/21 23:37:07 | 000,747,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2018/08/21 23:37:07 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2018/08/21 23:37:07 | 000,663,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018/08/21 23:37:07 | 000,621,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2018/08/21 23:37:07 | 000,264,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2018/08/21 23:37:07 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2018/08/21 23:37:07 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2018/08/21 23:37:07 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.XamlHost.dll
[2018/08/21 23:37:07 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2018/08/21 23:37:07 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProv2faHelper.dll
[2018/08/21 23:37:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2018/08/21 23:37:06 | 006,647,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018/08/21 23:37:06 | 006,043,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018/08/21 23:37:06 | 005,883,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018/08/21 23:37:06 | 004,469,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2018/08/21 23:37:06 | 002,449,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018/08/21 23:37:06 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018/08/21 23:37:06 | 001,665,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2018/08/21 23:37:06 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2018/08/21 23:37:06 | 001,426,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2018/08/21 23:37:06 | 001,235,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpbase.dll
[2018/08/21 23:37:06 | 001,110,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018/08/21 23:37:06 | 000,993,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Vpn.dll
[2018/08/21 23:37:06 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018/08/21 23:37:06 | 000,864,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmsys.cpl
[2018/08/21 23:37:06 | 000,829,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2018/08/21 23:37:06 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2018/08/21 23:37:06 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018/08/21 23:37:06 | 000,705,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2018/08/21 23:37:06 | 000,593,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2018/08/21 23:37:06 | 000,568,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2018/08/21 23:37:06 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2018/08/21 23:37:06 | 000,443,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2018/08/21 23:37:06 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018/08/21 23:37:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2018/08/21 23:37:06 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2018/08/21 23:37:06 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Diagnostics.dll
[2018/08/21 23:37:06 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2018/08/21 23:37:06 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2018/08/21 23:37:06 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2018/08/21 23:37:06 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2018/08/21 23:37:06 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2018/08/21 23:37:06 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2018/08/21 23:37:06 | 000,101,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rmclient.dll
[2018/08/21 23:37:06 | 000,050,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2018/08/21 23:37:05 | 013,873,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2018/08/21 23:37:05 | 006,661,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018/08/21 23:37:05 | 003,553,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2018/08/21 23:37:05 | 002,789,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2018/08/21 23:37:05 | 002,417,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018/08/21 23:37:05 | 001,703,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Controls.dll
[2018/08/21 23:37:05 | 001,462,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2018/08/21 23:37:05 | 001,356,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2018/08/21 23:37:05 | 001,299,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3D12.dll
[2018/08/21 23:37:05 | 001,192,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Maps.dll
[2018/08/21 23:37:05 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2018/08/21 23:37:05 | 001,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2018/08/21 23:37:05 | 001,000,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018/08/21 23:37:05 | 000,743,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2018/08/21 23:37:05 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018/08/21 23:37:05 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2018/08/21 23:37:05 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2018/08/21 23:37:05 | 000,593,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2018/08/21 23:37:05 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2018/08/21 23:37:05 | 000,582,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2018/08/21 23:37:05 | 000,560,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2018/08/21 23:37:05 | 000,506,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2018/08/21 23:37:05 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Core.dll
[2018/08/21 23:37:05 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smartscreenps.dll
[2018/08/21 23:37:05 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ApiSetHost.AppExecutionAlias.dll
[2018/08/21 23:37:05 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018/08/21 23:37:05 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2018/08/21 23:37:05 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2018/08/21 23:37:04 | 003,932,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018/08/21 23:37:04 | 003,733,320 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2018/08/21 23:37:04 | 002,962,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018/08/21 23:37:04 | 002,700,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2018/08/21 23:37:04 | 002,486,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2018/08/21 23:37:04 | 002,258,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2018/08/21 23:37:04 | 001,456,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcDesktopMonSvc.dll
[2018/08/21 23:37:04 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpasvc.dll
[2018/08/21 23:37:04 | 001,251,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2018/08/21 23:37:04 | 001,180,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2018/08/21 23:37:04 | 001,124,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2018/08/21 23:37:04 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2018/08/21 23:37:04 | 000,976,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2018/08/21 23:37:04 | 000,949,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2018/08/21 23:37:04 | 000,944,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.Internal.dll
[2018/08/21 23:37:04 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2018/08/21 23:37:04 | 000,781,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2018/08/21 23:37:04 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2018/08/21 23:37:04 | 000,735,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2018/08/21 23:37:04 | 000,717,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2018/08/21 23:37:04 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFDSConMgrSvc.dll
[2018/08/21 23:37:04 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2018/08/21 23:37:04 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2018/08/21 23:37:04 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018/08/21 23:37:04 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018/08/21 23:37:04 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTMediaFrame.dll
[2018/08/21 23:37:04 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2018/08/21 23:37:04 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Phoneutil.dll
[2018/08/21 23:37:04 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2018/08/21 23:37:04 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2018/08/21 23:37:04 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2018/08/21 23:37:04 | 000,281,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExecModelClient.dll
[2018/08/21 23:37:04 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FSClient.dll
[2018/08/21 23:37:04 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018/08/21 23:37:04 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2018/08/21 23:37:04 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2018/08/21 23:37:04 | 000,077,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2018/08/21 23:37:04 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll
[2018/08/21 23:37:04 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFDSConMgr.dll
[2018/08/21 23:37:04 | 000,064,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LanguageOverlayUtil.dll
[2018/08/21 23:37:04 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cellulardatacapabilityhandler.dll
[2018/08/21 23:37:04 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2018/08/21 23:37:04 | 000,018,716 | ---- | M] () -- C:\WINDOWS\SysNative\srms-apr.dat
[2018/08/21 23:37:02 | 000,898,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2018/08/21 23:37:02 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HeadTrackerStorage.dll
[2018/08/21 23:37:01 | 004,380,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018/08/21 23:37:01 | 002,571,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018/08/21 23:37:01 | 002,368,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018/08/21 23:37:01 | 001,945,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018/08/21 23:37:01 | 001,719,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2018/08/21 23:37:01 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2018/08/21 23:37:01 | 001,649,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2018/08/21 23:37:01 | 001,634,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2018/08/21 23:37:01 | 001,190,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018/08/21 23:37:01 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2018/08/21 23:37:01 | 000,790,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018/08/21 23:37:01 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018/08/21 23:37:01 | 000,695,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hhctrl.ocx
[2018/08/21 23:37:01 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018/08/21 23:37:01 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018/08/21 23:37:01 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DXP.dll
[2018/08/21 23:37:01 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2018/08/21 23:37:01 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2018/08/21 23:37:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2018/08/21 23:37:01 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2018/08/21 23:37:01 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerCsp.dll
[2018/08/21 23:37:01 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2018/08/21 23:37:01 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManagerAPI.dll
[2018/08/21 23:37:01 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018/08/21 23:37:01 | 000,115,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2018/08/21 23:37:01 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProv2faHelper.dll
[2018/08/21 23:37:01 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2018/08/21 23:37:01 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2018/08/21 23:37:01 | 000,088,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2018/08/21 23:37:01 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edpnotify.exe
[2018/08/21 23:37:01 | 000,046,592 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2018/08/21 23:37:01 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DsmUserTask.exe
[2018/08/21 23:37:01 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2018/08/21 23:37:00 | 009,091,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018/08/21 23:37:00 | 003,319,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018/08/21 23:37:00 | 002,868,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2018/08/21 23:37:00 | 001,921,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2018/08/21 23:37:00 | 001,665,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2018/08/21 23:37:00 | 001,610,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018/08/21 23:37:00 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2018/08/21 23:37:00 | 001,457,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018/08/21 23:37:00 | 001,376,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018/08/21 23:37:00 | 001,258,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018/08/21 23:37:00 | 001,140,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018/08/21 23:37:00 | 000,983,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018/08/21 23:37:00 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2018/08/21 23:37:00 | 000,947,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmsys.cpl
[2018/08/21 23:37:00 | 000,945,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys
[2018/08/21 23:37:00 | 000,932,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2018/08/21 23:37:00 | 000,907,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2018/08/21 23:37:00 | 000,899,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2018/08/21 23:37:00 | 000,804,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2018/08/21 23:37:00 | 000,792,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018/08/21 23:37:00 | 000,723,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2018/08/21 23:37:00 | 000,689,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018/08/21 23:37:00 | 000,612,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018/08/21 23:37:00 | 000,527,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2018/08/21 23:37:00 | 000,451,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2018/08/21 23:37:00 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2018/08/21 23:37:00 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2018/08/21 23:37:00 | 000,356,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2018/08/21 23:37:00 | 000,309,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018/08/21 23:37:00 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.XamlHost.dll
[2018/08/21 23:37:00 | 000,144,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2018/08/21 23:37:00 | 000,070,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2018/08/21 23:36:59 | 004,708,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018/08/21 23:36:59 | 003,376,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2018/08/21 23:36:59 | 001,214,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2018/08/21 23:36:59 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018/08/21 23:36:59 | 000,676,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2018/08/21 23:36:59 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QuietHours.dll
[2018/08/21 23:36:59 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2018/08/21 23:36:59 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2018/08/21 23:36:59 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RasMediaManager.dll
[2018/08/21 23:36:59 | 000,324,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018/08/21 23:36:59 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2018/08/21 23:36:59 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2018/08/21 23:36:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2018/08/21 23:36:59 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2018/08/21 23:36:59 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TelephonyInteractiveUser.dll
[2018/08/21 23:36:58 | 008,624,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2018/08/21 23:36:58 | 007,519,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018/08/21 23:36:58 | 006,587,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018/08/21 23:36:58 | 003,640,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2018/08/21 23:36:58 | 003,395,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018/08/21 23:36:58 | 002,172,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018/08/21 23:36:58 | 002,051,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2018/08/21 23:36:58 | 001,787,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2018/08/21 23:36:58 | 001,676,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2018/08/21 23:36:58 | 001,560,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdt.exe
[2018/08/21 23:36:58 | 001,550,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018/08/21 23:36:58 | 001,523,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2018/08/21 23:36:58 | 001,127,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2018/08/21 23:36:58 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2018/08/21 23:36:58 | 001,046,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2018/08/21 23:36:58 | 001,034,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018/08/21 23:36:58 | 000,878,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018/08/21 23:36:58 | 000,871,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.BackgroundMediaPlayback.dll
[2018/08/21 23:36:58 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018/08/21 23:36:58 | 000,849,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.MediaPlayer.dll
[2018/08/21 23:36:58 | 000,760,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018/08/21 23:36:58 | 000,759,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2018/08/21 23:36:58 | 000,661,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenValObj.exe
[2018/08/21 23:36:58 | 000,625,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2018/08/21 23:36:58 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2018/08/21 23:36:58 | 000,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2018/08/21 23:36:58 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018/08/21 23:36:58 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2018/08/21 23:36:58 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018/08/21 23:36:58 | 000,228,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2018/08/21 23:36:58 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018/08/21 23:36:58 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2018/08/21 23:36:58 | 000,093,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018/08/21 23:36:57 | 000,941,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2018/08/21 23:36:57 | 000,933,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2018/08/21 23:36:57 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018/08/21 23:36:57 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2018/08/21 23:36:56 | 003,999,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbon.dll
[2018/08/21 23:36:56 | 003,492,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbon.dll
[2018/08/21 23:36:56 | 002,364,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpcServices.dll
[2018/08/21 23:36:56 | 002,019,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2018/08/21 23:36:56 | 001,659,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2018/08/21 23:36:56 | 001,180,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2018/08/21 23:36:56 | 001,171,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2018/08/21 23:36:56 | 000,808,960 | ---- | M] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2018/08/21 23:36:56 | 000,636,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2018/08/21 23:36:56 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2018/08/21 23:36:56 | 000,506,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2018/08/21 23:36:56 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2018/08/21 23:36:56 | 000,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2018/08/21 23:36:56 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2018/08/21 23:36:55 | 004,392,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2018/08/21 23:36:55 | 004,049,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2018/08/21 23:36:55 | 003,652,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018/08/21 23:36:55 | 001,254,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018/08/21 23:36:55 | 000,790,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2018/08/21 23:36:55 | 000,761,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2018/08/21 23:36:55 | 000,510,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2018/08/21 23:36:55 | 000,506,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2018/08/21 23:36:55 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2018/08/21 23:36:55 | 000,228,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ucx01000.sys
[2018/08/21 23:36:55 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2018/08/21 23:36:55 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VideoHandlers.dll
[2018/08/21 23:36:55 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2018/08/21 23:36:55 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2018/08/21 23:36:55 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2018/08/21 23:36:55 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2018/08/21 23:36:54 | 007,057,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018/08/21 23:36:54 | 003,381,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018/08/21 23:36:54 | 002,825,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018/08/21 23:36:54 | 002,178,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2018/08/21 23:36:54 | 001,817,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2018/08/21 23:36:54 | 001,747,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2018/08/21 23:36:54 | 001,627,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2018/08/21 23:36:54 | 001,581,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2018/08/21 23:36:54 | 001,487,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018/08/21 23:36:54 | 001,421,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpbase.dll
[2018/08/21 23:36:54 | 001,304,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2018/08/21 23:36:54 | 001,264,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018/08/21 23:36:54 | 001,225,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018/08/21 23:36:54 | 001,210,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2018/08/21 23:36:54 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2018/08/21 23:36:54 | 000,981,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2018/08/21 23:36:54 | 000,943,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018/08/21 23:36:54 | 000,930,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2018/08/21 23:36:54 | 000,906,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.PhoneNumberFormatting.dll
[2018/08/21 23:36:54 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018/08/21 23:36:54 | 000,884,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2018/08/21 23:36:54 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018/08/21 23:36:54 | 000,827,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2018/08/21 23:36:54 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2018/08/21 23:36:54 | 000,625,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018/08/21 23:36:54 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs4.dll
[2018/08/21 23:36:54 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs3.dll
[2018/08/21 23:36:54 | 000,566,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2018/08/21 23:36:54 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2018/08/21 23:36:54 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs2.dll
[2018/08/21 23:36:54 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2018/08/21 23:36:54 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Diagnostics.dll
[2018/08/21 23:36:54 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Phoneutil.dll
[2018/08/21 23:36:54 | 000,335,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2018/08/21 23:36:54 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2018/08/21 23:36:54 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2018/08/21 23:36:54 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2018/08/21 23:36:54 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.th.dll
[2018/08/21 23:36:54 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018/08/21 23:36:54 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PushToInstall.dll
[2018/08/21 23:36:54 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.win81.dll
[2018/08/21 23:36:54 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018/08/21 23:36:54 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2018/08/21 23:36:54 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Geolocation.dll
[2018/08/21 23:36:54 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2018/08/21 23:36:54 | 000,164,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2018/08/21 23:36:54 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2018/08/21 23:36:54 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.win8rtm.dll
[2018/08/21 23:36:54 | 000,131,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rmclient.dll
[2018/08/21 23:36:54 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSAssessment.dll
[2018/08/21 23:36:54 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2018/08/21 23:36:54 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2018/08/21 23:36:54 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2018/08/21 23:36:54 | 000,072,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys
[2018/08/21 23:36:54 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2018/08/21 23:36:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2018/08/21 23:36:54 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsTelemetry.dll
[2018/08/21 23:36:54 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2018/08/21 23:36:54 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2018/08/21 23:36:53 | 016,592,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2018/08/21 23:36:53 | 009,084,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018/08/21 23:36:53 | 007,900,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2018/08/21 23:36:53 | 006,032,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2018/08/21 23:36:53 | 004,770,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2018/08/21 23:36:53 | 003,392,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2018/08/21 23:36:53 | 003,283,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2018/08/21 23:36:53 | 003,180,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018/08/21 23:36:53 | 002,738,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2018/08/21 23:36:53 | 002,548,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2018/08/21 23:36:53 | 002,248,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2018/08/21 23:36:53 | 002,236,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018/08/21 23:36:53 | 001,724,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2018/08/21 23:36:53 | 001,613,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3D12.dll
[2018/08/21 23:36:53 | 001,318,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2018/08/21 23:36:53 | 001,285,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Maps.dll
[2018/08/21 23:36:53 | 000,910,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2018/08/21 23:36:53 | 000,796,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2018/08/21 23:36:53 | 000,792,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018/08/21 23:36:53 | 000,755,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2018/08/21 23:36:53 | 000,748,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2018/08/21 23:36:53 | 000,715,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2018/08/21 23:36:53 | 000,613,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018/08/21 23:36:53 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018/08/21 23:36:53 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.rs1.dll
[2018/08/21 23:36:53 | 000,413,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018/08/21 23:36:53 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2018/08/21 23:36:53 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2018/08/21 23:36:53 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2018/08/21 23:36:53 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2018/08/21 23:36:53 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2018/08/21 23:36:53 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2018/08/21 23:36:53 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2018/08/21 23:36:53 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018/08/21 23:36:53 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2018/08/21 23:36:52 | 003,348,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2018/08/21 23:36:52 | 002,697,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Controls.dll
[2018/08/21 23:36:52 | 002,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2018/08/21 23:36:52 | 001,825,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2018/08/21 23:36:52 | 001,668,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2018/08/21 23:36:52 | 001,395,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018/08/21 23:36:52 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2018/08/21 23:36:52 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018/08/21 23:36:52 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018/08/21 23:36:52 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2018/08/21 23:36:52 | 000,735,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2018/08/21 23:36:52 | 000,670,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2018/08/21 23:36:52 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2018/08/21 23:36:52 | 000,652,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2018/08/21 23:36:52 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2018/08/21 23:36:52 | 000,326,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExecModelClient.dll
[2018/08/21 23:36:52 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2018/08/21 23:36:52 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2018/08/21 23:36:52 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppHostRegistrationVerifier.exe
[2018/08/21 23:36:52 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2018/08/21 23:36:52 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2018/08/21 23:36:51 | 008,188,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018/08/21 23:36:51 | 004,706,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018/08/21 23:36:51 | 000,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTMediaFrame.dll
[2018/08/21 23:36:51 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2018/08/21 23:36:51 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApiSetHost.AppExecutionAlias.dll
[2018/08/21 23:36:51 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManagerClient.dll
[2018/08/21 23:36:50 | 001,934,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018/08/21 23:36:50 | 001,364,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018/08/21 23:36:50 | 001,308,672 | ---- | M] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2018/08/21 23:36:50 | 001,292,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2018/08/21 23:36:50 | 001,213,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2018/08/21 23:36:50 | 001,209,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018/08/21 23:36:50 | 001,064,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018/08/21 23:36:50 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2018/08/21 23:36:50 | 000,783,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyHrtfEnc.dll
[2018/08/21 23:36:50 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018/08/21 23:36:50 | 000,673,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2018/08/21 23:36:50 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2018/08/21 23:36:50 | 000,594,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018/08/21 23:36:50 | 000,542,888 | ---- | M] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2018/08/21 23:36:50 | 000,413,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018/08/21 23:36:50 | 000,338,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2018/08/21 23:36:50 | 000,313,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2018/08/21 23:36:50 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2018/08/21 23:36:50 | 000,272,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018/08/21 23:36:50 | 000,269,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018/08/21 23:36:50 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyMATEnc.dll
[2018/08/21 23:36:50 | 000,116,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2018/08/21 23:36:50 | 000,084,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayUtil.dll
[2018/08/21 23:36:50 | 000,057,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.ShellCommon.Broker.dll
[2018/08/21 23:36:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2018/08/21 23:36:49 | 005,951,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2018/08/21 23:36:49 | 004,929,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2018/08/21 23:36:49 | 003,086,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2018/08/21 23:36:49 | 002,546,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018/08/21 23:36:49 | 002,266,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2018/08/21 23:36:49 | 002,193,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2018/08/21 23:36:49 | 001,659,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2018/08/21 23:36:49 | 001,538,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2018/08/21 23:36:49 | 001,374,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018/08/21 23:36:49 | 001,364,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2018/08/21 23:36:49 | 001,186,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2018/08/21 23:36:49 | 001,127,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplySettingsTemplateCatalog.exe
[2018/08/21 23:36:49 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2018/08/21 23:36:49 | 000,898,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018/08/21 23:36:49 | 000,826,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVClient.exe
[2018/08/21 23:36:49 | 000,776,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2018/08/21 23:36:49 | 000,755,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2018/08/21 23:36:49 | 000,749,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVReporting.dll
[2018/08/21 23:36:49 | 000,665,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2018/08/21 23:36:49 | 000,652,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVPublishing.dll
[2018/08/21 23:36:49 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018/08/21 23:36:49 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PerceptionSimulationExtensions.dll
[2018/08/21 23:36:49 | 000,494,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2018/08/21 23:36:49 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2018/08/21 23:36:49 | 000,434,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2018/08/21 23:36:49 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018/08/21 23:36:49 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CscUnpinTool.exe
[2018/08/21 23:36:49 | 000,399,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVScripting.dll
[2018/08/21 23:36:49 | 000,382,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2018/08/21 23:36:49 | 000,348,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018/08/21 23:36:49 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserexport.exe
[2018/08/21 23:36:49 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018/08/21 23:36:49 | 000,267,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018/08/21 23:36:49 | 000,183,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mavinject.exe
[2018/08/21 23:36:49 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2018/08/21 23:36:49 | 000,148,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mavinject.exe
[2018/08/21 23:36:49 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\datamarketsvc.dll
[2018/08/21 23:36:49 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2018/08/21 23:36:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2018/08/21 23:36:49 | 000,089,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2018/08/21 23:36:49 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppCore.dll
[2018/08/21 23:36:49 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UevAppMonitor.exe
[2018/08/21 23:36:49 | 000,040,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVClientPS.dll
[2018/08/21 23:36:49 | 000,019,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVTerminator.dll
[2018/08/21 23:36:48 | 007,436,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018/08/21 23:36:48 | 003,296,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2018/08/21 23:36:48 | 003,293,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2018/08/21 23:36:48 | 002,479,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2018/08/21 23:36:48 | 001,792,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2018/08/21 23:36:48 | 001,742,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018/08/21 23:36:48 | 001,535,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018/08/21 23:36:48 | 001,457,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2018/08/21 23:36:48 | 001,363,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2018/08/21 23:36:48 | 001,174,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018/08/21 23:36:48 | 001,070,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2018/08/21 23:36:48 | 001,017,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018/08/21 23:36:48 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2018/08/21 23:36:48 | 000,880,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2018/08/21 23:36:48 | 000,873,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2018/08/21 23:36:48 | 000,788,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2018/08/21 23:36:48 | 000,766,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018/08/21 23:36:48 | 000,722,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2018/08/21 23:36:48 | 000,678,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2018/08/21 23:36:48 | 000,642,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp_win.dll
[2018/08/21 23:36:48 | 000,604,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018/08/21 23:36:48 | 000,562,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018/08/21 23:36:48 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2018/08/21 23:36:48 | 000,550,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2018/08/21 23:36:48 | 000,515,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2018/08/21 23:36:48 | 000,491,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018/08/21 23:36:48 | 000,483,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018/08/21 23:36:48 | 000,480,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2018/08/21 23:36:48 | 000,462,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2018/08/21 23:36:48 | 000,456,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2018/08/21 23:36:48 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll
[2018/08/21 23:36:48 | 000,380,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2018/08/21 23:36:48 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2018/08/21 23:36:48 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2018/08/21 23:36:48 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2018/08/21 23:36:48 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2018/08/21 23:36:48 | 000,203,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2018/08/21 23:36:48 | 000,194,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2018/08/21 23:36:48 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2018/08/21 23:36:48 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2018/08/21 23:36:48 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2018/08/21 23:36:48 | 000,137,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2018/08/21 23:36:48 | 000,118,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2018/08/21 23:36:48 | 000,105,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2018/08/21 23:36:48 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018/08/21 23:36:48 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tokenbinding.dll
[2018/08/21 23:36:48 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tokenbinding.dll
[2018/08/21 23:36:48 | 000,035,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2018/08/21 23:36:47 | 004,970,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2018/08/21 23:36:47 | 001,798,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2018/08/21 23:36:47 | 001,567,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2018/08/21 23:36:47 | 001,565,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2018/08/21 23:36:47 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2018/08/21 23:36:47 | 000,735,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2018/08/21 23:36:47 | 000,692,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2018/08/21 23:36:47 | 000,659,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2018/08/21 23:36:47 | 000,347,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2018/08/21 23:36:47 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018/08/21 23:36:47 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2018/08/21 23:36:47 | 000,072,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2018/08/21 23:36:47 | 000,057,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2018/08/21 23:36:47 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2018/08/21 23:36:46 | 002,895,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018/08/21 23:36:46 | 001,675,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2018/08/21 23:36:46 | 001,462,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2018/08/21 23:36:46 | 001,348,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpcServices.dll
[2018/08/21 23:36:46 | 001,221,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018/08/21 23:36:46 | 001,030,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018/08/21 23:36:46 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2018/08/21 23:36:46 | 000,607,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2018/08/21 23:36:46 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2018/08/21 23:36:46 | 000,568,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018/08/21 23:36:46 | 000,553,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2018/08/21 23:36:46 | 000,373,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2018/08/21 23:36:46 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpRelayTransport.dll
[2018/08/21 23:36:46 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll
[2018/08/21 23:36:46 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2018/08/21 23:36:46 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018/08/21 23:36:46 | 000,136,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018/08/21 23:36:46 | 000,130,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2018/08/21 23:36:46 | 000,077,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2018/08/21 23:36:46 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhvr.sys
[2018/08/21 23:36:46 | 000,061,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvhostsvc.dll
[2018/08/21 23:36:46 | 000,061,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2018/08/21 23:36:46 | 000,031,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys
[2018/08/21 23:36:46 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hvservice.sys.mui
[2018/08/21 23:36:46 | 000,001,312 | ---- | M] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018/08/21 23:36:45 | 001,953,280 | ---- | M] () -- C:\WINDOWS\SysNative\rdpnano.dll
[2018/08/21 23:36:45 | 001,605,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2018/08/21 23:36:45 | 001,077,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2018/08/21 23:36:45 | 000,885,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018/08/21 23:36:45 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2018/08/21 23:36:45 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2018/08/21 23:36:45 | 000,568,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018/08/21 23:36:45 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAC3ENC.DLL
[2018/08/21 23:36:45 | 000,094,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2018/08/21 23:36:44 | 000,611,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018/08/21 23:36:44 | 000,566,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2018/08/21 23:36:44 | 000,295,424 | ---- |
  • 瀬野
  • 2018/09/06 (Thu) 00:07:08
OTLログ8
OTLログ8
途切れてしまったところからです。

[2018/08/21 23:36:44 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2018/08/21 23:36:44 | 000,230,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2018/08/21 23:36:44 | 000,128,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scmbus.sys
[2018/08/21 23:36:44 | 000,105,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2018/08/21 23:36:44 | 000,075,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys
[2018/08/21 23:36:44 | 000,048,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018/08/21 23:36:44 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2018/08/21 23:36:44 | 000,029,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uefi.sys
[2018/08/21 23:36:44 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgid.sys
[2018/08/21 23:33:11 | 004,492,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2018/08/21 23:33:11 | 003,398,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2018/08/21 23:33:11 | 000,925,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsFilt.dll
[2018/08/21 23:33:11 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsFilt.dll
[2018/08/21 23:33:11 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XPSSHHDR.dll
[2018/08/21 23:33:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XPSSHHDR.dll
[2018/08/21 23:33:11 | 000,076,060 | ---- | M] () -- C:\WINDOWS\SysWow64\xpsrchvw.xml
[2018/08/21 23:33:11 | 000,076,060 | ---- | M] () -- C:\WINDOWS\SysNative\xpsrchvw.xml
[2018/08/21 23:32:32 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2018/08/21 23:32:32 | 000,058,524 | ---- | M] () -- C:\WINDOWS\SysNative\srms.dat
[2018/08/17 20:50:45 | 001,106,261 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NGCx64\160F000.058\VT20180817.008
[2018/08/16 16:33:47 | 000,007,598 | ---- | M] () -- C:\Users\owner\AppData\Local\resmon.resmoncfg
[2018/08/10 23:14:46 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security.lnk
[2018/08/07 00:19:36 | 000,836,480 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018/08/07 00:19:36 | 000,181,120 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/09/01 00:10:45 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018/08/31 23:47:37 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/08/30 00:21:38 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/08/21 23:59:17 | 001,369,588 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018/08/21 23:57:52 | 000,001,417 | ---- | C] () -- C:\Users\owner\Desktop\Microsoft Edge.lnk
[2018/08/21 23:56:16 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2018/08/21 23:56:16 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2018/08/21 23:55:53 | 000,023,208 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2018/08/21 23:52:30 | 2549,829,631 | -HS- | C] () -- C:\hiberfil.sys
[2018/08/21 23:51:52 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2018/08/21 23:51:37 | 000,001,105 | ---- | C] () -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2018/08/21 23:51:37 | 000,000,352 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2018/08/21 23:51:37 | 000,000,334 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2018/08/21 23:48:46 | 000,271,488 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018/08/21 23:39:33 | 000,010,396 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2018/08/21 23:39:33 | 000,000,873 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2018/08/21 23:39:16 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018/08/21 23:37:10 | 002,841,312 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018/08/21 23:37:10 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2018/08/21 23:37:04 | 003,733,320 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2018/08/21 23:37:04 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysNative\srms-apr.dat
[2018/08/21 23:36:56 | 000,808,960 | ---- | C] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2018/08/21 23:36:50 | 001,308,672 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2018/08/21 23:36:50 | 000,542,888 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2018/08/21 23:36:46 | 000,001,312 | ---- | C] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018/08/21 23:36:45 | 001,953,280 | ---- | C] () -- C:\WINDOWS\SysNative\rdpnano.dll
[2018/08/21 23:33:11 | 000,076,060 | ---- | C] () -- C:\WINDOWS\SysWow64\xpsrchvw.xml
[2018/08/21 23:33:11 | 000,076,060 | ---- | C] () -- C:\WINDOWS\SysNative\xpsrchvw.xml
[2018/08/21 23:32:32 | 000,058,524 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2018/08/21 23:31:18 | 000,165,846 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2018/08/21 23:31:18 | 000,165,846 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2018/08/11 06:16:07 | 000,007,598 | ---- | C] () -- C:\Users\owner\AppData\Local\resmon.resmoncfg
[2018/05/13 15:38:29 | 000,002,574 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2018/05/10 12:44:37 | 000,798,520 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2018/05/10 12:44:37 | 000,490,808 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2018/05/10 12:19:02 | 001,503,814 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2018/05/10 12:18:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2018/04/12 08:38:34 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2018/04/12 08:38:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2018/04/12 08:35:13 | 000,034,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vmstaging.dll
[2018/04/12 08:34:55 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2018/04/12 08:34:50 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2018/04/12 08:34:49 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2018/04/12 08:34:47 | 000,364,200 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2018/04/12 08:34:46 | 003,575,808 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2018/04/12 08:34:46 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2018/04/12 08:34:45 | 000,329,216 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2018/04/12 08:34:45 | 000,223,232 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2018/04/12 08:34:45 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2018/04/12 08:34:45 | 000,111,616 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2018/04/12 08:34:45 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2018/04/12 08:34:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2018/04/12 08:34:30 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017/12/09 07:25:12 | 000,798,520 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-65-1.dll
[2017/12/09 07:25:00 | 000,490,808 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-65-1.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018/08/21 23:36:48 | 007,436,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018/08/21 23:37:06 | 006,043,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018/04/12 08:34:40 | 000,973,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018/04/12 08:34:55 | 000,785,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018/04/12 08:34:40 | 000,524,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  • 瀬野
  • 2018/09/06 (Thu) 00:10:51
OTLログ9
OTLログ9

[color=#E56717]========== Custom Scans ==========[/color]
[2018/08/31 23:47:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2018/05/19 16:02:58 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2018/05/10 12:18:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC\562C4DD5\22.15.0.88\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC\562C4DD5\22.15.0.88\11\01\hlinks
[2018/09/05 20:45:08 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Branding\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Branding\22.15.0.88\11\01\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Branding\ja-JP\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\ccgevt\global\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\ccglog\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\cmnclnt\ccsubsdk\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\images\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\ja-JP\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\jobs\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\spmanifests\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine\22.15.0.88\symnetdrv\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine32\22.15.0.88\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\Engine32\22.15.0.88\locales\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\MUI\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\MUI\22.15.0.88\11\01\hlinks
[2018/09/02 23:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\MUI\22.15.0.88\images\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\CLT\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\AntispamDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\AntispamDefs\20180831.097\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\AntispamDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\20180829.001\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\EfaVTDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\EfaVTDefs\20180817.008\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\EfaVTDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\20180830.061\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\20180831.061\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronCfg\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronCfg\20180606.003\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronCfg\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronRevo\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronRevo\20180902.007\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronRevo\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronWht\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronWht\20180902.002\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IronWht\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SbEngSCD\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SbEngSCD\20180222.040\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SbEngSCD\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SDSDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SDSDefs\20180901.001\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SDSDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SRTSPSettingsDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SRTSPSettingsDefs\20180814.002\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SRTSPSettingsDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\STICDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\STICDefs\20180813.024\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\STICDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SymPlatformDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SymPlatformDefs\20180816.065\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\SymPlatformDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\WebProtectionDefs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\WebProtectionDefs\20180902.306\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\WebProtectionDefs\BinHub\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\WebProtectionDefs\newdefs-trigger\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\Flavor\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Norton Security\NortonData\22.14.0.54\http\hlinks
[2018/05/19 02:51:43 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2018/05/19 02:50:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2018/05/19 02:52:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\YouCam.exe
[2018/05/19 02:50:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\YouCam\5.0
[2018/05/13 21:31:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\YouCam\5.0
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2018/08/21 23:57:04 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\AntiSpam\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\BASH\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ClientSDK\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\78185\0\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79393\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79395\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79397\2\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79399\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79401\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79403\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79405\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79407\2\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79409\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79411\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\_lck\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccGEvt\Global\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccGLog\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccJobMgr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccSetMgr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccSubSDK\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\STIC\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Connections\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\diMaster\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\diStRptr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ErrMgmt\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ErrMgmt\SCD\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Framework\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IPS\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IPUA\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IRON\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\itbLUReg\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Logs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\Downloads\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\Logs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NCO\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NCW\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NPC\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NUM\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\Jobs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\SymWidgets\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\QuickStart\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Remediation\stage\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SDSLuReg\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SPManifests\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SRTSP\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SymELAM\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\symnetdrv\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SymWidgets\safeweb\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\tods\data\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Webcam\hlinks
[2018/08/21 23:56:28 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2018/05/19 02:51:43 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2018/05/19 02:50:22 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2018/05/19 02:52:05 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\YouCam.exe
[2018/05/19 02:50:23 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\YouCam\5.0
[2018/05/13 21:31:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\YouCam\5.0
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2018/08/21 23:57:04 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\AntiSpam\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\BASH\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ClientSDK\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\78185\0\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79393\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79395\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79397\2\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79399\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79401\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79403\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79405\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79407\2\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79409\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\79411\1\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\_lck\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccGEvt\Global\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccGLog\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccJobMgr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccSetMgr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\ccSubSDK\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\CmnClnt\STIC\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Connections\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\diMaster\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\diStRptr\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ErrMgmt\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\ErrMgmt\SCD\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Framework\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IPS\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IPUA\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\IRON\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\itbLUReg\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Logs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\Downloads\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Lue\Logs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NCO\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NCW\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NPC\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\NUM\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\Jobs\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Product\SymWidgets\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\QuickStart\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Remediation\stage\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SDSLuReg\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SPManifests\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SRTSP\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SymELAM\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\symnetdrv\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\SymWidgets\safeweb\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\tods\data\hlinks
[2018/09/02 23:14:18 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NGC_22.14.0.54\Webcam\hlinks
[2018/04/12 08:38:20 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2018/08/21 23:51:46 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData
[2018/05/13 15:16:00 | 000,000,000 | -H-D | M] -- C:\Users\owner\MicrosoftEdgeBackups
[2018/08/21 23:57:53 | 000,000,000 | RH-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\Burn\Burn
[2018/08/22 01:16:05 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2018/05/10 12:14:46 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE
[2018/05/10 12:14:46 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2018/05/10 12:14:46 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2018/08/21 23:53:14 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2018/08/21 23:56:40 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2018/08/31 23:47:37 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2018/08/21 23:53:23 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2018/08/21 23:52:41 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2018/08/21 23:48:29 | 000,000,000 | -H-D | M] -- C:\Windows\Installer
[2018/04/12 08:38:21 | 000,000,000 | -H-D | M] -- C:\Windows\LanguageOverlayCache
[2018/08/21 23:39:31 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2018/08/21 23:39:31 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2018/08/21 23:48:28 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicy

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2018/09/01 23:18:50 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SATA SSD
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA DT01ACA200
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 549.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 237.00GB
Starting Offset: 576716800
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 783.00MB
Starting Offset: 255237029888
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2018/04/12 08:34:06 | 000,166,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:14 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:07 | 001,374,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,778,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2018/04/12 08:34:50 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:20 | 000,486,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2018/04/12 08:34:51 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
No service found with a name of Browser
SRV:[b]64bit:[/b] - [2018/04/12 08:34:20 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 001,160,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 000,352,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2018/08/21 23:36:48 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,300,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:41 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:27 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2018/04/12 08:34:51 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:34 | 000,604,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:24 | 000,441,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2018/04/12 08:34:44 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:55 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:20 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:15 | 000,119,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:41 | 000,768,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2018/04/12 08:34:33 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:57 | 000,932,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 001,160,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:23 | 000,057,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:43 | 000,266,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:23 | 000,613,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2018/04/12 08:34:51 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2018/04/12 08:34:36 | 000,889,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:36 | 000,308,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2018/04/12 08:35:00 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:36 | 000,069,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 000,396,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 001,540,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:50 | 001,768,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:50 | 000,684,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2018/04/12 08:33:53 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:25 | 000,106,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:48 | 001,854,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:54 | 000,883,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (mpssvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:24 | 000,611,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:55 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2018/08/21 23:37:09 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:40 | 000,224,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2018/08/21 23:36:49 | 002,904,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:44 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2018/08/21 23:37:04 | 002,583,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2018/04/12 08:34:22 | 000,271,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • 瀬野
  • 2018/09/06 (Thu) 00:15:57
Extrasログ
Extrasログ

OTL Extras logfile created on: 2018/09/05 20:45:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

15.94 Gb Total Physical Memory | 14.00 Gb Available Physical Memory | 87.86% Memory free
18.31 Gb Paging File | 15.18 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.17 Gb Total Space | 192.39 Gb Free Space | 81.12% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1855.39 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: コンピューター名 | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 8D 60 B5 22 5F 39 D4 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4AF78EBE-2AE0-4311-9BB5-38CD6E6A8B53}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{703F738A-9358-4E1F-B90E-BA1046E4EE8B}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{80F7510A-7E47-41E3-A939-2ABC13B44FAB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{9BA3ECB8-1FC3-46A7-9478-1B90D20DB9AA}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{EBF94C5C-E394-48A8-9703-B3F377B976DB}" = lport=48010 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{FEB69F38-1056-4C26-94D8-BCE10C5D2E0B}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006132DD-C6B4-48DB-BF26-D39248D26E71}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{0202BF36-0BBF-4604-93C9-DC66795D2F3A}" = dir=in | name=@{microsoft.skypeapp_12.1815.210.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{0240337E-B266-4529-BD7C-42B323017F7B}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.10730.20064.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{08662F70-A44A-4375-AF93-B4A6009033A6}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{0ACDD678-EF03-4C01-97DB-C1FE3B2D7340}" = dir=out | name=candy crush soda saga |
"{0B52B010-E57F-4DFA-81BD-ACCE73B7EDCA}" = dir=out | name=@{microsoft.oneconnect_5.1807.1991.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{0BCC6D2A-A576-40FA-A8CE-AE6095D57B20}" = dir=in | name=onenote |
"{0E540C4D-077E-4701-8ADA-8A7196447C91}" = dir=out | name=@{microsoft.windows.photos_2018.18071.15310.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{120AC88A-52F7-42C8-8A27-A77288A55BF2}" = dir=out | name=@{a278ab0d.dragonmanialegends_4.0.0.17_x86__h6adky7gbf63m?ms-resource://a278ab0d.dragonmanialegends/resources/appdisplayname} |
"{141DB3C5-22C9-44C5-80B1-9270A97D660A}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{14505B77-95B3-4AC8-860F-6662F32BD1D4}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{154C546B-74E1-4636-A1C1-D4DD58A0AD82}" = dir=out | name=xbox gaming overlay |
"{1719DD19-730F-4E2E-9B39-513A7DCA1C34}" = dir=out | name=@{microsoft.windowscamera_2018.426.90.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{17AFF4AE-7703-4B18-8E8E-81535DB816DD}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{18254730-9EBA-4673-81C9-133EC7AA7BF4}" = dir=out | name=shell input application |
"{19517E64-5EAC-494F-BE03-18E1A1EC3B2C}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{19F703D3-45A5-47D9-B8B6-60B60644CC01}" = dir=out | name=print 3d |
"{1E386A8E-32BC-46EA-BA0C-6605B8D0B243}" = dir=out | name=@{828b5831.hiddencitymysteryofshadows_1.24.2401.0_x86__ytsefhwckbdv6?ms-resource://828b5831.hiddencitymysteryofshadows/resources/appname} |
"{1E442A67-8974-43AE-93A7-9F05AACEDD1B}" = dir=in | name=@{a278ab0d.marchofempires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{219025A3-7CC4-444C-BE69-DC3F0807AD21}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{2234785A-31DD-4B38-B64D-8E5EAE22B590}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{2B8FD4D6-7835-41B0-92F9-2E2ABB9F289C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.10730.20064.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{360D2FF4-C22A-47A5-90D3-24C79152137B}" = dir=out | name=@{microsoft.xboxidentityprovider_12.41.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{36F3EC4D-A316-4BB0-8905-0A1C85D873F4}" = dir=in | name=@{microsoft.windowsstore_11807.1001.13.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{3947FAAD-E238-41FF-AA98-8C69975D397B}" = dir=out | name=@{microsoft.messaging_3.37.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{395EF687-A485-45FB-A777-DEC857B00E42}" = dir=out | name=@{microsoft.zunevideo_10.18071.11811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{3B464B48-1D20-40DD-98A3-F3D69290832A}" = dir=out | name=@{microsoft.windowsstore_11807.1001.13.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{3B6E9866-26EA-4052-93F5-E19D5A18C5A4}" = dir=out | name=xbox tcui |
"{435ABFC5-1C39-43C1-94AA-731E4DA39105}" = dir=out | name=microsoft solitaire collection |
"{4664D9CF-9322-4146-84F0-0853CEB5646A}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{49E01E85-DF15-4C5A-8B98-684C694F819C}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{4A31B697-9273-4F1B-B6DB-BE5107301023}" = dir=out | name=xbox game bar |
"{4A9268D6-5C39-4084-84C7-82E1D9DC880B}" = dir=out | name=win32webviewhost |
"{4AFDCF15-2AD8-4958-8F66-ED5E42189DE0}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1807.6012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{4B7FF147-F3DE-423C-92D6-DBDCB900EBF3}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{554B6824-EF9E-4A32-96A7-8DC5E6168368}" = dir=in | name=minecraft for windows 10 |
"{5717D99E-95F5-4783-A3AC-69ACB0296293}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{58CC91C4-A840-44A8-80B6-22B8421F9C4A}" = dir=in | name=microsoft sticky notes |
"{5DDF708C-402E-429D-8F97-461AA794BFC4}" = dir=out | name=cooking fever |
"{62F47518-9EED-449B-9139-0F7F41409C8D}" = dir=out | name=@{microsoft.zunemusic_10.18071.11711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{64FE4F82-4DAA-4C20-95DE-65C9801BA125}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{6671A334-8AB8-4287-B3AC-7767050D2101}" = dir=out | name=windows_ie_ac_001 |
"{67A43125-4E43-426A-A6F6-9B3DD83ABFB4}" = dir=out | name=@{microsoft.skypeapp_12.1815.210.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{67B15F49-D0B1-4784-A3B2-E404E0A0D747}" = dir=out | name=microsoft sticky notes |
"{69F4535C-A255-414E-958B-8EB17DC05FB5}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{6D501AA4-29FB-49BC-9BE7-0A080985400C}" = dir=out | name=@{microsoft.windowscalculator_10.1807.2121.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{6D9719E7-601D-41C3-8234-7B1D54C68F91}" = dir=out | name=@{microsoft.messaging_3.38.22001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{70906890-EEEC-4308-9329-542032FBD9BC}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{70EBF5F8-005A-47BB-AFCB-3CAFE0534168}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{741C917D-7149-4F95-881D-4D5D27E4D3D1}" = dir=out | name=@{microsoft.gethelp_10.1706.11801.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{7615DC74-A2F8-4339-9703-E786099278E0}" = dir=out | name=@{microsoft.mspaint_5.1808.8017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{7BEDF21B-1442-4E15-A7E7-3F8E4CDC40B0}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{80ED7DC7-E077-4A59-8B1F-1F6479206B53}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{83FE0B21-3EBF-4EC2-A39D-B8118661B8AD}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{84A7F603-2696-4B08-9BE3-99201BD7C6F5}" = dir=out | name=@{microsoft.storepurchaseapp_11807.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{8828C463-A004-4C98-ACE3-824D3553BE75}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{894C8860-338F-493E-851D-D7EBAC666556}" = dir=out | name=@{microsoft.bingweather_4.26.12153.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{8DA0EA57-D24F-4DF4-8FC6-3096BBD9AAF0}" = dir=out | name=@{king.com.bubblewitch3saga_4.8.4.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} |
"{92E49DB6-4BD0-487A-AC8B-9F3C8D8CAE3D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{9428C24A-1343-4B85-96B3-E58BDB3722DE}" = dir=in | name=@{microsoft.zunevideo_10.18071.11811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{94F3013D-D1CF-403A-BEBE-6D11E08A8D6A}" = dir=in | name=print 3d |
"{96790152-79FE-4FC0-A3E1-176389DE3568}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{9C9A4BF7-1DD8-4BA7-B218-B26A275CF4B8}" = dir=in | name=win32webviewhost |
"{9F50F17E-19AC-47D7-994A-27A5212967F6}" = dir=out | name=@{a278ab0d.marchofempires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{9FE847A9-9F1F-4D80-AA73-521CFBEA5C71}" = dir=out | name=candy crush saga |
"{A0241188-25B3-492F-8EF3-BCF1EB962F83}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{A057F174-8234-4CED-B9BA-2506BEF0637B}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{A10E2B83-DBF8-4CD8-9D25-3E2B3856E383}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1712.1141.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{A1580630-A347-4A64-A6FF-34A224B3DEDB}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{A315991E-0A6F-485D-8901-75494CE8F389}" = dir=in | name=microsoft solitaire collection |
"{A5690DD1-3233-42F7-94C9-18F940195FCD}" = dir=out | name=@{microsoft.people_10.1807.2131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{A8817EF5-7E38-423C-B101-1B61E40B8885}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{A8AD8EE5-412F-47A1-8202-A929E175C93E}" = dir=out | name=minecraft for windows 10 |
"{AB951DCA-4690-42C9-8DC1-01991AAA8AB7}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{B2F8279E-E2C2-4136-99E7-271133DCECFF}" = dir=out | name=microsoft pay |
"{B34DFB98-84AA-44FC-9784-9F3451B1B50F}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{B95B1556-832A-46A7-B93F-B8883BA42B94}" = dir=out | name=onenote |
"{C0D37523-E8EB-49C6-B373-8DFDE3419D79}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{C11DE74B-CFE8-489D-A9B2-FE7687A977A4}" = dir=out | name=xbox |
"{C1C32791-AAD4-4A65-9A8E-A0D3A1DA66AF}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{C75F8174-19AD-4FCC-BF99-F4FB3CD7C712}" = dir=in | name=@{microsoft.zunemusic_10.18071.11711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C790B890-34DB-49B3-A5CB-EEFD1B99F8A1}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{CD7FE67F-A394-416E-A33A-20AE11080562}" = dir=out | name=@{microsoft.microsoftofficehub_17.10314.31700.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{D1EFC14B-BC3E-43F3-A080-0BFB20256687}" = dir=in | name=@{microsoft.messaging_3.37.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{D24349A3-38CC-4889-AD73-446CCFBA759E}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D540E27E-AA1C-4889-BFD4-64325C473D29}" = protocol=58 | dir=in | app=system |
"{D88BF7A7-B5D6-43B6-BB37-C0C92FC5F8F5}" = dir=in | name=xbox |
"{DEAF8AEA-2AE2-4E80-8284-FA7B8ED90858}" = dir=in | name=@{microsoft.oneconnect_5.1807.1991.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{DF56EE96-7433-47B3-AE78-3DD2C2C8C505}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{DFEF8399-8C71-4190-B71F-E8D2E21877A5}" = dir=in | name=@{microsoft.microsoftofficehub_17.10314.31700.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{E40946C6-656A-4783-9B8B-DF1B125AF072}" = dir=in | name=@{microsoft.messaging_3.38.22001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{E87AFE07-92FD-4C0F-B619-77D02E2E432B}" = dir=out | name=@{microsoft.windowsmaps_5.1805.1431.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{F0BFAE76-AA4B-4D7A-907C-724378CE9669}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1712.1141.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{F41B9AE4-3780-4CBD-A7FB-96CD6B127723}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F54FE32A-44E8-4EDF-AE08-39AABD745CBC}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{F70723C3-E0AB-4EC0-BC9E-82796417A23B}" = dir=in | name=@{microsoft.windows.photos_2018.18071.15310.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F827F9DA-E956-40CF-93C5-3D506ECF9DE7}" = dir=out | name=@{microsoft.getstarted_6.14.12121.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{FBA5F134-11F0-44F1-ABB6-8A06D3B40B60}" = dir=in | name=cooking fever |
"TCP Query User{BEF7FB2E-6016-4AC2-84F7-FD2A8D75A748}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D9EAC849-86AC-4353-9C39-B58A93FC6CF3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes バージョン 3.5.1.2522
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{43E67915-502D-3B7E-8FCD-ABB40088E45C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{8CD80FC6-F879-46E8-9677-17CAD84DC559}" = Intel(R) Rapid Storage Technology
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}" = Intel(R) Chipset Device Software
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC9D543B-756D-4B37-AB88-59D01AE872A2}" = Intel(R) Management Engine Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 391.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.12.0.84
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 390.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 31.0.11.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.17.0524
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 31.0.11.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer" = DisplayDriverAnalyzer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.36.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.12.0.84
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 4.04.0
"{B6C27920-8AD4-4D8B-BC97-2CC0043718E5}" = Intel(R) Network Connections 22.5.104.0
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}" = Intel(R) ME UninstallLegacy
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{FE1E715D-4670-4739-813A-788FE564F555}" = Metasequoia 4 (64bit)
"CCleaner" = CCleaner
"Mozilla Firefox 61.0.2 (x64 ja)" = Mozilla Firefox 61.0.2 (x64 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROSetDX" = Intel(R) Network Connections 22.5.104.0
"VulkanRT1.0.65.1" = Vulkan Run Time Libraries 1.0.65.1
"Wacom Tablet Driver" = ワコム タブレット
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5.0
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17408817-d415-4768-a160-ae6d46d6bdb0}" = インテル® チップセット デバイス ソフトウェア
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}" = CLIP STUDIO PAINT 1.7.4
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{49274EB8-4598-47E6-8039-9BB7CE07627E}" = CLIP STUDIO 1.7.4
"{628212fa-034d-4c3c-95a6-dcfb3f33d8a2}" = Metasequoia 4 (64bit)
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup 2.6
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite 10
"NGC" = Norton Security
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2018/08/21 10:52:48 | Computer Name = コンピューター名 | Source = MSDTC Client 2 | ID = 4104
Description =

Error - 2018/08/21 10:52:48 | Computer Name = コンピューター名 | Source = MSDTC 2 | ID = 4104
Description =

Error - 2018/08/21 10:52:48 | Computer Name = コンピューター名 | Source = MSDTC Client 2 | ID = 4104
Description =

Error - 2018/08/21 10:55:53 | Computer Name = コンピューター名 | Source = MSDTC Client 2 | ID = 4104
Description =

Error - 2018/08/28 8:26:05 | Computer Name = コンピューター名 | Source = SideBySide | ID = 16842830
Description = "C:\Users\owner\Downloads\Autoruns\autorunsc.exe" のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシー
ファイル "?" 行 ? のエラーです。 アプリケーションに必要なコンポーネントのバージョンが、既にアクティブな別のコンポーネントのバージョンと競合しています。
競合しているコンポーネントは次のとおりです:
コンポーネント
1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest
コンポーネント
2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest

Error - 2018/08/28 8:26:05 | Computer Name = コンピューター名 | Source = SideBySide | ID = 16842830
Description = "C:\Users\owner\Downloads\Autoruns\Autoruns.exe" のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシー
ファイル "?" 行 ? のエラーです。 アプリケーションに必要なコンポーネントのバージョンが、既にアクティブな別のコンポーネントのバージョンと競合しています。
競合しているコンポーネントは次のとおりです:
コンポーネント
1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest
コンポーネント
2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest

[ System Events ]
Error - 2018/09/02 0:04:55 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 0:06:59 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 9:42:27 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 9:44:24 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 9:52:05 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 9:54:01 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/02 10:32:07 | Computer Name = コンピューター名 | Source = DCOM | ID = 10010
Description =

Error - 2018/09/02 10:32:07 | Computer Name = コンピューター名 | Source = DCOM | ID = 10010
Description =

Error - 2018/09/05 7:39:55 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =

Error - 2018/09/05 7:41:56 | Computer Name = コンピューター名 | Source = DCOM | ID = 10016
Description =


< End of report >
  • 瀬野
  • 2018/09/06 (Thu) 00:33:45
askを掃除しましょう
作業と報告、ご苦労様です。
OTLスキャンログを見せてもらいました。

askの残骸がまだ残っているのが見つかってますね。
それも含めてゴミを掃除しましょう。
今度はOTLを使っての掃除します。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 56 AE 97 6C 95 EA D3 01 [binary data]
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-959354603-2943148263-4103673731-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = https://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=retail&geo=JP&ver=22.15.0.88&locale=ja_JP&guid=C3A0EFA5-6BC6-4433-8B03-772C6010FDB4&doi=2016-09-01&gct=kwd&qsrc=2869

:Files

:reg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2018/09/06 (Thu) 20:01:41
Re: PCの様子がおかしいです
こんばんは。

OTLにて掃除を行った後、様子見しながら使ってみていますが今のところ特に問題なく動作しているようです。

OTLのセーフモードでの起動についてお尋ねします。
スクリプトを貼ろうと下のウィンドウをクリックしたときに何かダイアログが出てきたのですが、出てくるのが普通なのでしょうか?
キャンセルを押してしまったのですが、大丈夫でしょうか…?
うろ覚えで申し訳ないのですが、click ok to~というような表示だったと思います。
内容を確認しようともう1度OTLを起動して、下のウィンドウをクリックしても何も表示されませんでした。
そのままスクリプトを貼って実行しましたが、問題はなさそうですか?
また、あのダイアログは何だったのでしょうか…。


以下OTLログです。

OTLログ

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-959354603-2943148263-4103673731-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-959354603-2943148263-4103673731-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
========== FILES ==========
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: owner
->Temp folder emptied: 9052290 bytes
->Temporary Internet Files folder emptied: 658395 bytes
->FireFox cache emptied: 381675834 bytes
->Flash cache emptied: 510 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 99920 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1090 bytes
RecycleBin emptied: 911767217 bytes

Total Files Cleaned = 1,243.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 09062018_221119

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 瀬野
  • 2018/09/08 (Sat) 22:50:10
ダイアログは確認メッセージでしょうか
作業と報告、ご苦労様です。

OTLの処置後ログも見せてもらいましたが、対象はうまく掃除できてますね。
いずれもsuccessfully(処置成功)になってます。
OTLは準備時の説明に沿って片付けていいです。

作業時のダイアログは確認メッセージでしょうが、ログでは処置できたので問題ないでしょう。

それではここで全体を見直します。
またHJTログと、CCでインストール情報と各タブのログを取り直して、それらをレスで見せてください。

現在異常も出なくなっているようなので大丈夫とは思いますが、見落としがないかを含めて全体を洗い直します。
  • 悪代官
  • 2018/09/09 (Sun) 16:01:42
HJTとCCログです
こんばんは。
ダイアログは確認メッセージだということと、無事に処置できているということで安心しました。
ありがとうございます。

あと、異常というほどではないかもしれないのですが、今日いつの間にか拡張子を表示しない設定に変わっているということがありました。
特に何も設定を触っていないはずなのですが、勝手に変わってしまうのはよくあることなのでしょうか?


HJTとCCにてログを取得しましたので貼らせていただきます。
以下ログです。


HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:21:29, on 2018/09/09
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\owner\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 6867 bytes


CCログ

インストール情報

Candy Crush Saga king.com 2018/08/21 1.1320.2.0
Candy Crush Soda Saga king.com 2018/07/10 1.118.400.0
CCleaner Piriform 2018/08/30 5.44
CLIP STUDIO 1.7.4 CELSYS 2018/05/19 1.7.4
CLIP STUDIO PAINT 1.7.4 CELSYS 2018/05/19 1.7.4
Cooking Fever Nordcurrent 2018/08/15 2.8.0.7
CyberLink Media Suite 10 CyberLink Corp. 2018/08/21 683 MB 10.0
Groove ミュージック Microsoft Corporation 2018/09/08 10.18081.11121.0
Hidden City: アイテム探しアドベンチャー G5 Entertainment AB 2018/09/08 1.24.2401.1000
Intel(R) Management Engine Components Intel Corporation 2018/05/10 11.7.0.1037
Intel(R) Network Connections 22.5.104.0 Intel 2018/05/10 39.8 MB 22.5.104.0
Intel(R) Rapid Storage Technology Intel Corporation 2018/05/10 15.8.0.1006
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/08/31 191 MB 3.5.1.2522
Metasequoia 4 (64bit) tetraface Inc. 2018/08/21 333 MB 4.6.5
Microsoft OneDrive Microsoft Corporation 2018/08/21 104 MB 18.131.0701.0007
Microsoft Pay Microsoft Corporation 2018/05/13 2.2.18065.0
Microsoft Solitaire Collection Microsoft Studios 2018/08/26 4.2.8172.0
Microsoft Sticky Notes Microsoft Corporation 2018/05/13 2.1.18.0
Microsoft Store Microsoft Corporation 2018/07/31 11807.1001.13.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2018/09/08 11807.1001.1.1000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/05/10 4.84 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2018/05/18 7.59 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2018/05/10 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/17 13.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/19 11.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2018/08/21 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2018/08/21 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2018/08/21 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2018/08/21 19.5 MB 14.0.24215.1
Minecraft Microsoft Studios 2018/08/29 1.6.14.0
Mixed Reality ビューアー Microsoft Corporation 2018/09/08 5.1807.6012.1000
Mozilla Firefox 61.0.2 (x64 ja) Mozilla 2018/08/21 145 MB 61.0.2
Mozilla Maintenance Service Mozilla 2018/08/21 279 KB 60.0
My Office Microsoft Corporation 2018/09/08 17.10314.31700.1000
Norton Security Symantec Corporation 2018/08/10 22.15.0.88
NVIDIA 3D Vision コントローラー ドライバー 390.41 NVIDIA Corporation 2018/05/10 390.41
NVIDIA GeForce Experience 3.12.0.84 NVIDIA Corporation 2018/05/10 3.12.0.84
NVIDIA HD オーディオ ドライバー 1.3.36.6 NVIDIA Corporation 2018/08/21 1.3.36.6
NVIDIA PhysX システム ソフトウェア 9.17.0524 NVIDIA Corporation 2018/05/10 9.17.0524
OneNote Microsoft Corporation 2018/09/08 16001.10730.20032.1000
People Microsoft Corporation 2018/09/08 10.1807.2131.1000
Print 3D Microsoft Corporation 2018/05/13 2.0.10611.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2018/05/10 399 MB 6.0.1.8210
Skype Skype 2018/07/17 12.1815.210.0
Update for Windows 10 for x64-based Systems (KB4023057) Microsoft Corporation 2018/08/21 790 KB 2.47.0.0
Web メディア拡張機能 Microsoft Corporation 2018/08/29 1.0.11904.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
Xbox Microsoft Corporation 2018/08/14 44.44.7002.0
Xbox Game bar Microsoft Corporation 2018/09/08 1.33.4001.1000
Xbox Game Speech Window Microsoft Corporation 2018/05/13 1.21.13002.0
Xbox gaming overlay Microsoft Corporation 2018/08/29 1.16.1007.0
Xbox Identity Provider Microsoft Corporation 2018/05/30 12.41.24002.0
Xbox Live Microsoft Corporation 2018/05/13 1.11.29001.0
アプリ インストーラー Microsoft Corporation 2018/05/13 1.0.20921.0
アラーム & クロック Microsoft Corporation 2018/09/08 10.1807.2272.1000
カメラ Microsoft Corporation 2018/09/08 2018.426.90.1000
ドラゴンマニア・レジェンド Gameloft. 2018/08/29 4.0.0.17
バブルウィッチ3 king.com 2018/08/08 4.8.4.0
ヒント Microsoft Corporation 2018/09/08 6.14.12121.1000
フィードバック Hub Microsoft Corporation 2018/09/07 1.1805.2331.0
フォト Microsoft Corporation 2018/09/08 2018.18071.15310.1000
ペイント 3D Microsoft Corporation 2018/09/08 5.1808.8017.1000
ボイス レコーダー Microsoft Corporation 2018/09/08 10.1807.2331.1000
マップ Microsoft Corporation 2018/09/08 5.1805.1431.1000
マーチ オブ エンパイア - 領土戦争 Gameloft. 2018/07/25 3.4.0.7
メッセージング Microsoft Corporation 2018/08/21 3.38.22001.0
メール/カレンダー Microsoft Corporation 2018/09/08 16005.10730.20084.1000
モバイル通信プラン Microsoft Corporation 2018/08/21 5.1807.1991.0
ワコム タブレット Wacom Technology Corp. 2018/08/21 6.3.7-6
問い合わせ Microsoft Corporation 2018/09/08 10.1706.11801.1000
天気 Microsoft Corporation 2018/08/15 4.26.12153.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2018/08/31 17134.12.19.0
映画 & テレビ Microsoft Corporation 2018/08/11 10.18071.11811.0
電卓 Microsoft Corporation 2018/09/08 10.1807.2121.1000


windows

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
無効 HKCU:Run CCleaner Smart Cleaning Piriform Ltd "C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe" /MONITOR
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
無効 HKLM:Run YouCam Service CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s


スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
有効 Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
有効 Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
有効 Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
有効 Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
無効 Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
無効 Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
無効 Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
有効 Task OneDrive Standalone Update Task-S-1-5-21-959354603-2943148263-4103673731-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe


コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Drive Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 File BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 Folder BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"


InternetExplorer

有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll


Firefox

有効 Extension Activity Stream 2018.06.29.1026-fa231556 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Adblock Plus 3.3.1 eyeo GmbH default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Application Update Service Helper 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 32.1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Photon onboarding 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Web Compat 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Extension WebCompat Reporter 1.0.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

  • 瀬野
  • 2018/09/09 (Sun) 23:42:29
洗い直しにきました
こんばんは。
状態の洗い直しに来た「あらいぐま悪代官」です(←悪代官なら悪事から足を洗え

現在のログを見せてもらいました。
おおむね問題なさそうですね。

異常とは違いますがひとつ処置しましょう。

CCで「スケジュール」タブを開いて、下記のエントリをみな「無効」にしておいてください。削除は市内でいいです。

>有効 Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

>有効 Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"

>有効 Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler

>有効 Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

>有効 Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

>無効 Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe

>無効 Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe

>無効 Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon

見てわかるかと思いますがこれらはPCに最初から入っていたはずのNvidiaのエントリです。

同社の製品は多くのPCで使われている物ですが、最近タスケに登録されるエントリがやたらと増えてしまい、それに伴って動作に負荷かけることも増えました。

Nvidiaは製品の更新と開発に役立てるため、現在同社製品を入れているPCの情報をタスケから収集する仕様が強化されたようで、そのせいかタスケだけで多数の動作するようになりました。
これについてはPCに明るい有識者の間で同社への批判も上がりだし、集めた情報の利用用途も物議を醸してます。

瀬野さんがNvidiaへのデータ送信が気にならずPCの動作も余裕あるなら上記エントリも有効状態のまま使うのも判断はお任せします。

上記を有効無効どちらかにしたあとPC状態にも異常なくなっていれば、ここからは様子見に入りましょう。

そのまま普通にPCを使いながらでいいので1週間様子見をお願いします。

1週間後にまた今回と同じHJTとインストール情報と各タブのログを取り直して、それらを様子見中の状態報告とともにレスください。

この時点でログと状態にも異常なければヤマも越えられそうですが、何か異常出たら1週間待たずにいいのでそこでレスください。
  • あらいぐま悪代官
  • 2018/09/10 (Mon) 21:26:37
Re: PCの様子がおかしいです
こんばんは。
スケジュールタブのエントリは全て無効にすることにしました。

まだ1週間経っていないのですが、気になることが起きたので参りました。

PCを起動して少ししてからなのですが、スパイウェア対策が無効になっていると表示されました。
特に設定を触ったりしていなかったのですが、急に無効になってしまいました。
ノートンの画面を開き、今すぐ解決のボタンを押しても解決されなかったので、その後PCを再起動させましたが、タスクバーに表示されているアイコンでは変わらず×がついている状態でした。
そのアイコンからノートンの画面を開くと、緑色で、保護されていますと出ていて、タスクバーのアイコン表示も緑色のものに変わっているということがありました。
その次の起動時には問題なく動いているようなのですが、何かに感染していてこういうことが起きているのでしょうか…?

関係があるのかは分からないのですが、ログオン直後のデスクトップ画面が一瞬乱れてから表示されることや、スタートにピン留めしているアプリアイコンが一部真っ白になったりということがあります。
アプリアイコンはアイコンキャッシュの削除を試したのですが、症状は変わらず白くなってしまいます。
一応サイズ変更すると一時的に戻りますが、PCを起動するとまた白くなっていることが多いです。
  • 瀬野
  • 2018/09/16 (Sun) 22:46:22
一時的な起動バグかと思いますが
おはようございます。

様子見中にノートンが妙な動き見せたわけですか。

その症状だと、一時的なバグの可能性があります。
他社セキュリティソフトでも時々ありますがごくたまにPC起動時にセキュリティソフトのアイコンが無効状態を示していてそのセキュリティソフトの操作画面を開くと有効状態で動作しているという表示されている表示バグです。

この場合はPC再起動してみてアイコンも設定画面も正常になっていれば問題ないとみていいですが、その後も同じ表示が出るようなら一度セキュリティソフトをアンインストール後に再インストールして、動作確認するのが無難です。

ですが本当に何か異常出ているとしたら処置が必要でしょうから、まずはHJTログと、CCでインストール情報と各タブのログを取り直して、それらをレスで見せてください
  • 悪代官
  • 2018/09/17 (Mon) 05:54:34
HJTとCCログです
こんばんは。

一時的なバグとのことでほっといたしました。
スパイウェア対策が無効になっているという表示もバグの一環なのでしょうか…?
無効になっていると表示されているだけで実際は有効状態で動いているのなら安心なのですが。

今のところ再起動後から正常な表示になって動いているようです。
また×印がアイコンに出たら再インストールしてみようと思います。
ありがとうございます。


本日PCを起動した際、起動後少ししてから白いウィンドウが一瞬表示されて消えるということがありました。
一瞬で消えてしまったので何のウィンドウか分からなかったのですが、何かが勝手に起動したということなのでしょうか?


以下ログです。
お手数をお掛けしますが宜しくお願い致します。


HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:03:06, on 2018/09/17
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\owner\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 6960 bytes


CCログ


インストール情報

Candy Crush Saga king.com 2018/09/17 1.1340.4.0
Candy Crush Soda Saga king.com 2018/09/10 1.122.200.0
CCleaner Piriform 2018/08/30 5.44
CLIP STUDIO 1.7.4 CELSYS 2018/05/19 1.7.4
CLIP STUDIO PAINT 1.7.4 CELSYS 2018/05/19 1.7.4
Cooking Fever Nordcurrent 2018/08/15 2.8.0.7
CyberLink Media Suite 10 CyberLink Corp. 2018/08/21 683 MB 10.0
Groove ミュージック Microsoft Corporation 2018/09/08 10.18081.11121.0
Hidden City: アイテム探しアドベンチャー G5 Entertainment AB 2018/09/08 1.24.2401.1000
Intel(R) Management Engine Components Intel Corporation 2018/05/10 11.7.0.1037
Intel(R) Network Connections 22.5.104.0 Intel 2018/05/10 39.8 MB 22.5.104.0
Intel(R) Rapid Storage Technology Intel Corporation 2018/05/10 15.8.0.1006
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/08/31 191 MB 3.5.1.2522
Metasequoia 4 (64bit) tetraface Inc. 2018/08/21 333 MB 4.6.5
Microsoft OneDrive Microsoft Corporation 2018/09/16 110 MB 18.151.0729.0006
Microsoft Pay Microsoft Corporation 2018/05/13 2.2.18065.0
Microsoft Solitaire Collection Microsoft Studios 2018/08/26 4.2.8172.0
Microsoft Sticky Notes Microsoft Corporation 2018/05/13 2.1.18.0
Microsoft Store Microsoft Corporation 2018/09/15 11808.1001.9.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2018/09/12 11808.1001.4.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/05/10 4.84 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2018/05/18 7.59 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2018/05/10 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/17 13.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2018/05/19 11.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2018/08/21 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2018/08/21 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2018/08/21 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2018/08/21 19.5 MB 14.0.24215.1
Minecraft Microsoft Studios 2018/08/29 1.6.14.0
Mixed Reality ビューアー Microsoft Corporation 2018/09/08 5.1807.6012.1000
Mozilla Firefox 61.0.2 (x64 ja) Mozilla 2018/08/21 145 MB 61.0.2
Mozilla Maintenance Service Mozilla 2018/08/21 279 KB 60.0
My Office Microsoft Corporation 2018/09/08 17.10314.31700.1000
Norton Security Symantec Corporation 2018/08/10 22.15.0.88
NVIDIA 3D Vision コントローラー ドライバー 390.41 NVIDIA Corporation 2018/05/10 390.41
NVIDIA GeForce Experience 3.12.0.84 NVIDIA Corporation 2018/05/10 3.12.0.84
NVIDIA HD オーディオ ドライバー 1.3.36.6 NVIDIA Corporation 2018/08/21 1.3.36.6
NVIDIA PhysX システム ソフトウェア 9.17.0524 NVIDIA Corporation 2018/05/10 9.17.0524
OneNote Microsoft Corporation 2018/09/11 16001.10730.20033.0
People Microsoft Corporation 2018/09/08 10.1807.2131.1000
Print 3D Microsoft Corporation 2018/05/13 2.0.10611.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2018/05/10 399 MB 6.0.1.8210
Skype Skype 2018/07/17 12.1815.210.0
Update for Windows 10 for x64-based Systems (KB4023057) Microsoft Corporation 2018/08/21 790 KB 2.47.0.0
Web メディア拡張機能 Microsoft Corporation 2018/08/29 1.0.11904.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2018/08/21 2.1.0.3
Xbox Microsoft Corporation 2018/08/14 44.44.7002.0
Xbox Game bar Microsoft Corporation 2018/09/15 1.33.14001.0
Xbox Game Speech Window Microsoft Corporation 2018/05/13 1.21.13002.0
Xbox gaming overlay Microsoft Corporation 2018/08/29 1.16.1007.0
Xbox Identity Provider Microsoft Corporation 2018/09/15 12.45.6001.0
Xbox Live Microsoft Corporation 2018/05/13 1.11.29001.0
アプリ インストーラー Microsoft Corporation 2018/05/13 1.0.20921.0
アラーム & クロック Microsoft Corporation 2018/09/08 10.1807.2272.1000
カメラ Microsoft Corporation 2018/09/08 2018.426.90.1000
ドラゴンマニア・レジェンド Gameloft. 2018/08/29 4.0.0.17
バブルウィッチ3 king.com 2018/08/08 4.8.4.0
ヒント Microsoft Corporation 2018/09/08 6.14.12121.1000
フィードバック Hub Microsoft Corporation 2018/09/07 1.1805.2331.0
フォト Microsoft Corporation 2018/09/08 2018.18071.15310.1000
ペイント 3D Microsoft Corporation 2018/09/08 5.1808.8017.1000
ボイス レコーダー Microsoft Corporation 2018/09/08 10.1807.2331.1000
マップ Microsoft Corporation 2018/09/15 5.1807.2291.0
マーチ オブ エンパイア - 領土戦争 Gameloft. 2018/09/13 3.5.0.11
メッセージング Microsoft Corporation 2018/08/21 3.38.22001.0
メール/カレンダー Microsoft Corporation 2018/09/15 16005.10730.20096.0
モバイル通信プラン Microsoft Corporation 2018/08/21 5.1807.1991.0
ワコム タブレット Wacom Technology Corp. 2018/08/21 6.3.7-6
問い合わせ Microsoft Corporation 2018/09/15 10.1706.12332.0
天気 Microsoft Corporation 2018/08/15 4.26.12153.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2018/08/31 17134.12.19.0
映画 & テレビ Microsoft Corporation 2018/09/12 10.18082.10311.0
電卓 Microsoft Corporation 2018/09/08 10.1807.2121.1000


windows

無効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
無効 HKCU:Run CCleaner Smart Cleaning Piriform Ltd "C:\Users\owner\Downloads\ccsetup546\CCleaner64.exe" /MONITOR
有効 HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
有効 HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
無効 HKLM:Run YouCam Service CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s


スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
無効 Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
無効 Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
無効 Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
無効 Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
無効 Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
無効 Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
無効 Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
無効 Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
有効 Task OneDrive Standalone Update Task-S-1-5-21-959354603-2943148263-4103673731-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe


コンテキストメニュー

有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Drive Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 File BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"
有効 Folder BUContextMenu Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll"


InternetExplorer

有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Helper Norton Identity Safety Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine32\22.15.0.88\coIEPlg.dll
有効 Toolbar Norton Toolbar Symantec Corporation C:\Program Files\Norton Security\Engine\22.15.0.88\coIEPlg.dll


Firefox

有効 Extension Activity Stream 2018.06.29.1026-fa231556 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Adblock Plus 3.3.1 eyeo GmbH default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Application Update Service Helper 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 32.1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Photon onboarding 1.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Web Compat 2.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Extension WebCompat Reporter 1.0.0 default Firefox 61.0.2 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default Firefox 61.0.2 C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ehtkjn7z.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

  • 瀬野
  • 2018/09/17 (Mon) 23:14:22
MBAMトライアル版の常駐保護との干渉かも
こんばんは。
その後はノートンも異常出てないようですね。
現在の各ログも見せてもらいましたが、特におかしなところもなさそうです。

ノートンがバグった理由ですが、MBAMのトライアル版との干渉が考えられます。
MBAMトライアル版は有償版の体験版で、試用期間中は常駐保護を含むMBAMの全機能が使用可能ですが、常駐保護がある同種のセキュリティソフトは互いに干渉して最悪不具合起こすことも多いです。
無料版のMBAMは常駐保護がないので大抵のセキュリティソフトとも競合しませんが、トライアル版ではノートンと競合することもあるでしょう。

試用期間が終わったら無料版のMBAMとして継続使用可能ですがそのときは常駐保護機能も使えなくなっているのでそれ以降はノートンと併用しても問題ありません。
料金を払って有料版(プロ版)MBAMで使うなら引き続き全機能を使えますが、その代わり他社セキュリティソフトと競合しないよう使うのはユーザー自身の判断になります。

あと、CCのモニタリング機能も「有効」になってますが、そこもよほど必要でなければ無効化しておいたほうがPCの動作に負担かけずに済みます。
  • 悪代官
  • 2018/09/18 (Tue) 20:22:15
Re: PCの様子がおかしいです
こんばんは。

ログが大丈夫ということで安心しました。
ありがとうございます。

PCの負担になるとのことなので、CCのモニタリング機能を無効にしたいのですが、どの項目を選択すると無効にできますか?
設定のモニタリングの項目かなとも思ったのですが、自信がないので教えていただけると助かります。
お手数をお掛けしてすみません。

MBAMについてなのですが、インストール後にリアルタイム保護機能の4つの項目のみオフにしてトライアル版のままにしていましたが、無料版にしていなかったことで競合してしまったのでしょうか…。
  • 瀬野
  • 2018/09/20 (Thu) 23:39:58
誤検出といえばavastも思い出します
こんばんは。

CCのモニタリング機能無効化手順を説明してませんでしたね。失礼しました。

では案内しましょうか。
その前に確認ですが、本日CCの更新がリリースされましたが、最新版のダウンロードと適用はされましたか?
https://forest.watch.impress.co.jp/docs/news/1144224.html

今回この更新を適用すると、前バージョンとは操作が替わる箇所が出てきます。
また今回のCCではavast側の行儀悪いバンドルがまたねじ込まれたようで、更新をインストールするとGoogle ChromeとGoogleツールバーが知らぬ間にインストされるかと思います。
入れてしまっても不要ならそれらはGUでアンインストールしてもかまいません。

更新を適用してなければその方が楽かもしれません。
それでは以下の手順で進めてください。

CCを起動して画面左の「オプション」→「スマートクリーニング」を開いてください。

そこでスマートクリーニングの項目にチェックが入っていたらそれを外して無効化すればいいです。

次に「プライバシー」を開いて、「匿名の使用データを送信して…」のチェックも外しておくといいでしょう。

>MBAMについてなのですが、インストール後にリアルタイム保護機能の4つの項目のみオフにしてトライアル版のままにしていましたが、無料版にしていなかったことで競合してしまったのでしょうか…。

以前なら有償版のMBAM保護機能でも他社製品と競合する情報は聞いてませんでしたが、ここしばらくの誤検出続きを考えると保護機能も同時に誤検知していて当然の可能性が大です。

今後でもMBAMやACで検出があってそれの判断できないなら当掲示板に見せてもらえば解析は可能です。

ACを買収したMBAMが誤検出多発したように、CCを買収したavastもちょくちょく誤検出で話題になることがありました。
時にはavast自身の構成ファイルの一部を誤検出してしまうというコントみたいな事例もあり、セキュリティソフトで検出されたモノをよく見ないで即時隔離削除するのがいかに危険かを改めて示したとも言えます
  • 悪代官
  • 2018/09/21 (Fri) 20:18:27
ありがとうございます
こんばんは。瀬野です。

お礼が遅くなってしまい申し訳ございません。
無事、CCのモニタリング機能を無効化することができました。
ありがとうございます。
最新版は適用していなかったのでスムーズに行うことができました。

誤検出というのは割とよくあることなのですね。
そんなにないことだと思っていたので驚きました。
今後何か検出されたときは、まず何のファイルなのか確認するよう気をつけたいと思います。
またこちらでご相談させていただくかもしれませんが、その際はよろしくお願い致します。

この度は、お忙しい中ご対応いただき、誠にありがとうございました。
  • 瀬野
  • 2018/12/30 (Sun) 01:21:09

返信フォーム






プレビュー (投稿前に内容を確認)