悪代官の伏魔殿掲示板
ウイルスなのか判断つかず相談を、、、
ヤフー知恵袋でこの掲示板のことを知り相談させていただきます。
PCの右下に広告が表示され、クローズを押すとサイトに飛ばされpsdrunner.comは偽サイトのため表示できませんと表示されます。
なにやらウイルスかマルウェアのような気がして自分で調べてみたところすぐ削除したほうがいいとでてくるのですが、これは調べた通り削除したほうがいいのでしょうか?

削除する場合手順がよくわからないので順次ご相談に乗っていただけると嬉しいです。
  • 肉球
  • 2020/02/02 (Sun) 03:28:40
まずは初期解析を行ってみましょう
こんばんは、IVNOと申します。
まずはこちらからご案内しますね。
検索で出てきた削除方法ですが、その手順の大半は罠です。
早い話が、削除するためにはツールを導入してくれと促してくるのですが、その導入を誘導されたツールそのものがマルウェアです。
でその次は、導入されたマルウェアを使って完全に消すには年額いくらか支払ってくれと来ます。
こういう姑息な手を使ってくるのも、マルウェアの厄介なところですね。

さて、駆除手順についてですが、ログを取得してもらってそれを回答者が解析し、削除方法をご案内してはまた違うログを取得と言う流れでやっています。
ですので、取り急ぎは以下URLからログの取得をお願いいたします。

http://akumaden.web.fc2.com/prepare.html

なお、私以外の方が回答する場合も多々ありますので、悪しからずご了承ください。
  • IVNO
  • 2020/02/02 (Sun) 18:36:00
hijackthis
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:17:23, on 2020/02/02
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0771)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\Yuu\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.8.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.8.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
C:\Users\Yuu\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Yuu\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CodeMonServiceL - Unknown owner - C:\WINDOWS\system32\CodeMonServiceL.cem
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
O23 - Service: Dropbox アップデート サービス (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox アップデート サービス (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Hardware Support - PC-Doctor, Inc. - C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe
O23 - Service: Dell Help & Support - Dell Inc. - C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
O23 - Service: Dell SupportAssist Remediation - Dell Inc. - C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
O23 - Service: Dell Client Management Service (DellClientManagementService) - Unknown owner - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem0.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem15.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Rivet Dynamic Bandwidth Management (RNDBWM) - CloudBees, Inc. - C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SmartByte Network Service (SmartByte Network Service x64) - Rivet Networks - C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TrueColorALS - Unknown owner - C:\Program Files\TrueColor\TrueColorALS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12195 bytes
  • 肉球
  • 2020/02/02 (Sun) 21:52:44
CC
3D Builder Microsoft Corporation 2019/08/24 18.0.1931.0
3D ビューアー Microsoft Corporation 2019/08/24 7.1908.9012.0
Adobe Flash Player 32 PPAPI Adobe 2020/02/01 20.1 MB 32.0.0.321
Apple Application Support(32 ビット) Apple Inc. 2017/08/09 163 MB 5.6
Apple Application Support(64 ビット) Apple Inc. 2017/08/09 183 MB 5.6
Bonjour Apple Inc. 2017/08/09 3.28 MB 3.1.0.1
Candy Crush Soda Saga king.com 2020/02/01 1.156.300.0
CCleaner Piriform 2020/02/02 5.63
CyberLink Media Suite Essentials CyberLink Corp. 2019/03/17 241 MB 12
Dell Customer Connect Dell Inc. 2017/04/12 13.1 MB 1.4.10.0
Dell Digital Delivery Dell Products, LP 2019/08/01 2.45 MB 3.5.2013.0
Dell SupportAssist Dell Inc. 2020/02/01 186 MB 3.4.1.49
Dell SupportAssist Dell 2019/03/17 37.8 MB 1.3.6855.61
Dell SupportAssist Remediation Dell Inc. 2019/03/17 22.1 MB 4.1.0.6828
Dell Update Dell Inc. 2019/03/17 23.4 MB 3.0.1
Dell Update - SupportAssist Update Plugin Dell Inc. 2019/03/17 10.4 MB 4.0.1.5857
Dellの商品登録 Dell Inc. 2017/06/24 37.8 MB 3.0.127.0
Dropbox 20 GB Dropbox, Inc. 2017/06/24 5.96 MB 4.1.2.0
Google Chrome Google LLC 2020/02/01 362 MB 79.0.3945.130
Groove ミュージック Microsoft Corporation 2020/02/01 10.19101.10711.0
HEIF 画像拡張機能 Microsoft Corporation 2020/02/01 1.0.23292.0
Hidden City: アイテム探しアドベンチャー G5 Entertainment AB 2020/02/01 1.33.3300.0
Intel(R) Dynamic Platform and Thermal Framework Intel Corporation 2019/03/17 31.6 MB 8.3.10207.5567
Intel(R) Management Engine Components Intel Corporation 2017/04/12 11.6.0.1030
Intel(R) Processor Graphics Intel Corporation 2018/06/18 22.20.16.4836
Intel(R) Rapid Storage Technology Intel Corporation 2017/04/12 15.2.0.1020
Intel(R) Serial IO Intel Corporation 2018/06/18 30.100.1725.1
iTunes Apple Inc. 2020/02/01 12104.2.43056.0
LINE LINE Corporation 2020/02/01 5.21.3.0
McAfee WebAdvisor McAfee, LLC. 2020/02/01 42.9 MB 4.1.1.57
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 2020/02/02 1.01 GB 16.0.12325.20344
Microsoft OneDrive Microsoft Corporation 2020/02/01 138 MB 19.222.1110.0006
Microsoft Pay Microsoft Corporation 2019/03/17 2.2.18179.0
Microsoft Solitaire Collection Microsoft Studios 2020/02/01 4.5.12061.0
Microsoft Store Microsoft Corporation 2020/02/01 12001.1001.5.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2020/02/01 12001.1001.5.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2017/04/12 6.58 MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2017/04/12 647 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2017/04/12 653 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2017/04/12 1.16 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2017/04/12 4.80 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2017/04/12 4.15 MB 9.0.30729.4148
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2019/03/17 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2019/03/17 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2019/03/17 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2019/03/17 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 Microsoft Corporation 2019/03/17 18.7 MB 14.0.23918.0
Microsoft ニュース Microsoft Corporation 2020/02/01 4.34.20074.0
Microsoft 付箋 Microsoft Corporation 2020/02/01 3.7.106.0
Mixed Reality ポータル Microsoft Corporation 2020/02/01 2000.19101.1211.0
Netflix Netflix, Inc. 2020/02/01 6.95.602.0
NewBlue Video Essentials for Windows NewBlue 2019/03/17 3.0
Norton Security Scan Symantec Corporation 2020/02/02 4.6.1.179
Office Microsoft Corporation 2020/02/01 18.2001.1241.0
OneNote Microsoft Corporation 2020/02/01 16001.12430.20120.0
People Microsoft Corporation 2020/02/01 10.1909.2812.0
Print 3D Microsoft Corporation 2019/08/24 3.3.791.0
proDAD Adorage 3.0 proDAD GmbH 2017/04/13 3.50 MB 3.0.114.1
Qualcomm 11ac Wireless LAN&Bluetooth Installer Qualcomm 2017/07/22 6.46 MB 11.0.0.10426
Qualcomm Atheros Setup 2017/07/22
Quickset64 Dell Inc. 2017/04/12 69.0 MB 10.17.019
Realtek Card Reader Realtek Semiconductor Corp. 2019/03/17 14.6 MB 10.0.14393.31228
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2019/09/05 12.1 MB 6.0.1.8622
Realtek PC Camera Realtek Semiconductor Corp. 2017/04/12 21.9 MB 10.0.10586.11213
SketchBook Autodesk Inc. 2020/02/01 5.1.0.0
Skype Skype 2020/02/01 14.55.131.0
SmartByte Drivers and Services Rivet Networks 2018/12/22 22.5 MB 2.0.643
SupportAssist 2020/02/01
True Color Entertainment Experience 2019/03/17 69.9 MB 7.9.0.0
TrueColorXMLTables Entertainment Experience 2019/03/17 74.2 MB 7.10.0.0
Update for Windows 10 for x64-based Systems (KB4023057) Microsoft Corporation 2019/03/17 1.35 MB 2.55.0.0
VP9 ビデオ拡張機能 Microsoft Corporation 2020/02/01 1.0.22681.0
Vulkan Run Time Libraries 1.0.33.0 LunarG, Inc. 2019/03/17 1.66 MB 1.0.33.0
Vulkan Run Time Libraries 1.0.54.1 Intel Corporation Inc. 2019/03/17 1.66 MB 1.0.54.1
Web メディア拡張機能 Microsoft Corporation 2019/08/24 1.0.20875.0
Webp 画像拡張機能 Microsoft Corporation 2020/02/01 1.0.22753.0
Windows 10 Update Assistant Microsoft Corporation 2019/03/17 5.00 MB 1.4.9200.22334
Xbox Game bar Microsoft Corporation 2020/02/01 1.49.24004.0
Xbox Game Bar Microsoft Corporation 2020/02/01 3.36.6003.0
Xbox Game Speech Window Microsoft Corporation 2018/01/06 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 2020/02/01 12.58.1001.0
Xbox Live Microsoft Corporation 2018/12/11 1.24.10001.0
Xbox 本体コンパニオン Microsoft Corporation 2020/02/01 48.59.13001.0
アプリ インストーラー Microsoft Corporation 2020/02/01 1.0.32912.0
アラーム & クロック Microsoft Corporation 2020/02/01 10.1910.3121.0
インテル(R) ワイヤレス Bluetooth(R) Intel Corporation 2018/01/21 21.3 MB 20.10.0
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2020/02/02 390 MB 21.10.1
カメラ Microsoft Corporation 2020/02/01 2019.926.20.0
サドンアタック 2019/03/17 6.68 GB
スマホ同期 Microsoft Corporation 2020/02/01 1.19122.138.0
デバイス製造元からの HEVC ビデオ拡張機能 Microsoft Corporation 2020/02/01 1.0.23254.0
デルのヘルプとサポート Dell Inc. 2017/04/12 37.8 MB 2.3.22.0
バブルウィッチ3 king.com 2020/02/01 6.4.7.0
ヒント Microsoft Corporation 2020/02/01 8.2.22942.0
フィードバック Hub Microsoft Corporation 2020/02/01 1.1907.3152.0
フォト Microsoft Corporation 2020/02/01 2019.19081.22010.0
ペイント 3D Microsoft Corporation 2019/08/24 6.1907.18017.0
ボイス レコーダー Microsoft Corporation 2020/02/01 10.1912.10073.0
マップ Microsoft Corporation 2020/02/01 5.1909.2813.0
マーチ オブ エンパイア - 領土戦争 Gameloft. 2020/02/01 4.5.2.1
メッセージング Microsoft Corporation 2019/08/24 4.1901.10241.1000
メール/カレンダー Microsoft Corporation 2020/02/01 16005.12430.20136.0
モバイル通信プラン Microsoft Corporation 2020/02/01 5.1911.3171.0
切り取り & スケッチ Microsoft Corporation 2020/02/01 10.1907.2471.0
問い合わせ Microsoft Corporation 2020/02/01 10.1909.22691.0
天気 Microsoft Corporation 2020/02/01 4.34.13393.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2020/02/01 17763.18.49.0
映画 & テレビ Microsoft Corporation 2020/02/01 10.20011.10711.0
電卓 Microsoft Corporation 2020/02/01 10.1910.0.0
  • 肉球
  • 2020/02/02 (Sun) 21:55:00
Re: ウイルスなのか判断つかず相談を、、、
ログを載せておきました。
あとCCをインストールし、ソフトを開いたときそのままインストールを押してしまって、一度削除し、カスタマイズでインストールしなおしたんですが大丈夫でしょうか?
  • 肉球
  • 2020/02/02 (Sun) 21:57:36
まずはアンインストールから
遅くなりました。
検出機能のみで駆除機能のないなんちゃってセキュリティがありますので、そちらのアンインストールからやっていきましょうか。
それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。

GeekUninstaller(通称:GU)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGUなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

準備できたら作業を開始しましょう。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
Windows 10の場合は、コルタナにcontrollと入力することで、コントロールパネルを開くことができます。
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動させます。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
Windows 10の方は8/8.1の説明と以下の説明をご覧ください。
スタートボタンを押し、設定⇒更新とセキュリティをクリックすると、8/8.1の手順4と同じ状態となります。
以降は8/8.1の手順4以降を参考にセーフモードで起動させてください。
GUを起動させ、以下を削除してください。

Norton Security Scan Symantec Corporation 2020/02/02 4.6.1.179

GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
GUでのアンインストールが完了しましたらGUを終了させてください。
Windowsインストーラーがどうとかの表示が出た場合はPCを通常モードで再起動し、
その状態で改めて該当ソフトウェアのみをアンインストールしてください。
通常モードとセーフモードを使い分けながらご案内しているすべてのソフトウェアの削除が完了するまで続けてください。
ご案内していたすべてのソフトウェアの削除が完了しましたら、PCがセーフモードで起動していることを確認してください。
通常モードで起動中の場合はセーフモードで再起動をお願いいたします。
キーボードの左Ctrlと左Altの間にあるスタートボタンを押しながらRボタンを押します。
ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

cleanmgr

入力が完了しましたらエンターキーを押してください。
C:ドライブを選択してOKを押します。
スキャンが開始されますので完了するまでお待ちください。
スキャンが完了すると一覧が表示されますので、すべてにチェックを入れてOKを押してください。
ただし、OKを押すとごみ箱の中身を含めてすべて削除されますので、
ごみ箱の中に必要なファイルが入っている場合はご注意ください。

処置が完了しましたらPCを通常モードで再起動させてください。
再起動が完了しましたらCCを起動させてください。
「ツール」→「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
続いて「スケジュールされたタスク」タブ、「コンテキストメニュー」タブ、「Windowsサービス」タブも同様にログを取得します。
次にブラウザプラグインの項目を開き、「InternetExplorer」タブのログ、導入されておられるのであれば「Firefox」タブ、同じく導入されておられるのであれば「Google Chrome」タブのログを取得してください。
CCの各ログを取得されましたら、CCは終了させて問題ありません。
取得したCCの各ログを返信欄に貼り付けていただき、ご報告をお願いいたします。
上記ログとフルスキャンの結果を確認後、次の作業内容をご案内いたします。
  • IVNO
  • 2020/02/03 (Mon) 20:15:49
Windowsログ
有効 HKCU:Run CCleaner Smart Cleaning Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\Yuu\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run QuickSet Dell Inc. c:\Program Files\Dell\QuickSet\QuickSet.exe
有効 HKLM:Run RtHDVBg_PushButton Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run TrueColor UI Entertainment Experience C:\Program Files\TrueColor\TrueColorUI.exe
有効 HKLM:Run WavesSvc Waves Audio Ltd. "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" -Jack
  • 肉球
  • 2020/02/04 (Tue) 04:31:19
スケジュールログ
有効 Task Adobe Flash Player PPAPI Notifier Adobe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe -check pepperplugin
有効 Task Adobe Flash Player Updater Adobe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task Dell Cleanup c:\windows\system32\oem\startmenufix.vbs
有効 Task Dell SupportAssistAgent AutoUpdate Dell Inc. C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe AutoUpdate
有効 Task DropboxOEM "%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe" auto
有効 Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
有効 Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task OneDrive Standalone Update Task-S-1-5-21-2806530908-1018325289-3460742715-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task PCDDataUploadTask "uaclauncher.exe" -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait
有効 Task PCDEventLauncherTask PC-Doctor, Inc. "C:\Program Files\Dell\SupportAssist\sessionchecker.exe"
有効 Task PCDoctorBackgroundMonitorTask PC-Doctor, Inc. "C:\Program Files\Dell\SupportAssist\uaclauncher.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
有効 Task RtHDVBg_PushButton Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
有効 Task SmartByte Telemetry DELL "C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe"
有効 Task SystemToolsDailyTest "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
  • 肉球
  • 2020/02/04 (Tue) 04:36:00
コンテキストログ
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location '%V'
有効 File CLVDShellExt Cyberlink C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll
  • 肉球
  • 2020/02/04 (Tue) 04:36:49
Windowsサービスログ
無効 Service Adobe Flash Player Update Service Adobe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Service AtherosSvc Windows (R) Win 7 DDK provider "C:\Program Files (x86)\Qualcomm\Bluetooth Suite\adminservice.exe"
有効 Service Bonjour サービス Apple Inc. "C:\Program Files\Bonjour\mDNSResponder.exe"
無効 Service CodeMonServiceL C:\WINDOWS\system32\CodeMonServiceL.cem
有効 Service Cyberlink RichVideo Service(CRVS) CyberLink "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
有効 Service Dell Client Management Service Dell Inc "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe"
有効 Service Dell Customer Connect Dell Inc. "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
有効 Service Dell Data Vault Collector Dell Inc. "C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
有効 Service Dell Data Vault Processor Dell Inc. "C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
有効 Service Dell Data Vault Service API Dell Inc. "C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
有効 Service Dell Digital Delivery Service Dell Products, LP. "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
有効 Service Dell Hardware Support PC-Doctor, Inc. "C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe"
有効 Service Dell Help & Support Dell Inc. "C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe"
有効 Service Dell SupportAssist Dell Inc. "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
有効 Service Dell SupportAssist Remediation Dell Inc. "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe"
有効 Service Dropbox アップデート サービス (dbupdate) Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /svc
無効 Service Dropbox アップデート サービス (dbupdatem) Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /medsvc
無効 Service Google Chrome Elevation Service Google LLC "C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe"
有効 Service Google Update サービス (gupdate) Google Inc. "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
無効 Service Google Update サービス (gupdatem) Google Inc. "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
有効 Service Intel Bluetooth Service C:\WINDOWS\system32\ibtsiva
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe"
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
有効 Service Intel(R) Dynamic Platform and Thermal Framework service Intel Corporation C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
有効 Service Intel(R) PROSet/Wireless Event Log Intel(R) Corporation "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
有効 Service Intel(R) PROSet/Wireless Registry Service Intel(R) Corporation "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
有効 Service Intel(R) PROSet/Wireless Zero Configuration Service Intel® Corporation "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
有効 Service Intel(R) Rapid Storage Technology Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
有効 Service McAfee WebAdvisor McAfee, Inc. "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Product Registration Dell "C:\Program Files\Dell\Dell Product Registration\PRSvc.exe"
有効 Service Realtek Audio Service Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
有効 Service Rivet Dynamic Bandwidth Management CloudBees, Inc. "C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe"
有効 Service SmartByte Network Service Rivet Networks "C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe"
有効 Service TrueColorALS Entertainment Experience LLC "C:\Program Files\TrueColor\TrueColorALS.exe"
有効 Service Waves Audio Services Waves Audio Ltd. "C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe"
無効 Service Wireless PAN DHCP Server Intel Corporation "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe"
  • 肉球
  • 2020/02/04 (Tue) 04:37:51
IEログ

有効 Extension Lync Click to Call Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
有効 Helper McAfee WebAdvisor McAfee, Inc. C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
有効 Helper McAfee WebAdvisor McAfee, Inc. C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
  • 肉球
  • 2020/02/04 (Tue) 04:38:47
GCログ
有効 App Gmail 8.2 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.2_1
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.9 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.9_1
有効 Extension スプレッドシート 1.2 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0
有効 Extension スライド 0.10 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0
有効 Extension ドキュメント 0.10 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0
有効 Extension マカフィー® ウェブアドバイザー 8.0.0.34745 ユーザー 1 C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\8.0.0.34745_1
  • 肉球
  • 2020/02/04 (Tue) 04:39:26
Re:
各ログ取り終わったので判断お願いします。
あとGUでダブルクリックしたら、ノートンのアンインストールが表示されたのでそれを行ったら普通に再起動して、GUのツリーが表示されなかったのですが大丈夫でしょうか?
  • 肉球
  • 2020/02/04 (Tue) 04:46:36
ACとMBAMを使ってみましょう
ログを確認しました。
今のところマルウェアの検出はなさそうですね。
では続いて、誤検出も多いツールですが、そちらを使って検出だけしてみましょう。

以下のソフトウェアをご用意ください。

「AdwCleaner」(通称:AC)
https://www.malwarebytes.com/adwcleaner/
緑色のFREE DOWNLOADと書かれたボタンをクリックしてダウンロードを行ってください。
分かりやすい場所に保存してください。
なお本ソフトウェアの削除指示があった際は、AC起動後に設定→アプリケーションタブの一番下にあるアンインストールボタンを押します。

Malwarebytes Anti-Malware(通称:MBAM)
https://www.malwarebytes.com/mwb-download/thankyou/
ダウンロードが完了したら、MBAMを起動させてください。
どこにインストールするかと問われますので、パーソナルコンピュータを選びます。
インストールボタンを押してインストールしてください。
インストールが完了しましたら、開始するを押します。
有料版を買ってくれと英語で出ますので、Maybe laterをクリックします。
有料版と無料版のどちらを使用するか表示されますので、Malwarebytes無料版を使用するを選びます。
電子メールアドレスを入力する項目が出ますが、空欄のままMalwarebytes無料版を開くを押します。
ここまで開いたら準備完了となりますので、一度MBAMを終了させます。
片付け時はセーフモードでGUを利用してアンインストールしてください。

準備が完了しましたら作業を開始いたします。
PCをセーフモードとネットワークを有効にするを選択して起動してください。

ACを起動させます。
同意しますをクリックします。
設定を開き、プロキシをリセットの項目と、ホストファイルをリセットの項目をオンにします。
設定が完了しましたら、ダッシュボードの今すぐスキャンを押します。
スキャンが完了しましたと表示されたら、検出されたかされていないかにかかわらず、スキャンログファイルを表示をクリックします。
表示されたログファイルを、分かりやすい場所に保存してください。
ここで検出されたものは、それがマルウェアであるか誤検出であるかを見極めてから処置しますので、今は修復作業は行わないでください。
ログの保存が完了しましたら、そのままACを終了させます。

続いてセーフモードとネットワークを有効にした状態でMBAMを起動させます。
スキャナと書かれていて、かつスキャンボタンではない部分を押します。
スキャナの項目が出ますので、高度なスキャナを選びます。
カスタムスキャンが表示されますので、カスタムスキャンの項目にあるスキャンの設定をクリックします。
ルートキットスキャンのチェックボックスと右側にあるC:以下のチェックボックスすべてにチェックを入れ、スキャンをクリックします。
スキャン終了まで時間がかかりますので、終わるまでお待ちください。
カスタムスキャンの結果が表示されたら、結果を保存をクリックし、テキストファイル(*.txt)を選び、分かりやすい場所に名前を付けて保存します。
ログの取得が完了しましたら、そのままMBAMを終了させます。
取得したACとMBAMのログを貼り付け、ご報告をお願いいたします。
  • IVNO
  • 2020/02/04 (Tue) 17:29:36
ACログ
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-05-2020
# Duration: 00:00:39
# OS: Windows 10 Home
# Scanned: 34824
# Detected: 56


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkService Folder C:\Program Files (x86)\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{35BEC446-269E-42E4-8EED-191A38CCFF3D}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellHelp&Support Folder C:\Program Files\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Folder C:\ProgramData\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7E780845-303D-4B46-9746-9D49D94D16AB}
Preinstalled.DellHelp&Support Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{7E780845-303D-4B46-9746-9D49D94D16AB}
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Classes\CLSID\{5CF37A65-BBB9-41FE-B88D-DD61422E9E3C}
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files (x86)\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59090DB0-A3D9-4640-ABE5-E0D4063E24A4}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59090DB0-A3D9-4640-ABE5-E0D4063E24A4}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5832D99C-C9C6-437F-861C-43ED6333956F}
Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellSupportCenter Folder C:\Program Files\DELL SUPPORT CENTER
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{788A6B8E-14B2-4B00-8FFD-046F8CDD63BD}
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLVDLauncher
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Task C:\Windows\System32\Tasks\CLVDLAUNCHER
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D56ACB34-A832-49D7-BEFE-521760ECED22}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D56ACB34-A832-49D7-BEFE-521760ECED22}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows
Preinstalled.LenovoThinkVantageToolbox Task C:\Windows\System32\Tasks\PCDOCTORBACKGROUNDMONITORTASK
Preinstalled.MyDell Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08840E68-6A6C-4503-B3A9-0C88540644C2}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01F01829-4C5A-41B0-8198-0BDD02B34C47}
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

  • 肉球
  • 2020/02/05 (Wed) 07:35:16
MBAMログ
Malwarebytes
www.malwarebytes.com

-ログの詳細-
スキャン日付: 2020/02/05
スキャン時間: 1:24
ログファイル: dd562857-476a-11ea-8255-64006afc0ee6.json

-ソフトウェア情報-
バージョン: 4.0.4.49
コンポーネントバージョン: 1.0.810
パッケージバージョンをアップデート: 1.0.18706
ライセンス: 無料版

-システム情報-
OS: Windows 10 (Build 17763.973)
CPU: x64
ファイルシステム: NTFS
ユーザー: DESKTOP-9D7CG50\Yuu

-スキャン結果の概要-
スキャンタイプ: カスタムスキャン
スキャン開始日時: マニュアル
結果: 完了
スキャンされたオブジェクト: 610477
検出された脅威: 0
隔離された脅威: 0
経過時間: 5 時 23 分 15 秒

-スキャンオプション-
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 検出
PUM: 検出

-スキャンの詳細-
プロセス: 0
(悪意のあるアイテムは検出されませんでした)

モジュール: 0
(悪意のあるアイテムは検出されませんでした)

レジストリキー: 0
(悪意のあるアイテムは検出されませんでした)

レジストリ値: 0
(悪意のあるアイテムは検出されませんでした)

レジストリデータ: 0
(悪意のあるアイテムは検出されませんでした)

データストリーム: 0
(悪意のあるアイテムは検出されませんでした)

フォルダ: 0
(悪意のあるアイテムは検出されませんでした)

ファイル: 0
(悪意のあるアイテムは検出されませんでした)

物理セクタ: 0
(悪意のあるアイテムは検出されませんでした)

WMI: 0
(悪意のあるアイテムは検出されませんでした)


(end)
  • 肉球
  • 2020/02/05 (Wed) 07:36:35
問題なさそうですのでOTLで調べましょう
またしても遅くなりました。
ACでは大量に何か出ていますが、これは全部DELL社のインストールしたソフトウェアですね。
害はありませんので、このまま続けていきましょう。
ACとMBAMは不要となりますので、導入時の案内に従って削除してください。
これで何も発見されない場合、別方面からチェックしてみることにしましょうか。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
緑色のDownloadボタンを押してダウンロードし、デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。
ただし、Windows 10の方に限り「Cleanup」ボタンを押さずにファイルのみ削除してください。
このOTLでのスキャンは再度ご案内する場合がありますが、
その際はこちらの手順をそのまま繰り返していただくこととなります。
OTLで再度スキャンをと言われた場合、こちらの作業のやり直しをお願いいたします。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限に引っかかりますので、2万文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www1.odn.ne.jp/megukuma/count.htm
  • IVNO
  • 2020/02/06 (Thu) 11:49:50
OTL1
OTL logfile created on: 2020/02/07 1:44:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Yuu\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17763.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.90 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 34.23% Memory free
7.03 Gb Paging File | 3.71 Gb Available in Paging File | 52.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.09 Gb Total Space | 716.13 Gb Free Space | 78.17% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-9D7CG50 | User Name: Yuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2020/02/07 01:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Yuu\Desktop\OTL.exe
PRC - [2020/02/05 07:01:18 | 000,914,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mcafee\WebAdvisor\uihost.exe
PRC - [2020/02/05 07:01:16 | 000,915,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mcafee\WebAdvisor\servicehost.exe
PRC - [2020/02/01 23:23:23 | 000,661,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2020/02/01 23:17:23 | 004,413,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2020/02/01 18:47:31 | 001,584,488 | ---- | M] (Microsoft Corporation) -- C:\Users\Yuu\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2019/04/22 17:46:14 | 004,110,624 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
PRC - [2019/04/22 17:44:58 | 000,689,952 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2019/04/22 17:44:32 | 000,172,832 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2019/01/28 00:05:42 | 000,267,768 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
PRC - [2019/01/28 00:05:38 | 001,506,384 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
PRC - [2018/12/04 12:13:32 | 002,479,272 | ---- | M] (Rivet Networks LLC) -- C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
PRC - [2018/12/04 12:13:32 | 002,114,248 | ---- | M] (Rivet Networks) -- C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
PRC - [2018/12/04 12:13:32 | 000,064,184 | ---- | M] (CloudBees, Inc.) -- C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
PRC - [2018/11/04 13:21:36 | 000,875,816 | ---- | M] (Waves Audio Ltd.) -- C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
PRC - [2018/09/15 16:29:00 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2017/06/24 22:26:19 | 000,143,144 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
PRC - [2017/04/16 23:24:22 | 000,338,312 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Program Files (x86)\Qualcomm\Bluetooth Suite\AdminService.exe
PRC - [2016/12/12 16:57:04 | 000,093,072 | ---- | M] () -- C:\Program Files\TrueColor\TrueColorALS.exe
PRC - [2016/09/20 11:04:30 | 000,320,568 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2016/09/20 11:04:30 | 000,017,976 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2016/09/14 20:25:54 | 000,419,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2016/09/14 20:23:42 | 000,177,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2016/09/09 08:32:18 | 000,132,472 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
PRC - [2016/04/27 17:00:44 | 000,110,008 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2020/02/03 07:18:56 | 003,160,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd95e5409f66927e80a1167bfede8141\System.IdentityModel.ni.dll
MOD - [2020/02/03 07:18:43 | 000,823,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\5634514f13c908b57f0b2773287a791f\System.ServiceModel.Internals.ni.dll
MOD - [2020/02/03 07:18:34 | 000,121,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\714c354272bd06c8546d4e64f4a9167e\SMDiagnostics.ni.dll
MOD - [2020/02/03 07:17:53 | 020,992,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\0cd4b6a295185ec4a723dbd2863ac421\System.ServiceModel.ni.dll
MOD - [2020/02/02 03:47:54 | 015,087,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\59978a45568399ef08cfe99da6a725bb\System.Windows.Forms.ni.dll
MOD - [2020/02/02 03:47:47 | 001,702,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\167c4b04ac34ab24a58f841c21862a3e\System.Drawing.ni.dll
MOD - [2020/02/02 01:08:49 | 007,806,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2e14a1befe55e7d9ad2457ceb5267e36\System.Xml.ni.dll
MOD - [2020/02/02 01:08:38 | 002,098,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\0800773666e0b361aa9caf485a5d8a71\System.Xaml.ni.dll
MOD - [2020/02/02 01:08:22 | 002,956,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\4dd0adc78feadb0f3d91c49d0c7e12ee\System.Runtime.Serialization.ni.dll
MOD - [2020/02/02 01:07:28 | 001,058,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\8c730c7fbe608461407cf3be279cdeab\System.Configuration.ni.dll
MOD - [2020/02/02 01:06:16 | 008,476,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\9d04ce1d8a3042f50b54c7f9ccdb4068\System.Core.ni.dll
MOD - [2020/02/02 01:06:11 | 010,824,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\2bef38851483abae82f1172c1aaa604c\System.ni.dll
MOD - [2020/02/02 01:05:57 | 021,019,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\75b341f10c9579cbe1059d18f6f3b27b\mscorlib.ni.dll
MOD - [2014/12/08 16:28:07 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
MOD - [2014/12/08 15:28:12 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll

  • 肉球
  • 2020/02/07 (Fri) 02:22:39
OTL2
[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2020/02/05 07:01:16 | 000,915,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\WebAdvisor\servicehost.exe -- (McAfee WebAdvisor)
SRV:[b]64bit:[/b] - [2020/02/05 01:04:20 | 006,960,640 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2020/02/01 23:24:16 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/02/01 23:24:06 | 001,388,032 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2020/02/01 23:24:04 | 000,914,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2020/02/01 23:22:13 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:22:02 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:20:55 | 000,658,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2020/02/01 23:18:16 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:18:08 | 000,256,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2020/02/01 23:18:06 | 001,171,968 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:50 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:42 | 000,644,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:38 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:30 | 003,387,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:27 | 000,274,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:27 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:23 | 001,022,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:09 | 000,373,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:00 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:24 | 000,357,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:22 | 000,901,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:20 | 003,576,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:14 | 000,869,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2020/02/01 23:15:29 | 000,061,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2020/02/01 19:31:26 | 000,964,592 | ---- | M] (PC-Doctor, Inc.) [Auto | Running] -- C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe -- (Dell Hardware Support)
SRV:[b]64bit:[/b] - [2020/01/14 18:21:42 | 000,244,280 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe -- (DDVCollectorSvcApi)
SRV:[b]64bit:[/b] - [2020/01/14 18:21:10 | 003,339,824 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe -- (DDVDataCollector)
SRV:[b]64bit:[/b] - [2020/01/14 18:17:30 | 000,271,416 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe -- (DDVRulesProcessor)
SRV:[b]64bit:[/b] - [2020/01/14 05:29:44 | 000,050,648 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent)
SRV:[b]64bit:[/b] - [2019/09/04 00:32:38 | 002,177,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:31:57 | 000,642,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:31:24 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2019/09/04 00:29:59 | 001,255,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2019/09/04 00:29:52 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:47 | 000,579,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:42 | 000,782,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:42 | 000,241,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:15 | 000,514,048 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:13 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:12 | 001,466,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:09 | 000,864,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:54 | 000,889,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:43 | 000,679,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2019/09/04 00:26:58 | 004,997,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2019/09/04 00:26:54 | 000,871,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2019/08/25 02:32:47 | 000,701,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2019/08/25 02:17:33 | 000,332,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2019/08/25 01:59:55 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2019/08/25 01:57:11 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2019/08/25 01:57:06 | 001,671,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2019/08/25 01:48:43 | 000,255,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2019/08/25 01:47:30 | 001,567,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2019/04/22 17:46:14 | 004,110,624 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2019/04/22 17:45:20 | 000,311,584 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2019/04/22 17:44:58 | 000,689,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2019/04/22 17:44:32 | 000,172,832 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2019/03/17 19:16:03 | 001,332,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2019/03/17 19:15:39 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2019/03/17 19:14:02 | 000,156,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2019/03/17 19:13:44 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2019/03/17 19:13:44 | 000,433,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2019/03/17 19:13:39 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2019/03/17 19:12:28 | 003,535,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2019/03/17 14:40:08 | 000,889,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:54 | 002,185,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:32 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2019/03/17 14:39:31 | 000,918,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2019/01/28 00:05:42 | 000,267,768 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:[b]64bit:[/b] - [2018/12/04 12:13:32 | 002,114,248 | ---- | M] (Rivet Networks) [Auto | Running] -- C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe -- (SmartByte Network Service x64)
SRV:[b]64bit:[/b] - [2018/12/04 12:13:32 | 000,064,184 | ---- | M] (CloudBees, Inc.) [Auto | Running] -- C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe -- (RNDBWM)
SRV:[b]64bit:[/b] - [2018/11/04 13:21:36 | 000,875,816 | ---- | M] (Waves Audio Ltd.) [Auto | Running] -- C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe -- (WavesSysSvc)
SRV:[b]64bit:[/b] - [2018/10/20 06:26:48 | 000,293,528 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe -- (Dell SupportAssist Remediation)
SRV:[b]64bit:[/b] - [2018/09/16 01:50:09 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:46 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,982,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,584,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:23 | 000,310,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:23 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:16 | 000,961,024 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:14 | 000,157,696 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:14 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:14 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:13 | 001,228,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:13 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:59 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:58 | 001,269,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:56 | 000,177,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:51 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:50 | 000,079,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_5575e)
  • 肉球
  • 2020/02/07 (Fri) 02:30:55
OTL3
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_5575e)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:42 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:41 | 000,745,472 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:41 | 000,223,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 001,540,608 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 001,247,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 000,374,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 000,270,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 000,091,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:34 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:32 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:30 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:30 | 000,098,304 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:30 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:29 | 000,174,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:26 | 000,833,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:24 | 000,715,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:23 | 001,422,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 001,049,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,418,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,312,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:20 | 001,265,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:20 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:20 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:20 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2018/09/15 02:57:00 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2018/03/21 00:05:32 | 000,509,368 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe -- (cphs)
SRV:[b]64bit:[/b] - [2018/03/21 00:05:30 | 000,487,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:[b]64bit:[/b] - [2018/03/21 00:04:46 | 000,423,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2017/11/21 16:20:50 | 001,705,040 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\Intel\DPTF\esif_uf.exe -- (esifsvc)
SRV:[b]64bit:[/b] - [2017/04/13 20:26:48 | 000,515,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\ibtsiva.exe -- (ibtsiva)
SRV:[b]64bit:[/b] - [2017/04/06 15:50:24 | 000,047,144 | ---- | M] (Dell) [Auto | Running] -- C:\Program Files\Dell\Dell Product Registration\PRSvc.exe -- (Product Registration)
SRV:[b]64bit:[/b] - [2016/12/12 16:57:04 | 000,093,072 | ---- | M] () [Auto | Running] -- C:\Program Files\TrueColor\TrueColorALS.exe -- (TrueColorALS)
SRV:[b]64bit:[/b] - [2016/09/20 11:04:30 | 000,017,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2016/09/13 17:32:00 | 000,078,672 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe -- (Dell Help & Support)
SRV:[b]64bit:[/b] - [2016/07/26 15:48:26 | 000,987,432 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2020/02/04 06:24:10 | 003,284,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/02/04 06:24:09 | 000,103,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/02/04 01:51:16 | 001,113,072 | ---- | M] (Google LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\elevation_service.exe -- (GoogleChromeElevationService)
SRV - [2020/02/01 23:23:20 | 000,663,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2020/02/01 23:23:12 | 000,968,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2020/02/01 18:39:07 | 000,335,416 | ---- | M] (Adobe) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2019/11/08 11:29:10 | 000,036,032 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe -- (DellClientManagementService)
SRV - [2019/09/04 00:30:48 | 005,210,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2019/09/04 00:30:33 | 001,257,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2019/09/04 00:30:30 | 000,730,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2019/08/25 02:23:57 | 001,249,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2019/06/13 09:23:56 | 000,216,096 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2019/03/17 19:15:37 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2019/03/17 19:15:09 | 000,331,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2019/03/17 19:12:28 | 003,535,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2019/03/17 14:39:31 | 000,582,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018/09/15 16:29:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2018/09/15 16:29:03 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2018/05/30 00:00:16 | 000,554,312 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\CodeMonServiceL.cem -- (CodeMonServiceL)
SRV - [2018/03/21 00:05:32 | 000,509,368 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe -- (cphs)
SRV - [2018/03/21 00:05:30 | 000,487,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2018/03/21 00:04:46 | 000,423,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2017/06/24 22:26:19 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2017/06/24 22:26:19 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2017/04/16 23:24:22 | 000,338,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Qualcomm\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2016/09/14 20:25:54 | 000,419,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2016/09/14 20:23:42 | 000,177,440 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2016/09/09 08:32:18 | 000,132,472 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe -- (Dell Customer Connect)

  • 肉球
  • 2020/02/07 (Fri) 02:32:38
OTL4
[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2020/02/07 01:28:45 | 000,214,496 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2020/02/07 01:28:38 | 000,248,968 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2020/02/05 01:04:21 | 000,020,936 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2020/02/04 06:24:10 | 000,376,032 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2020/02/04 06:24:10 | 000,053,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2020/02/04 06:24:10 | 000,045,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/02/01 23:25:05 | 000,290,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2020/02/01 23:20:40 | 000,224,568 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2020/02/01 23:20:36 | 001,966,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2020/02/01 23:18:17 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2020/02/01 23:18:03 | 000,179,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2020/02/01 23:17:11 | 000,807,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2020/02/01 23:16:19 | 000,405,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2020/02/01 23:16:03 | 000,104,464 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2020/02/01 23:15:45 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2020/02/01 23:15:30 | 000,080,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:31 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:30 | 000,131,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:26 | 000,520,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:25 | 000,234,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:25 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:24 | 000,057,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2020/02/01 23:14:22 | 000,667,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2019/12/20 21:13:10 | 000,035,704 | ---- | M] (Dell Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dddriver64Dcsa.sys -- (DDDriver)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:44 | 000,467,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:44 | 000,248,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:43 | 000,298,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:43 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:42 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:41 | 000,254,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:41 | 000,134,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2019/09/04 00:26:40 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/08/25 02:11:05 | 000,981,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/08/25 01:54:02 | 000,097,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/08/25 01:51:02 | 000,157,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2019/08/25 01:43:00 | 000,156,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winquic.sys -- (WinQuic)
DRV:[b]64bit:[/b] - [2019/08/25 01:42:48 | 000,169,784 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2019/05/03 07:46:02 | 008,728,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwtw04.sys -- (Netwtw04)
DRV:[b]64bit:[/b] - [2019/03/17 19:14:20 | 000,452,096 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2019/03/17 19:13:44 | 000,074,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/03/17 19:12:35 | 000,095,544 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/03/17 19:12:31 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/03/17 19:12:27 | 000,080,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/03/17 14:39:58 | 000,175,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2019/03/17 14:39:37 | 000,087,552 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2019/03/17 14:39:36 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2019/03/17 14:39:31 | 000,055,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/03/17 14:39:30 | 000,164,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2018/12/04 12:07:18 | 000,120,008 | ---- | M] (Rivet Networks, LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SmbCo10X64.sys -- (SmbCoSvc)
DRV:[b]64bit:[/b] - [2018/09/16 01:51:27 | 000,030,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2018/09/16 01:51:26 | 000,073,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:24 | 000,085,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:21 | 000,031,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:16 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:13 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2018/09/15 16:29:13 | 000,087,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:56 | 000,134,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:56 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:56 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:55 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:52 | 000,288,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:46 | 000,237,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:46 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:46 | 000,035,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:42 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:39 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,292,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,162,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,156,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,076,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,068,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,040,248 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,082,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:36 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:29 | 000,063,288 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,236,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,060,416 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:22 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,586,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,147,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,102,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,099,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,051,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,051,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,038,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,025,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
  • 肉球
  • 2020/02/07 (Fri) 02:35:13
OTL5
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,021,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,018,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:19 | 000,017,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 001,866,768 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 001,150,496 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,885,048 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,566,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,515,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,319,488 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,219,960 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,153,616 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,084,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,077,856 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,068,608 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,058,880 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,058,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,051,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,042,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,037,688 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:18 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 003,419,152 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 001,135,616 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,148,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,128,512 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,125,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,124,416 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,108,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,107,520 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,083,456 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,082,944 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,079,872 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,075,264 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,033,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,027,136 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:17 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,317,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,119,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,063,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2018/09/15 16:28:15 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2018/05/10 14:05:04 | 000,035,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys -- (AppleLowerFilter)
DRV:[b]64bit:[/b] - [2018/05/10 14:05:04 | 000,020,640 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleKmdfFilter.sys -- (AppleKmdfFilter)
DRV:[b]64bit:[/b] - [2018/05/08 11:33:24 | 000,041,208 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf)
DRV:[b]64bit:[/b] - [2018/03/21 00:04:36 | 012,809,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2017/12/08 00:15:10 | 000,820,168 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2017/11/21 16:20:50 | 000,382,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\esif_lf.sys -- (esif_lf)
DRV:[b]64bit:[/b] - [2017/11/21 16:20:50 | 000,074,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dptf_acpi.sys -- (dptf_acpi)
DRV:[b]64bit:[/b] - [2017/11/21 16:20:50 | 000,069,536 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dptf_cpu.sys -- (dptf_cpu)
DRV:[b]64bit:[/b] - [2017/04/13 20:26:50 | 000,244,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2016/12/21 13:20:26 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2016/11/12 00:30:14 | 000,436,224 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:[b]64bit:[/b] - [2016/10/27 21:52:46 | 000,022,864 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:[b]64bit:[/b] - [2016/09/30 04:23:52 | 000,946,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/09/21 04:04:30 | 000,795,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2016/09/06 14:59:28 | 000,204,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2016/08/30 13:53:30 | 000,282,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2_UART2.sys -- (iaLPSS2_UART2)
DRV:[b]64bit:[/b] - [2016/08/30 13:53:26 | 000,151,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2_SPI.sys -- (iaLPSS2_SPI)
DRV:[b]64bit:[/b] - [2013/11/12 14:25:22 | 000,091,912 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV - [2018/09/15 16:29:12 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2018/09/15 16:28:18 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys -- (BasicDisplay)
DRV - [2018/09/15 16:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys -- (BasicRender)
DRV - [2018/09/15 16:28:17 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys -- (swenum)
DRV - [2018/09/15 16:28:15 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys -- (CompositeBus)
DRV - [2018/03/21 00:04:36 | 012,809,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igdkmd64.sys -- (igfx)
DRV - [2018/02/25 15:43:43 | 000,022,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\xspirit.sys -- (xspirit)
DRV - [2018/02/25 15:43:40 | 000,047,096 | ---- | M] (Wellbia.com Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)

  • 肉球
  • 2020/02/07 (Fri) 02:37:18
OTL6
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {1FD27130-10E5-41B1-8440-49946EFCEE3E}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{1FD27130-10E5-41B1-8440-49946EFCEE3E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {1FD27130-10E5-41B1-8440-49946EFCEE3E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1FD27130-10E5-41B1-8440-49946EFCEE3E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell17win10.msn.com/?pc=DCTE
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell17win10.msn.com/?pc=DCTE
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 5A 76 C6 0A 71 6C D4 01 [binary data]
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\..\SearchScopes,DefaultScope = {1FD27130-10E5-41B1-8440-49946EFCEE3E}
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\E10SSAFFPLG.XPI [2020/02/05 07:01:46 | 007,010,808 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\WEBADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2020/02/05 07:01:19 | 000,000,273 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020/02/05 07:01:46 | 007,010,808 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json [2020/02/05 07:01:19 | 000,000,273 | ---- | M] ()


[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\8.0.0.34745_1\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.9_1\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.2_1\
CHR - Extension: No name found = C:\Users\Yuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8019.1111.0.0_0\

O1 HOSTS File: ([2016/07/16 20:45:37 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\mcafee\WebAdvisor\x64\ieplugin.dll (McAfee, Inc.)
O2 - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\mcafee\WebAdvisor\win32\ieplugin.dll (McAfee, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TrueColor UI] C:\Program Files\TrueColor\TrueColorUI.exe (Entertainment Experience)
O4:[b]64bit:[/b] - HKLM..\Run: [WavesSvc] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Audio Ltd.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2806530908-1018325289-3460742715-1001..\Run: [OneDrive] C:\Users\Yuu\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SlowLinkDetectEnabled = 1
O9:[b]64bit:[/b] - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\mcafee\WebAdvisor\x64\ieplugin.dll (McAfee, Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\mcafee\WebAdvisor\x64\ieplugin.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\mcafee\WebAdvisor\win32\ieplugin.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\mcafee\WebAdvisor\win32\ieplugin.dll (McAfee, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{b75721e3-1ac8-45fa-a4ce-71009561156d}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c9e219b8-bc22-40b7-ba25-89e42d78dd37}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll File not found
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {D0403AE9-3D28-37A9-B7E6-7A1F5E85B9F3} - .NET Framework
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2FEAED74-4F8A-3E10-AD80-325E358A0ECB} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
  • 肉球
  • 2020/02/07 (Fri) 02:41:42
OTL7
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2020/02/07 01:28:45 | 000,214,496 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020/02/07 01:28:38 | 000,248,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020/02/07 01:24:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Yuu\Desktop\OTL.exe
[2020/02/05 01:09:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2020/02/05 01:05:49 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Local\cache
[2020/02/05 01:05:31 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Local\mbam
[2020/02/05 01:05:30 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Local\mbamtray
[2020/02/05 01:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2020/02/05 01:04:51 | 000,020,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020/02/05 01:04:47 | 000,153,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020/02/05 01:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2020/02/05 01:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2020/02/04 04:41:24 | 000,000,000 | ---D | C] -- C:\Users\Yuu\Desktop\お直しよ♪
[2020/02/04 04:17:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2020/02/04 03:50:42 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Roaming\Geek Uninstaller
[2020/02/04 03:46:21 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2020/02/02 21:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2020/02/02 21:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2020/02/02 03:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2020/02/02 02:17:32 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Local\ElevatedDiagnostics
[2020/02/02 02:08:11 | 000,000,000 | ---D | C] -- C:\Users\Yuu\AppData\Local\D3DSCache
[2020/02/02 02:01:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2020/02/02 00:56:24 | 000,835,480 | ---- | C] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2020/02/02 00:56:24 | 000,179,816 | ---- | C] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2020/02/01 23:55:40 | 000,087,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vcruntime140_clr0400.dll
[2020/02/01 23:55:38 | 000,083,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vcruntime140_clr0400.dll
[2020/02/01 23:55:33 | 000,622,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140_clr0400.dll
[2020/02/01 23:55:33 | 000,433,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140_clr0400.dll
[2020/02/01 23:55:27 | 000,029,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aspnet_counters.dll
[2020/02/01 23:55:24 | 000,017,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll
[2020/02/01 23:55:21 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aspnet_counters.dll
[2020/02/01 23:55:19 | 000,017,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
[2020/02/01 23:55:12 | 000,772,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_clr0400.dll
[2020/02/01 23:55:12 | 000,702,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase_clr0400.dll
[2020/02/01 23:42:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OEMDefaultAssociations.dll
[2020/02/01 23:29:00 | 003,442,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2020/02/01 23:29:00 | 001,155,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shellstyle.dll
[2020/02/01 23:29:00 | 001,155,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shellstyle.dll
[2020/02/01 23:29:00 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fcon.dll
[2020/02/01 23:28:59 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DavSyncProvider.dll
[2020/02/01 23:28:58 | 004,488,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2020/02/01 23:28:57 | 011,724,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2020/02/01 23:28:57 | 000,249,856 | ---- | C] (Gracenote, Inc.) -- C:\WINDOWS\SysWow64\gnsdk_fp.dll
[2020/02/01 23:28:56 | 009,941,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2020/02/01 23:28:55 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DavSyncProvider.dll
[2020/02/01 23:27:07 | 002,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020/02/01 23:27:07 | 002,323,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020/02/01 23:27:06 | 001,075,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2020/02/01 23:27:04 | 001,289,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020/02/01 23:27:03 | 003,550,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020/02/01 23:27:03 | 001,604,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2020/02/01 23:27:03 | 001,024,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020/02/01 23:27:02 | 002,278,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020/02/01 23:27:02 | 001,297,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2020/02/01 23:27:02 | 000,263,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2020/02/01 23:27:01 | 005,436,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020/02/01 23:27:00 | 002,099,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2020/02/01 23:27:00 | 001,200,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020/02/01 23:26:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2020/02/01 23:26:53 | 001,267,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2020/02/01 23:26:50 | 002,429,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2020/02/01 23:26:09 | 024,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020/02/01 23:26:03 | 019,284,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020/02/01 23:26:03 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020/02/01 23:25:59 | 001,521,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2020/02/01 23:25:59 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2020/02/01 23:25:56 | 007,922,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2020/02/01 23:25:55 | 002,393,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2020/02/01 23:25:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2020/02/01 23:25:55 | 000,350,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2020/02/01 23:25:53 | 001,312,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll
[2020/02/01 23:25:53 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2020/02/01 23:25:48 | 000,663,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2020/02/01 23:25:42 | 020,816,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2020/02/01 23:25:41 | 000,833,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2020/02/01 23:25:34 | 006,065,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020/02/01 23:25:31 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2020/02/01 23:25:27 | 002,018,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2020/02/01 23:25:27 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll
[2020/02/01 23:25:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2020/02/01 23:25:26 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxbde40.dll
[2020/02/01 23:25:26 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll
[2020/02/01 23:25:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll
[2020/02/01 23:25:09 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2020/02/01 23:25:09 | 000,386,048 | ---- | C] (curl, https://curl.haxx.se/) -- C:\WINDOWS\SysWow64\curl.exe
[2020/02/01 23:25:08 | 000,901,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MiracastReceiver.dll
[2020/02/01 23:25:08 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2020/02/01 23:25:08 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2020/02/01 23:25:08 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComputerDefaults.exe
[2020/02/01 23:25:07 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2020/02/01 23:25:07 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaaut.dll
[2020/02/01 23:25:07 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2020/02/01 23:25:07 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadss.dll
[2020/02/01 23:25:06 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2020/02/01 23:25:05 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\MbbCx.sys
[2020/02/01 23:25:04 | 000,195,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityCenterBroker.dll
[2020/02/01 23:25:03 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2020/02/01 23:25:02 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FileHistory.exe
[2020/02/01 23:25:02 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhuxgraphics.dll
[2020/02/01 23:24:59 | 008,905,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2020/02/01 23:24:59 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2020/02/01 23:24:58 | 000,883,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2020/02/01 23:24:58 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2020/02/01 23:24:58 | 000,410,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2020/02/01 23:24:57 | 001,132,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2020/02/01 23:24:57 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSTheme.exe
[2020/02/01 23:24:55 | 002,298,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2020/02/01 23:24:54 | 001,224,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2020/02/01 23:24:54 | 000,525,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2020/02/01 23:24:54 | 000,522,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2020/02/01 23:24:53 | 002,127,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2020/02/01 23:24:53 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2020/02/01 23:24:46 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2020/02/01 23:24:46 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NAPCRYPT.DLL
[2020/02/01 23:24:45 | 004,661,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2020/02/01 23:24:45 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti_ci.dll
[2020/02/01 23:24:44 | 001,291,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2020/02/01 23:24:43 | 001,071,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2020/02/01 23:24:43 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2020/02/01 23:24:39 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2020/02/01 23:24:31 | 026,807,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2020/02/01 23:24:31 | 001,309,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2020/02/01 23:24:25 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2020/02/01 23:24:23 | 002,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2020/02/01 23:24:19 | 007,872,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020/02/01 23:24:18 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2020/02/01 23:24:17 | 004,873,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2020/02/01 23:24:16 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaaut.dll
[2020/02/01 23:24:16 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2020/02/01 23:24:16 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2020/02/01 23:24:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadss.dll
[2020/02/01 23:24:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2020/02/01 23:24:15 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2020/02/01 23:24:14 | 001,247,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2020/02/01 23:24:14 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnscmmc.dll
[2020/02/01 23:24:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ComputerDefaults.exe
[2020/02/01 23:24:13 | 001,924,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplaySwitch.exe
[2020/02/01 23:24:08 | 001,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MiracastReceiver.dll
[2020/02/01 23:24:08 | 000,676,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2020/02/01 23:24:08 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2020/02/01 23:24:07 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2020/02/01 23:24:07 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2020/02/01 23:24:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2020/02/01 23:24:05 | 001,388,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2020/02/01 23:24:05 | 000,605,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2020/02/01 23:24:05 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResourceMapper.dll
[2020/02/01 23:24:04 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll
[2020/02/01 23:24:04 | 000,805,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioIso.exe
[2020/02/01 23:24:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2020/02/01 23:24:03 | 000,105,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpenWith.exe
[2020/02/01 23:23:59 | 004,344,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2020/02/01 23:23:59 | 002,086,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2020/02/01 23:23:57 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2020/02/01 23:23:57 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2020/02/01 23:23:57 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prntvpt.dll
[2020/02/01 23:23:28 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2020/02/01 23:23:28 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2020/02/01 23:23:25 | 001,506,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2020/02/01 23:23:25 | 000,098,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Display.BrightnessOverride.dll
[2020/02/01 23:23:24 | 000,767,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2020/02/01 23:23:24 | 000,231,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2020/02/01 23:23:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2020/02/01 23:23:23 | 000,661,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2020/02/01 23:23:23 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2020/02/01 23:23:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2020/02/01 23:23:23 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2020/02/01 23:23:22 | 001,484,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020/02/01 23:23:22 | 001,465,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2020/02/01 23:23:21 | 000,473,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020/02/01 23:23:21 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2020/02/01 23:23:21 | 000,122,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcmnutils.dll
[2020/02/01 23:23:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enterpriseresourcemanager.dll
[2020/02/01 23:23:20 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2020/02/01 23:23:20 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2020/02/01 23:23:19 | 000,682,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2020/02/01 23:23:19 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2020/02/01 23:23:19 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2020/02/01 23:23:18 | 000,452,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2020/02/01 23:23:17 | 003,096,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2020/02/01 23:23:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.XamlHost.dll
[2020/02/01 23:23:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2020/02/01 23:23:15 | 006,543,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020/02/01 23:23:15 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
  • 肉球
  • 2020/02/07 (Fri) 02:43:30
OTL8
[2020/02/01 23:23:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\compact.exe
[2020/02/01 23:23:14 | 001,278,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2020/02/01 23:23:14 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2020/02/01 23:23:13 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2020/02/01 23:23:13 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2020/02/01 23:23:12 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2020/02/01 23:23:12 | 000,652,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020/02/01 23:23:11 | 001,590,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020/02/01 23:23:11 | 000,774,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Services.TargetedContent.dll
[2020/02/01 23:23:10 | 001,656,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2020/02/01 23:23:10 | 001,272,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ttdrecordcpu.dll
[2020/02/01 23:23:10 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/02/01 23:23:09 | 000,272,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ttdwriter.dll
[2020/02/01 23:23:08 | 002,765,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2020/02/01 23:23:08 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2020/02/01 23:23:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2020/02/01 23:23:06 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2020/02/01 23:23:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2020/02/01 23:23:02 | 006,318,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020/02/01 23:23:02 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.OneCore.dll
[2020/02/01 23:23:01 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2020/02/01 23:22:59 | 003,656,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2020/02/01 23:22:57 | 001,721,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2020/02/01 23:22:56 | 000,791,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2020/02/01 23:22:56 | 000,408,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.dll
[2020/02/01 23:22:56 | 000,279,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2020/02/01 23:22:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CapabilityAccessManagerClient.dll
[2020/02/01 23:22:55 | 003,496,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AI.MachineLearning.dll
[2020/02/01 23:22:55 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2020/02/01 23:22:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ApiSetHost.AppExecutionAlias.dll
[2020/02/01 23:22:54 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2020/02/01 23:22:53 | 003,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2020/02/01 23:22:50 | 006,444,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2020/02/01 23:22:50 | 000,515,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\directmanipulation.dll
[2020/02/01 23:22:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComposableShellProxyStub.dll
[2020/02/01 23:22:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regapi.dll
[2020/02/01 23:22:47 | 000,622,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2020/02/01 23:22:45 | 005,770,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2020/02/01 23:22:45 | 000,038,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PasswordOnWakeSettingFlyout.exe
[2020/02/01 23:22:44 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spopk.dll
[2020/02/01 23:22:43 | 000,917,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2020/02/01 23:22:43 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2020/02/01 23:22:39 | 015,220,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2020/02/01 23:22:37 | 003,872,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020/02/01 23:22:33 | 000,155,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2020/02/01 23:22:33 | 000,065,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2020/02/01 23:22:32 | 001,272,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2020/02/01 23:22:32 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2020/02/01 23:22:32 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2020/02/01 23:22:16 | 000,542,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020/02/01 23:22:16 | 000,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2020/02/01 23:22:16 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2020/02/01 23:22:15 | 001,708,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2020/02/01 23:22:15 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2020/02/01 23:22:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterpriseresourcemanager.dll
[2020/02/01 23:22:14 | 002,698,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2020/02/01 23:22:14 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2020/02/01 23:22:13 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2020/02/01 23:22:12 | 000,817,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2020/02/01 23:22:11 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2020/02/01 23:22:10 | 001,701,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020/02/01 23:22:09 | 001,711,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2020/02/01 23:22:09 | 001,668,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2020/02/01 23:22:08 | 000,154,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcmnutils.dll
[2020/02/01 23:22:04 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2020/02/01 23:22:04 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2020/02/01 23:22:03 | 000,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2020/02/01 23:22:02 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2020/02/01 23:22:02 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcaSvc.dll
[2020/02/01 23:22:01 | 001,006,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2020/02/01 23:22:01 | 000,290,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2020/02/01 23:22:01 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptcatsvc.dll
[2020/02/01 23:21:51 | 000,808,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2020/02/01 23:21:51 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2020/02/01 23:21:51 | 000,047,616 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2020/02/01 23:21:50 | 000,177,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2020/02/01 23:21:50 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usp10.dll
[2020/02/01 23:21:49 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2020/02/01 23:21:48 | 000,474,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020/02/01 23:21:48 | 000,093,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2020/02/01 23:21:46 | 000,598,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2020/02/01 23:21:40 | 001,994,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020/02/01 23:21:40 | 000,588,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020/02/01 23:21:38 | 001,180,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020/02/01 23:21:38 | 000,434,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll
[2020/02/01 23:21:38 | 000,023,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2020/02/01 23:21:37 | 002,699,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2020/02/01 23:21:37 | 000,821,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2020/02/01 23:21:30 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2020/02/01 23:21:29 | 001,729,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2020/02/01 23:21:29 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ComposableShellProxyStub.dll
[2020/02/01 23:21:29 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShellExtFramework.dll
[2020/02/01 23:21:28 | 003,490,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2020/02/01 23:21:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2020/02/01 23:21:27 | 000,948,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2020/02/01 23:21:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2020/02/01 23:21:21 | 006,934,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2020/02/01 23:21:19 | 000,044,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PasswordOnWakeSettingFlyout.exe
[2020/02/01 23:20:55 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2020/02/01 23:20:55 | 000,168,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2020/02/01 23:20:55 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regapi.dll
[2020/02/01 23:20:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2020/02/01 23:20:54 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2020/02/01 23:20:54 | 000,341,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsta.dll
[2020/02/01 23:20:49 | 000,736,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2020/02/01 23:20:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spopk.dll
[2020/02/01 23:20:48 | 000,086,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostw.exe
[2020/02/01 23:20:48 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compact.exe
[2020/02/01 23:20:47 | 000,773,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2020/02/01 23:20:47 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConhostV1.dll
[2020/02/01 23:20:47 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2020/02/01 23:20:46 | 003,978,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2020/02/01 23:20:46 | 001,486,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020/02/01 23:20:46 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Narrator.exe
[2020/02/01 23:20:45 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.XamlHost.dll
[2020/02/01 23:20:44 | 000,638,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2020/02/01 23:20:43 | 002,871,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2020/02/01 23:20:43 | 000,747,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2020/02/01 23:20:43 | 000,071,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2020/02/01 23:20:42 | 001,726,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2020/02/01 23:20:42 | 000,465,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2020/02/01 23:20:42 | 000,324,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2020/02/01 23:20:41 | 000,164,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2020/02/01 23:20:40 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\refsutil.exe
[2020/02/01 23:20:40 | 000,224,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2020/02/01 23:20:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2020/02/01 23:20:39 | 000,764,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2020/02/01 23:20:39 | 000,519,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2020/02/01 23:20:38 | 001,473,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2020/02/01 23:20:38 | 001,346,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2020/02/01 23:20:38 | 001,183,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2020/02/01 23:20:37 | 001,702,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2020/02/01 23:20:36 | 001,966,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2020/02/01 23:20:35 | 001,390,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2020/02/01 23:20:33 | 000,811,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2020/02/01 23:20:33 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcl.exe
[2020/02/01 23:20:31 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2020/02/01 23:20:23 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2020/02/01 23:20:22 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_ManagePhone.dll
[2020/02/01 23:20:14 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2020/02/01 23:20:14 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2020/02/01 23:20:13 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2020/02/01 23:19:58 | 005,575,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020/02/01 23:19:51 | 000,120,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpenWith.exe
[2020/02/01 23:19:46 | 004,737,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2020/02/01 23:19:43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shunimpl.dll
[2020/02/01 23:19:42 | 001,170,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2020/02/01 23:19:41 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2020/02/01 23:19:41 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2020/02/01 23:19:40 | 001,751,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020/02/01 23:19:39 | 001,056,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pidgenx.dll
[2020/02/01 23:19:39 | 000,888,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pidgenx.dll
[2020/02/01 23:19:35 | 000,678,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020/02/01 23:19:34 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2020/02/01 23:19:33 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2020/02/01 23:19:32 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2020/02/01 23:19:31 | 002,118,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2020/02/01 23:19:29 | 001,262,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2020/02/01 23:19:27 | 004,303,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2020/02/01 23:19:24 | 002,879,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2020/02/01 23:19:23 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prntvpt.dll
[2020/02/01 23:19:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2020/02/01 23:19:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnppolicy.dll
[2020/02/01 23:19:21 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2020/02/01 23:18:29 | 000,130,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Display.BrightnessOverride.dll
[2020/02/01 23:18:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2020/02/01 23:18:26 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2020/02/01 23:18:23 | 000,591,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2020/02/01 23:18:22 | 009,668,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020/02/01 23:18:22 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2020/02/01 23:18:21 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2020/02/01 23:18:20 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2020/02/01 23:18:19 | 001,665,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020/02/01 23:18:18 | 003,637,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020/02/01 23:18:17 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsiCx.sys
[2020/02/01 23:18:16 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2020/02/01 23:18:16 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2020/02/01 23:18:16 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2020/02/01 23:18:16 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
  • 肉球
  • 2020/02/07 (Fri) 02:44:53
OTL9
[2020/02/01 23:18:15 | 001,830,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020/02/01 23:18:15 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll
[2020/02/01 23:18:10 | 001,644,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2020/02/01 23:18:09 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2020/02/01 23:18:08 | 001,081,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Services.TargetedContent.dll
[2020/02/01 23:18:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnservice.dll
[2020/02/01 23:18:07 | 002,233,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2020/02/01 23:18:07 | 001,563,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ttdrecordcpu.dll
[2020/02/01 23:18:07 | 000,330,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ttdwriter.dll
[2020/02/01 23:18:07 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/02/01 23:18:06 | 001,171,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2020/02/01 23:18:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2020/02/01 23:18:03 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2020/02/01 23:18:03 | 000,179,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2020/02/01 23:18:00 | 004,049,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020/02/01 23:18:00 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2020/02/01 23:17:58 | 003,333,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2020/02/01 23:17:58 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2020/02/01 23:17:58 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2020/02/01 23:17:58 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2020/02/01 23:17:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2020/02/01 23:17:57 | 002,848,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2020/02/01 23:17:57 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2020/02/01 23:17:56 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2020/02/01 23:17:56 | 000,439,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020/02/01 23:17:55 | 000,862,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020/02/01 23:17:53 | 002,419,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020/02/01 23:17:52 | 006,058,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2020/02/01 23:17:52 | 003,082,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2020/02/01 23:17:51 | 000,780,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2020/02/01 23:17:51 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2020/02/01 23:17:51 | 000,351,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2020/02/01 23:17:50 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2020/02/01 23:17:50 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManagerClient.dll
[2020/02/01 23:17:49 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_CapabilityAccess.dll
[2020/02/01 23:17:48 | 000,938,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2020/02/01 23:17:45 | 004,866,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AI.MachineLearning.dll
[2020/02/01 23:17:45 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2020/02/01 23:17:44 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApiSetHost.AppExecutionAlias.dll
[2020/02/01 23:17:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2020/02/01 23:17:42 | 005,299,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2020/02/01 23:17:42 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2020/02/01 23:17:40 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2020/02/01 23:17:39 | 007,886,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2020/02/01 23:17:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2020/02/01 23:17:38 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_AppExecutionAlias.dll
[2020/02/01 23:17:38 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_BackgroundApps.dll
[2020/02/01 23:17:36 | 007,656,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2020/02/01 23:17:35 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2020/02/01 23:17:35 | 000,605,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\directmanipulation.dll
[2020/02/01 23:17:35 | 000,484,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2020/02/01 23:17:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2020/02/01 23:17:34 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2020/02/01 23:17:34 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2020/02/01 23:17:32 | 007,645,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020/02/01 23:17:32 | 000,505,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2020/02/01 23:17:32 | 000,330,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2020/02/01 23:17:31 | 001,054,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020/02/01 23:17:31 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2020/02/01 23:17:30 | 003,387,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020/02/01 23:17:30 | 001,608,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020/02/01 23:17:29 | 002,192,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020/02/01 23:17:29 | 001,087,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2020/02/01 23:17:27 | 005,573,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020/02/01 23:17:27 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2020/02/01 23:17:27 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevQueryBroker.dll
[2020/02/01 23:17:23 | 017,485,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2020/02/01 23:17:23 | 004,413,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020/02/01 23:17:23 | 000,741,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2020/02/01 23:17:22 | 001,022,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2020/02/01 23:17:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiredNetworkCSP.dll
[2020/02/01 23:17:12 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2020/02/01 23:17:12 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2020/02/01 23:17:11 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2020/02/01 23:17:10 | 000,807,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2020/02/01 23:17:10 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2020/02/01 23:17:10 | 000,193,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2020/02/01 23:17:10 | 000,079,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2020/02/01 23:17:09 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2020/02/01 23:17:09 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2020/02/01 23:17:09 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2020/02/01 23:17:09 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2020/02/01 23:17:08 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Signals.dll
[2020/02/01 23:17:08 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2020/02/01 23:17:02 | 001,098,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2020/02/01 23:17:02 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2020/02/01 23:17:00 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2020/02/01 23:16:59 | 002,109,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2020/02/01 23:16:59 | 001,331,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2020/02/01 23:16:59 | 000,604,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2020/02/01 23:16:58 | 001,551,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2020/02/01 23:16:58 | 000,347,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2020/02/01 23:16:56 | 001,701,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2020/02/01 23:16:56 | 001,308,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2020/02/01 23:16:56 | 000,282,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2020/02/01 23:16:25 | 000,888,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020/02/01 23:16:25 | 000,680,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020/02/01 23:16:25 | 000,445,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2020/02/01 23:16:25 | 000,389,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2020/02/01 23:16:25 | 000,213,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020/02/01 23:16:25 | 000,193,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020/02/01 23:16:25 | 000,147,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2020/02/01 23:16:25 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020/02/01 23:16:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020/02/01 23:16:24 | 000,509,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2020/02/01 23:16:24 | 000,450,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2020/02/01 23:16:24 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020/02/01 23:16:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020/02/01 23:16:24 | 000,163,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2020/02/01 23:16:24 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020/02/01 23:16:23 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2020/02/01 23:16:23 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2020/02/01 23:16:23 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2020/02/01 23:16:23 | 000,376,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2020/02/01 23:16:23 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2020/02/01 23:16:23 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2020/02/01 23:16:22 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2020/02/01 23:16:21 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2020/02/01 23:16:21 | 000,421,376 | ---- | C] (curl, https://curl.haxx.se/) -- C:\WINDOWS\SysNative\curl.exe
[2020/02/01 23:16:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2020/02/01 23:16:20 | 003,576,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020/02/01 23:16:20 | 000,140,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys
[2020/02/01 23:16:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2020/02/01 23:16:19 | 000,405,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2020/02/01 23:16:19 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2020/02/01 23:16:19 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ptpprov.dll
[2020/02/01 23:16:19 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecureTimeAggregator.dll
[2020/02/01 23:16:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2020/02/01 23:16:18 | 000,402,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2020/02/01 23:16:18 | 000,398,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2020/02/01 23:16:18 | 000,156,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devobj.dll
[2020/02/01 23:16:18 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvsetup.dll
[2020/02/01 23:16:17 | 001,084,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2020/02/01 23:16:17 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2020/02/01 23:16:17 | 000,531,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2020/02/01 23:16:17 | 000,506,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020/02/01 23:16:16 | 001,674,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2020/02/01 23:16:16 | 000,294,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020/02/01 23:16:16 | 000,278,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2020/02/01 23:16:15 | 000,758,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020/02/01 23:16:15 | 000,652,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020/02/01 23:16:15 | 000,203,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020/02/01 23:16:15 | 000,164,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020/02/01 23:16:14 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2020/02/01 23:16:13 | 000,613,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2020/02/01 23:16:12 | 002,593,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020/02/01 23:16:12 | 000,415,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2020/02/01 23:16:12 | 000,118,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2020/02/01 23:16:10 | 001,191,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2020/02/01 23:16:09 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2020/02/01 23:16:09 | 000,141,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2020/02/01 23:16:08 | 000,856,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020/02/01 23:16:07 | 003,333,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020/02/01 23:16:07 | 001,387,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020/02/01 23:16:06 | 001,936,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2020/02/01 23:16:06 | 000,930,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2020/02/01 23:16:06 | 000,514,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2020/02/01 23:16:06 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2020/02/01 23:16:06 | 000,036,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2020/02/01 23:16:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2020/02/01 23:16:05 | 000,152,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2020/02/01 23:16:04 | 000,039,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NtlmShared.dll
[2020/02/01 23:16:03 | 001,022,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2020/02/01 23:16:03 | 000,793,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2020/02/01 23:16:03 | 000,104,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020/02/01 23:16:02 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
  • 肉球
  • 2020/02/07 (Fri) 02:46:24
OTL10
[2020/02/01 23:16:00 | 003,198,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2020/02/01 23:15:58 | 001,743,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2020/02/01 23:15:55 | 007,700,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020/02/01 23:15:55 | 000,865,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020/02/01 23:15:55 | 000,677,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2020/02/01 23:15:55 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2020/02/01 23:15:54 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.OneCore.dll
[2020/02/01 23:15:45 | 002,149,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2020/02/01 23:15:45 | 000,775,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2020/02/01 23:15:45 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2020/02/01 23:15:45 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2020/02/01 23:15:44 | 001,054,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2020/02/01 23:15:44 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2020/02/01 23:15:42 | 002,707,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020/02/01 23:15:42 | 000,605,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2020/02/01 23:15:42 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2020/02/01 23:15:42 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSTheme.exe
[2020/02/01 23:15:41 | 000,536,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2020/02/01 23:15:41 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2020/02/01 23:15:41 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2020/02/01 23:15:40 | 002,839,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2020/02/01 23:15:40 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NtlmShared.dll
[2020/02/01 23:15:30 | 000,090,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020/02/01 23:15:30 | 000,087,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhvr.sys
[2020/02/01 23:15:29 | 001,258,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020/02/01 23:15:29 | 001,049,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020/02/01 23:15:29 | 000,080,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020/02/01 23:15:29 | 000,061,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvhostsvc.dll
[2020/02/01 23:15:28 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinHvPlatform.dll
[2020/02/01 23:15:28 | 000,094,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2020/02/01 23:15:27 | 000,662,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2020/02/01 23:14:38 | 000,608,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2020/02/01 23:14:37 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2020/02/01 23:14:37 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2020/02/01 23:14:37 | 000,095,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2020/02/01 23:14:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2020/02/01 23:14:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsiAcpiClient.sys
[2020/02/01 23:14:30 | 000,131,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2020/02/01 23:14:26 | 000,520,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2020/02/01 23:14:25 | 000,234,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2020/02/01 23:14:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Synth3dVsc.sys
[2020/02/01 23:14:24 | 000,057,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys
[2020/02/01 23:14:23 | 000,198,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2020/02/01 23:14:22 | 000,667,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[7 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[5 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2020/02/07 01:30:14 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2020/02/07 01:28:45 | 000,214,496 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020/02/07 01:28:38 | 000,248,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020/02/07 01:28:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2020/02/07 01:28:07 | 1675,505,664 | -HS- | M] () -- C:\hiberfil.sys
[2020/02/07 01:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Yuu\Desktop\OTL.exe
[2020/02/05 07:08:37 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2020/02/05 01:20:19 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2020/02/05 01:05:27 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020/02/05 01:04:25 | 000,153,312 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020/02/05 01:04:21 | 000,020,936 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020/02/04 06:24:10 | 000,376,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2020/02/04 06:24:10 | 000,053,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2020/02/04 06:24:10 | 000,045,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2020/02/04 03:47:00 | 001,453,622 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2020/02/04 03:47:00 | 000,704,292 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2020/02/04 03:47:00 | 000,484,466 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2020/02/04 03:47:00 | 000,134,518 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2020/02/04 03:47:00 | 000,133,550 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2020/02/02 21:47:19 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020/02/02 00:47:47 | 000,391,088 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2020/02/02 00:45:22 | 000,000,712 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job
[2020/02/02 00:45:22 | 000,000,708 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
[2020/02/02 00:04:03 | 000,702,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase_clr0400.dll
[2020/02/02 00:04:03 | 000,622,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp140_clr0400.dll
[2020/02/02 00:04:03 | 000,433,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp140_clr0400.dll
[2020/02/02 00:04:03 | 000,087,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vcruntime140_clr0400.dll
[2020/02/02 00:04:03 | 000,083,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vcruntime140_clr0400.dll
[2020/02/02 00:04:02 | 000,772,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_clr0400.dll
[2020/02/02 00:03:06 | 000,017,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
[2020/02/02 00:03:06 | 000,017,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll
[2020/02/02 00:02:18 | 000,032,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aspnet_counters.dll
[2020/02/02 00:02:18 | 000,029,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aspnet_counters.dll
[2020/02/01 23:45:57 | 000,179,816 | ---- | M] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2020/02/01 23:45:55 | 000,835,480 | ---- | M] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2020/02/01 23:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OEMDefaultAssociations.dll
[2020/02/01 23:42:11 | 000,018,002 | ---- | M] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2020/02/01 23:29:00 | 003,442,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2020/02/01 23:29:00 | 001,155,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shellstyle.dll
[2020/02/01 23:29:00 | 001,155,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shellstyle.dll
[2020/02/01 23:29:00 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DavSyncProvider.dll
[2020/02/01 23:29:00 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fcon.dll
[2020/02/01 23:28:59 | 004,488,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2020/02/01 23:28:58 | 011,724,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2020/02/01 23:28:57 | 009,941,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2020/02/01 23:28:57 | 000,249,856 | ---- | M] (Gracenote, Inc.) -- C:\WINDOWS\SysWow64\gnsdk_fp.dll
[2020/02/01 23:28:55 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DavSyncProvider.dll
[2020/02/01 23:27:08 | 002,323,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020/02/01 23:27:07 | 002,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020/02/01 23:27:06 | 001,289,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020/02/01 23:27:06 | 001,075,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2020/02/01 23:27:04 | 003,550,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020/02/01 23:27:03 | 001,604,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2020/02/01 23:27:03 | 001,024,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020/02/01 23:27:02 | 002,278,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020/02/01 23:27:02 | 001,297,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2020/02/01 23:27:02 | 000,263,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2020/02/01 23:27:01 | 005,436,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020/02/01 23:27:00 | 002,099,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2020/02/01 23:27:00 | 001,200,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020/02/01 23:26:54 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2020/02/01 23:26:53 | 001,267,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2020/02/01 23:26:51 | 002,429,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2020/02/01 23:26:15 | 024,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020/02/01 23:26:08 | 019,284,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020/02/01 23:26:03 | 000,829,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020/02/01 23:25:59 | 001,521,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2020/02/01 23:25:59 | 001,307,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2020/02/01 23:25:58 | 007,922,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2020/02/01 23:25:55 | 002,393,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2020/02/01 23:25:55 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2020/02/01 23:25:55 | 000,350,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2020/02/01 23:25:54 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2020/02/01 23:25:53 | 001,312,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll
[2020/02/01 23:25:48 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2020/02/01 23:25:47 | 020,816,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2020/02/01 23:25:42 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2020/02/01 23:25:36 | 006,065,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020/02/01 23:25:31 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2020/02/01 23:25:29 | 002,018,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2020/02/01 23:25:27 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll
[2020/02/01 23:25:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2020/02/01 23:25:26 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxbde40.dll
[2020/02/01 23:25:26 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll
[2020/02/01 23:25:26 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll
[2020/02/01 23:25:09 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2020/02/01 23:25:09 | 000,386,048 | ---- | M] (curl, https://curl.haxx.se/) -- C:\WINDOWS\SysWow64\curl.exe
[2020/02/01 23:25:08 | 000,901,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MiracastReceiver.dll
[2020/02/01 23:25:08 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2020/02/01 23:25:08 | 000,572,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaaut.dll
[2020/02/01 23:25:08 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2020/02/01 23:25:08 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComputerDefaults.exe
[2020/02/01 23:25:07 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2020/02/01 23:25:07 | 000,480,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2020/02/01 23:25:07 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadss.dll
[2020/02/01 23:25:06 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2020/02/01 23:25:05 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\MbbCx.sys
[2020/02/01 23:25:04 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2020/02/01 23:25:04 | 000,195,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityCenterBroker.dll
[2020/02/01 23:25:02 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FileHistory.exe
[2020/02/01 23:25:02 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhuxgraphics.dll
[2020/02/01 23:25:01 | 008,905,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2020/02/01 23:24:59 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
  • 肉球
  • 2020/02/07 (Fri) 02:47:51
OTL11
[2020/02/01 23:24:58 | 000,883,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2020/02/01 23:24:58 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2020/02/01 23:24:58 | 000,410,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2020/02/01 23:24:57 | 001,132,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2020/02/01 23:24:57 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSTheme.exe
[2020/02/01 23:24:56 | 002,298,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2020/02/01 23:24:55 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2020/02/01 23:24:54 | 000,525,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2020/02/01 23:24:54 | 000,522,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2020/02/01 23:24:53 | 002,127,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2020/02/01 23:24:53 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2020/02/01 23:24:46 | 004,661,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2020/02/01 23:24:46 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2020/02/01 23:24:46 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NAPCRYPT.DLL
[2020/02/01 23:24:45 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti_ci.dll
[2020/02/01 23:24:44 | 001,291,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2020/02/01 23:24:43 | 001,071,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2020/02/01 23:24:43 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2020/02/01 23:24:39 | 026,807,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2020/02/01 23:24:39 | 000,912,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2020/02/01 23:24:31 | 001,309,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2020/02/01 23:24:25 | 000,840,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2020/02/01 23:24:23 | 002,096,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2020/02/01 23:24:22 | 007,872,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020/02/01 23:24:18 | 004,873,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2020/02/01 23:24:18 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2020/02/01 23:24:16 | 000,842,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2020/02/01 23:24:16 | 000,673,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaaut.dll
[2020/02/01 23:24:16 | 000,495,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2020/02/01 23:24:16 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2020/02/01 23:24:16 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadss.dll
[2020/02/01 23:24:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2020/02/01 23:24:14 | 001,924,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplaySwitch.exe
[2020/02/01 23:24:14 | 001,247,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2020/02/01 23:24:14 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnscmmc.dll
[2020/02/01 23:24:14 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ComputerDefaults.exe
[2020/02/01 23:24:08 | 001,315,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MiracastReceiver.dll
[2020/02/01 23:24:08 | 000,676,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2020/02/01 23:24:08 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2020/02/01 23:24:08 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2020/02/01 23:24:07 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2020/02/01 23:24:07 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2020/02/01 23:24:06 | 001,388,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2020/02/01 23:24:05 | 000,605,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2020/02/01 23:24:05 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResourceMapper.dll
[2020/02/01 23:24:04 | 000,914,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll
[2020/02/01 23:24:04 | 000,805,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioIso.exe
[2020/02/01 23:24:04 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2020/02/01 23:24:03 | 000,105,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpenWith.exe
[2020/02/01 23:24:00 | 004,344,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2020/02/01 23:23:59 | 002,086,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2020/02/01 23:23:57 | 000,487,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2020/02/01 23:23:57 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2020/02/01 23:23:57 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prntvpt.dll
[2020/02/01 23:23:29 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2020/02/01 23:23:28 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2020/02/01 23:23:25 | 001,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2020/02/01 23:23:25 | 000,231,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2020/02/01 23:23:25 | 000,098,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Display.BrightnessOverride.dll
[2020/02/01 23:23:24 | 000,767,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2020/02/01 23:23:24 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2020/02/01 23:23:24 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2020/02/01 23:23:23 | 001,465,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2020/02/01 23:23:23 | 000,661,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2020/02/01 23:23:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2020/02/01 23:23:23 | 000,038,912 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2020/02/01 23:23:22 | 001,484,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020/02/01 23:23:21 | 000,473,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020/02/01 23:23:21 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2020/02/01 23:23:21 | 000,122,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcmnutils.dll
[2020/02/01 23:23:21 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enterpriseresourcemanager.dll
[2020/02/01 23:23:20 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2020/02/01 23:23:20 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2020/02/01 23:23:19 | 000,682,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2020/02/01 23:23:19 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2020/02/01 23:23:19 | 000,452,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2020/02/01 23:23:19 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2020/02/01 23:23:18 | 003,096,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2020/02/01 23:23:17 | 006,543,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020/02/01 23:23:17 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.XamlHost.dll
[2020/02/01 23:23:17 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2020/02/01 23:23:15 | 001,278,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2020/02/01 23:23:15 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2020/02/01 23:23:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\compact.exe
[2020/02/01 23:23:14 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2020/02/01 23:23:13 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2020/02/01 23:23:13 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2020/02/01 23:23:12 | 000,968,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2020/02/01 23:23:12 | 000,652,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020/02/01 23:23:11 | 001,590,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020/02/01 23:23:11 | 000,774,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Services.TargetedContent.dll
[2020/02/01 23:23:10 | 001,656,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2020/02/01 23:23:10 | 001,272,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ttdrecordcpu.dll
[2020/02/01 23:23:10 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/02/01 23:23:09 | 000,272,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ttdwriter.dll
[2020/02/01 23:23:08 | 002,765,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2020/02/01 23:23:08 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2020/02/01 23:23:07 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2020/02/01 23:23:06 | 002,348,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2020/02/01 23:23:05 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2020/02/01 23:23:03 | 006,318,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020/02/01 23:23:02 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.OneCore.dll
[2020/02/01 23:23:01 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2020/02/01 23:23:00 | 003,656,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2020/02/01 23:22:57 | 001,721,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2020/02/01 23:22:56 | 000,791,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2020/02/01 23:22:56 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2020/02/01 23:22:56 | 000,408,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.dll
[2020/02/01 23:22:56 | 000,279,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2020/02/01 23:22:56 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CapabilityAccessManagerClient.dll
[2020/02/01 23:22:55 | 003,496,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AI.MachineLearning.dll
[2020/02/01 23:22:54 | 003,428,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2020/02/01 23:22:54 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ApiSetHost.AppExecutionAlias.dll
[2020/02/01 23:22:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2020/02/01 23:22:52 | 006,444,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2020/02/01 23:22:50 | 000,515,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\directmanipulation.dll
[2020/02/01 23:22:48 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComposableShellProxyStub.dll
[2020/02/01 23:22:48 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regapi.dll
[2020/02/01 23:22:47 | 000,622,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2020/02/01 23:22:46 | 005,770,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2020/02/01 23:22:45 | 000,038,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PasswordOnWakeSettingFlyout.exe
[2020/02/01 23:22:44 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spopk.dll
[2020/02/01 23:22:43 | 015,220,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2020/02/01 23:22:43 | 000,917,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2020/02/01 23:22:43 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2020/02/01 23:22:38 | 003,872,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020/02/01 23:22:33 | 001,272,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2020/02/01 23:22:33 | 000,155,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2020/02/01 23:22:33 | 000,065,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2020/02/01 23:22:32 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2020/02/01 23:22:32 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2020/02/01 23:22:16 | 001,708,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2020/02/01 23:22:16 | 000,542,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020/02/01 23:22:16 | 000,360,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2020/02/01 23:22:16 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2020/02/01 23:22:15 | 002,698,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2020/02/01 23:22:15 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2020/02/01 23:22:15 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterpriseresourcemanager.dll
[2020/02/01 23:22:14 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2020/02/01 23:22:13 | 000,949,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2020/02/01 23:22:12 | 000,817,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2020/02/01 23:22:11 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2020/02/01 23:22:10 | 001,701,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020/02/01 23:22:09 | 001,711,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2020/02/01 23:22:09 | 001,668,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2020/02/01 23:22:08 | 000,154,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcmnutils.dll
[2020/02/01 23:22:04 | 000,596,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2020/02/01 23:22:04 | 000,449,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2020/02/01 23:22:04 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2020/02/01 23:22:02 | 000,794,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2020/02/01 23:22:02 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcaSvc.dll
[2020/02/01 23:22:01 | 001,006,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2020/02/01 23:22:01 | 000,290,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2020/02/01 23:22:01 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptcatsvc.dll
[2020/02/01 23:21:51 | 000,808,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2020/02/01 23:21:51 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2020/02/01 23:21:51 | 000,047,616 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2020/02/01 23:21:50 | 000,177,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2020/02/01 23:21:50 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usp10.dll
[2020/02/01 23:21:49 | 000,782,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2020/02/01 23:21:48 | 000,474,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020/02/01 23:21:48 | 000,093,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2020/02/01 23:21:46 | 000,598,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2020/02/01 23:21:41 | 001,994,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020/02/01 23:21:40 | 000,588,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020/02/01 23:21:38 | 002,699,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2020/02/01 23:21:38 | 001,180,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020/02/01 23:21:38 | 000,434,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll
[2020/02/01 23:21:38 | 000,023,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2020/02/01 23:21:37 | 000,821,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2020/02/01 23:21:30 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2020/02/01 23:21:29 | 001,729,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2020/02/01 23:21:29 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ComposableShellProxyStub.dll
[2020/02/01 23:21:29 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShellExtFramework.dll
[2020/02/01 23:21:28 | 003,490,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2020/02/01 23:21:28 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2020/02/01 23:21:27 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2020/02/01 23:21:27 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2020/02/01 23:21:23 | 006,934,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
  • 肉球
  • 2020/02/07 (Fri) 02:50:36
OTL12
[2020/02/01 23:21:20 | 000,044,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PasswordOnWakeSettingFlyout.exe
[2020/02/01 23:20:56 | 000,168,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2020/02/01 23:20:55 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2020/02/01 23:20:55 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regapi.dll
[2020/02/01 23:20:55 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2020/02/01 23:20:54 | 000,487,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2020/02/01 23:20:54 | 000,341,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsta.dll
[2020/02/01 23:20:49 | 000,736,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2020/02/01 23:20:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spopk.dll
[2020/02/01 23:20:48 | 000,086,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostw.exe
[2020/02/01 23:20:48 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compact.exe
[2020/02/01 23:20:47 | 000,773,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2020/02/01 23:20:47 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConhostV1.dll
[2020/02/01 23:20:47 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2020/02/01 23:20:46 | 003,978,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2020/02/01 23:20:46 | 001,486,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020/02/01 23:20:46 | 000,399,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Narrator.exe
[2020/02/01 23:20:45 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.XamlHost.dll
[2020/02/01 23:20:44 | 000,638,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2020/02/01 23:20:43 | 002,871,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2020/02/01 23:20:43 | 000,747,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2020/02/01 23:20:43 | 000,465,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2020/02/01 23:20:43 | 000,071,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2020/02/01 23:20:42 | 001,726,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2020/02/01 23:20:42 | 000,324,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2020/02/01 23:20:41 | 000,164,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2020/02/01 23:20:40 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\refsutil.exe
[2020/02/01 23:20:40 | 000,224,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2020/02/01 23:20:39 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2020/02/01 23:20:39 | 000,764,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2020/02/01 23:20:39 | 000,519,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2020/02/01 23:20:38 | 001,702,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2020/02/01 23:20:38 | 001,473,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2020/02/01 23:20:38 | 001,346,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2020/02/01 23:20:38 | 001,183,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2020/02/01 23:20:36 | 001,966,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2020/02/01 23:20:36 | 001,390,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2020/02/01 23:20:34 | 000,811,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2020/02/01 23:20:33 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcl.exe
[2020/02/01 23:20:31 | 001,319,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2020/02/01 23:20:23 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2020/02/01 23:20:22 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_ManagePhone.dll
[2020/02/01 23:20:15 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2020/02/01 23:20:14 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2020/02/01 23:20:13 | 000,670,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2020/02/01 23:19:59 | 005,575,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020/02/01 23:19:51 | 000,120,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpenWith.exe
[2020/02/01 23:19:46 | 004,737,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2020/02/01 23:19:45 | 000,860,160 | ---- | M] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2020/02/01 23:19:43 | 001,170,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2020/02/01 23:19:43 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shunimpl.dll
[2020/02/01 23:19:41 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2020/02/01 23:19:41 | 000,519,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2020/02/01 23:19:40 | 001,751,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020/02/01 23:19:39 | 001,056,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pidgenx.dll
[2020/02/01 23:19:39 | 000,888,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pidgenx.dll
[2020/02/01 23:19:36 | 000,678,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020/02/01 23:19:34 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2020/02/01 23:19:33 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2020/02/01 23:19:32 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2020/02/01 23:19:31 | 002,118,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2020/02/01 23:19:29 | 001,262,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2020/02/01 23:19:27 | 004,303,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2020/02/01 23:19:25 | 002,879,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2020/02/01 23:19:23 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prntvpt.dll
[2020/02/01 23:19:23 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2020/02/01 23:19:22 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2020/02/01 23:19:22 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnppolicy.dll
[2020/02/01 23:18:29 | 000,130,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Display.BrightnessOverride.dll
[2020/02/01 23:18:27 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2020/02/01 23:18:26 | 000,736,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2020/02/01 23:18:23 | 009,668,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020/02/01 23:18:23 | 000,591,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2020/02/01 23:18:22 | 000,616,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2020/02/01 23:18:21 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2020/02/01 23:18:21 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2020/02/01 23:18:20 | 001,665,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020/02/01 23:18:19 | 003,637,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020/02/01 23:18:17 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2020/02/01 23:18:17 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsiCx.sys
[2020/02/01 23:18:16 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2020/02/01 23:18:16 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2020/02/01 23:18:16 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2020/02/01 23:18:16 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll
[2020/02/01 23:18:15 | 001,830,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020/02/01 23:18:10 | 001,644,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2020/02/01 23:18:10 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2020/02/01 23:18:08 | 001,081,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Services.TargetedContent.dll
[2020/02/01 23:18:08 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnservice.dll
[2020/02/01 23:18:07 | 002,233,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2020/02/01 23:18:07 | 001,563,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ttdrecordcpu.dll
[2020/02/01 23:18:07 | 000,330,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ttdwriter.dll
[2020/02/01 23:18:07 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/02/01 23:18:06 | 001,171,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2020/02/01 23:18:06 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2020/02/01 23:18:03 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2020/02/01 23:18:03 | 000,179,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2020/02/01 23:18:00 | 004,049,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020/02/01 23:18:00 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2020/02/01 23:17:59 | 003,333,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2020/02/01 23:17:58 | 000,394,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2020/02/01 23:17:58 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2020/02/01 23:17:58 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2020/02/01 23:17:58 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2020/02/01 23:17:57 | 002,848,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2020/02/01 23:17:57 | 000,801,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2020/02/01 23:17:57 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2020/02/01 23:17:56 | 000,439,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020/02/01 23:17:55 | 000,862,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020/02/01 23:17:54 | 002,419,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020/02/01 23:17:53 | 006,058,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2020/02/01 23:17:52 | 003,082,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2020/02/01 23:17:51 | 000,780,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2020/02/01 23:17:51 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2020/02/01 23:17:51 | 000,351,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2020/02/01 23:17:51 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManagerClient.dll
[2020/02/01 23:17:50 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2020/02/01 23:17:49 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_CapabilityAccess.dll
[2020/02/01 23:17:48 | 000,938,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2020/02/01 23:17:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2020/02/01 23:17:45 | 004,866,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AI.MachineLearning.dll
[2020/02/01 23:17:44 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApiSetHost.AppExecutionAlias.dll
[2020/02/01 23:17:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2020/02/01 23:17:43 | 005,299,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2020/02/01 23:17:42 | 000,644,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2020/02/01 23:17:41 | 002,050,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2020/02/01 23:17:40 | 007,886,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2020/02/01 23:17:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2020/02/01 23:17:38 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_AppExecutionAlias.dll
[2020/02/01 23:17:38 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_BackgroundApps.dll
[2020/02/01 23:17:37 | 007,656,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2020/02/01 23:17:35 | 000,657,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2020/02/01 23:17:35 | 000,605,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\directmanipulation.dll
[2020/02/01 23:17:35 | 000,484,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2020/02/01 23:17:35 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2020/02/01 23:17:34 | 007,645,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020/02/01 23:17:34 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2020/02/01 23:17:34 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Storage.dll
[2020/02/01 23:17:32 | 000,505,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2020/02/01 23:17:32 | 000,330,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2020/02/01 23:17:31 | 001,608,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020/02/01 23:17:31 | 001,054,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020/02/01 23:17:31 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2020/02/01 23:17:30 | 003,387,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020/02/01 23:17:30 | 002,192,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020/02/01 23:17:29 | 001,087,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2020/02/01 23:17:28 | 005,573,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020/02/01 23:17:27 | 017,485,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
  • 肉球
  • 2020/02/07 (Fri) 02:52:25
OTL13
[2020/02/01 23:17:27 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2020/02/01 23:17:27 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevQueryBroker.dll
[2020/02/01 23:17:23 | 004,413,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020/02/01 23:17:23 | 001,022,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2020/02/01 23:17:23 | 000,741,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2020/02/01 23:17:22 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiredNetworkCSP.dll
[2020/02/01 23:17:12 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2020/02/01 23:17:12 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2020/02/01 23:17:11 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2020/02/01 23:17:11 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2020/02/01 23:17:10 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2020/02/01 23:17:10 | 000,193,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2020/02/01 23:17:10 | 000,079,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2020/02/01 23:17:09 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2020/02/01 23:17:09 | 000,373,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2020/02/01 23:17:09 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2020/02/01 23:17:09 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2020/02/01 23:17:09 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2020/02/01 23:17:08 | 000,848,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Signals.dll
[2020/02/01 23:17:02 | 001,098,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2020/02/01 23:17:02 | 000,890,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2020/02/01 23:17:00 | 001,331,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2020/02/01 23:17:00 | 000,750,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2020/02/01 23:17:00 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ja-JP\spaceport.sys.mui
[2020/02/01 23:16:59 | 002,109,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2020/02/01 23:16:59 | 000,604,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2020/02/01 23:16:58 | 001,551,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2020/02/01 23:16:58 | 000,347,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2020/02/01 23:16:57 | 001,701,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2020/02/01 23:16:56 | 001,308,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2020/02/01 23:16:56 | 000,282,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2020/02/01 23:16:26 | 000,193,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020/02/01 23:16:25 | 000,888,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020/02/01 23:16:25 | 000,680,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020/02/01 23:16:25 | 000,445,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2020/02/01 23:16:25 | 000,389,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2020/02/01 23:16:25 | 000,213,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020/02/01 23:16:25 | 000,147,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2020/02/01 23:16:25 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020/02/01 23:16:25 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020/02/01 23:16:24 | 000,509,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2020/02/01 23:16:24 | 000,450,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2020/02/01 23:16:24 | 000,376,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2020/02/01 23:16:24 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020/02/01 23:16:24 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020/02/01 23:16:24 | 000,163,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2020/02/01 23:16:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020/02/01 23:16:23 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2020/02/01 23:16:23 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2020/02/01 23:16:23 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2020/02/01 23:16:23 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2020/02/01 23:16:23 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2020/02/01 23:16:22 | 000,901,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2020/02/01 23:16:22 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2020/02/01 23:16:21 | 000,421,376 | ---- | M] (curl, https://curl.haxx.se/) -- C:\WINDOWS\SysNative\curl.exe
[2020/02/01 23:16:21 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2020/02/01 23:16:20 | 003,576,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020/02/01 23:16:20 | 000,140,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys
[2020/02/01 23:16:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2020/02/01 23:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2020/02/01 23:16:19 | 000,405,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2020/02/01 23:16:19 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2020/02/01 23:16:19 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ptpprov.dll
[2020/02/01 23:16:19 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecureTimeAggregator.dll
[2020/02/01 23:16:18 | 000,531,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2020/02/01 23:16:18 | 000,402,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2020/02/01 23:16:18 | 000,398,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2020/02/01 23:16:18 | 000,156,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devobj.dll
[2020/02/01 23:16:18 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvsetup.dll
[2020/02/01 23:16:17 | 001,674,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2020/02/01 23:16:17 | 001,084,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2020/02/01 23:16:17 | 000,839,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2020/02/01 23:16:17 | 000,506,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020/02/01 23:16:16 | 000,294,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020/02/01 23:16:16 | 000,278,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2020/02/01 23:16:16 | 000,164,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin
[2020/02/01 23:16:15 | 000,758,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020/02/01 23:16:15 | 000,652,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020/02/01 23:16:15 | 000,203,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020/02/01 23:16:14 | 000,869,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2020/02/01 23:16:13 | 000,613,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2020/02/01 23:16:12 | 002,593,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020/02/01 23:16:12 | 000,415,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2020/02/01 23:16:12 | 000,118,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2020/02/01 23:16:11 | 001,191,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2020/02/01 23:16:09 | 000,513,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2020/02/01 23:16:09 | 000,141,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2020/02/01 23:16:08 | 003,333,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020/02/01 23:16:08 | 000,856,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020/02/01 23:16:07 | 001,387,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020/02/01 23:16:06 | 001,936,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2020/02/01 23:16:06 | 000,930,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2020/02/01 23:16:06 | 000,514,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2020/02/01 23:16:06 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2020/02/01 23:16:06 | 000,036,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2020/02/01 23:16:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2020/02/01 23:16:05 | 000,152,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2020/02/01 23:16:04 | 001,022,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2020/02/01 23:16:04 | 000,039,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NtlmShared.dll
[2020/02/01 23:16:03 | 000,793,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2020/02/01 23:16:03 | 000,305,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2020/02/01 23:16:03 | 000,104,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020/02/01 23:16:01 | 003,198,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2020/02/01 23:15:59 | 001,743,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2020/02/01 23:15:57 | 007,700,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020/02/01 23:15:55 | 000,865,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020/02/01 23:15:55 | 000,677,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2020/02/01 23:15:55 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2020/02/01 23:15:54 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.OneCore.dll
[2020/02/01 23:15:45 | 002,149,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2020/02/01 23:15:45 | 000,775,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2020/02/01 23:15:45 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2020/02/01 23:15:45 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2020/02/01 23:15:44 | 001,054,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2020/02/01 23:15:44 | 000,211,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2020/02/01 23:15:43 | 002,707,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020/02/01 23:15:42 | 000,605,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2020/02/01 23:15:42 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2020/02/01 23:15:42 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSTheme.exe
[2020/02/01 23:15:41 | 000,536,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2020/02/01 23:15:41 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2020/02/01 23:15:41 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2020/02/01 23:15:40 | 002,839,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2020/02/01 23:15:40 | 000,033,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NtlmShared.dll
[2020/02/01 23:15:30 | 000,090,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020/02/01 23:15:30 | 000,087,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhvr.sys
[2020/02/01 23:15:30 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020/02/01 23:15:29 | 001,258,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020/02/01 23:15:29 | 001,049,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020/02/01 23:15:29 | 000,061,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvhostsvc.dll
[2020/02/01 23:15:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinHvPlatform.dll
[2020/02/01 23:15:28 | 000,094,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2020/02/01 23:15:27 | 000,662,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2020/02/01 23:14:38 | 001,676,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2020/02/01 23:14:38 | 000,608,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2020/02/01 23:14:37 | 000,848,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2020/02/01 23:14:37 | 000,095,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2020/02/01 23:14:31 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2020/02/01 23:14:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsiAcpiClient.sys
[2020/02/01 23:14:30 | 000,131,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2020/02/01 23:14:26 | 000,520,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2020/02/01 23:14:25 | 000,234,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2020/02/01 23:14:25 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Synth3dVsc.sys
[2020/02/01 23:14:24 | 000,057,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys
[2020/02/01 23:14:23 | 000,198,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2020/02/01 23:14:22 | 000,667,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2020/02/01 18:37:23 | 021,126,712 | ---- | M] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[7 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[5 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  • 肉球
  • 2020/02/07 (Fri) 02:54:04
OTL14
[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2020/02/05 01:20:19 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2020/02/05 01:05:27 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020/02/02 21:47:19 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020/02/01 23:42:11 | 000,018,002 | ---- | C] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2020/02/01 23:19:45 | 000,860,160 | ---- | C] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin
[2020/02/01 23:16:16 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin
[2020/02/01 18:52:12 | 000,002,301 | ---- | C] () -- C:\Users\Yuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2019/03/17 19:15:27 | 000,591,832 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2019/03/17 14:48:14 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018/09/15 16:31:37 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2018/09/15 16:31:37 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2018/09/15 16:31:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2018/09/15 16:29:33 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2018/09/15 16:29:28 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2018/09/15 16:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2018/09/15 16:29:07 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2018/09/15 16:29:05 | 003,576,320 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2018/09/15 16:29:05 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2018/09/15 16:29:03 | 000,205,312 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2018/09/15 16:29:03 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2018/09/15 16:29:03 | 000,063,488 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2018/09/15 16:29:03 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2018/09/15 16:29:00 | 000,327,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2018/09/15 16:28:57 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2018/09/15 16:28:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2018/06/18 22:33:42 | 000,490,808 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2018/06/18 22:33:41 | 000,798,520 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2018/05/21 20:57:05 | 000,000,016 | ---- | C] () -- C:\ProgramData\mntemp
[2018/03/29 01:32:03 | 000,000,017 | ---- | C] () -- C:\Users\Yuu\AppData\Local\resmon.resmoncfg
[2018/02/25 15:43:43 | 000,022,912 | ---- | C] () -- C:\WINDOWS\xspirit.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2019/03/17 16:08:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2020/02/01 23:15:57 | 007,700,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2020/02/01 23:23:03 | 006,318,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018/09/15 16:28:26 | 000,969,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018/09/15 16:29:00 | 000,787,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018/09/15 16:28:29 | 000,518,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2020/02/05 01:04:27 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2019/03/17 15:05:21 | 000,000,000 | -H-D | M] -- C:\Recovery
[2017/07/22 18:24:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2017/04/12 21:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2020/02/05 23:46:48 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2017/04/12 21:20:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel\WiFi\bin\WLANProfiles
[2017/07/17 23:37:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\{423CE5CB-22CB-40B0-ABB2-FC8387A15102}
[2019/03/26 21:55:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2018/12/30 00:31:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2017/07/03 20:37:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CAE\987e6487
[2018/09/05 01:30:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\Boomerang.exe
[2018/12/30 00:30:57 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\CLMPSvc.exe
[2017/07/03 20:42:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\OLRSubmission.exe
[2018/12/30 20:01:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/12/30 20:01:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVDMovie.exe
[2017/04/12 21:31:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\Setup.exe
[2017/04/12 21:25:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2017/07/09 17:12:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerDVD\14.0
[2017/07/09 17:12:19 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerDVD\14.0
[2017/07/09 17:12:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerDVD\14.0\Boomerang
[2017/04/12 21:31:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\PowerDVD14\CEIPU
[2019/09/02 21:44:36 | 000,000,000 | -H-D | M] -- C:\ProgramData\Dell\UpdateService\Temp\1dcc1c9a11a146fd83f849650deb569a$dpx$.tmp
[2019/08/26 20:17:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\Dell\UpdateService\Temp\5936a2723efc4977b6ca543d121e31ce$dpx$.tmp
[2019/03/26 22:38:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Dell\UpdateService\Temp\75d53beeed004653aab90dbec5372fbb$dpx$.tmp
[2019/03/27 04:35:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\Dell\UpdateService\Temp\a016036595734e4d9d6239698e4db29d$dpx$.tmp
[2019/08/25 07:31:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Dell\UpdateService\Temp\bea9dbde4c844c0bba543fca3a375b9d$dpx$.tmp
[2020/02/02 03:16:43 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\Settings
[2020/02/02 03:16:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\RetailDemo
[2019/03/17 16:12:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming\Intel\Wireless\Settings
[2019/03/17 16:02:47 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2017/07/17 23:37:47 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{423CE5CB-22CB-40B0-ABB2-FC8387A15102}
[2019/03/26 21:55:49 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2018/12/30 00:31:14 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2017/07/03 20:37:14 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CAE\987e6487
[2018/09/05 01:30:16 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\Boomerang.exe
[2018/12/30 00:30:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\CLMPSvc.exe
[2017/07/03 20:42:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\OLRSubmission.exe
[2018/12/30 20:01:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/12/30 20:01:47 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVDMovie.exe
[2017/04/12 21:31:16 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\Setup.exe
[2017/04/12 21:25:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2017/07/09 17:12:47 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerDVD\14.0
[2017/07/09 17:12:19 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerDVD\14.0
[2017/07/09 17:12:21 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerDVD\14.0\Boomerang
[2017/04/12 21:31:05 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\PowerDVD14\CEIPU
[2019/09/02 21:44:36 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Dell\UpdateService\Temp\1dcc1c9a11a146fd83f849650deb569a$dpx$.tmp
[2019/08/26 20:17:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Dell\UpdateService\Temp\5936a2723efc4977b6ca543d121e31ce$dpx$.tmp
[2019/03/26 22:38:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Dell\UpdateService\Temp\75d53beeed004653aab90dbec5372fbb$dpx$.tmp
[2019/03/27 04:35:12 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Dell\UpdateService\Temp\a016036595734e4d9d6239698e4db29d$dpx$.tmp
[2019/08/25 07:31:14 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Dell\UpdateService\Temp\bea9dbde4c844c0bba543fca3a375b9d$dpx$.tmp
[2020/02/02 03:16:43 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\Settings
[2020/02/02 03:16:27 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\RetailDemo
[2019/03/17 16:12:21 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Roaming\Intel\Wireless\Settings
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\Users\Default\Roaming\Intel\Wireless\Settings
[2017/06/24 08:14:55 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData
[2017/06/24 22:23:52 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Intel\Wireless\Settings
[2017/06/24 22:23:53 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Intel\Wireless\WLANProfiles
[2017/06/24 22:24:17 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\Users\defaultuser0\Roaming\Intel\Wireless\Settings
[2020/02/02 01:08:03 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2020/02/05 01:05:27 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2019/03/17 14:55:04 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2017/07/03 20:42:20 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2017/07/03 20:42:24 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{0E664C43-955A-44a4-9262-599F535207E1}\Version\14.0
[2017/07/03 20:42:24 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{397A21FB-EADF-4116-9027-32B8FA04C3E2}\Version\8.0
[2017/07/03 20:42:20 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{6F7425F3-EB34-46b0-9B63-430203611455}\Version\14.0
[2017/07/03 20:42:24 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{748DB920-B5DD-4cdb-9EC4-5A3B61A21936}\Version
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\Users\Public\Roaming\Intel\Wireless\Settings
[2019/03/17 15:22:03 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData
[2018/02/06 21:20:54 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\MicrosoftEdgeBackups
[2018/10/25 23:43:44 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2018/10/25 23:43:44 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2019/03/17 16:13:05 | 000,000,000 | RH-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\Burn\Burn
[2018/06/15 23:05:27 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2018/06/15 23:05:27 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
[2019/03/17 16:07:45 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2017/06/24 22:31:26 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2017/06/24 22:31:26 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2017/10/26 23:05:03 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Roaming\CyberLink\MediaCache
[2017/06/24 22:31:15 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Roaming\Intel\Wireless\Settings
[2017/06/24 22:31:16 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Roaming\Intel\Wireless\WLANProfiles
[2019/03/17 15:35:01 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2018/12/27 19:23:31 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\Apple\MobileSync
[2017/04/12 21:20:23 | 000,000,000 | -H-D | M] -- C:\Users\Yuu\Roaming\Intel\Wireless\Settings
[2020/02/05 01:04:52 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2018/09/15 16:33:50 | 000,000,000 | -H-D | M] -- C:\Windows\LanguageOverlayCache
[2019/03/17 14:50:06 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2018/06/15 22:18:23 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\Roaming\Intel\Wireless\Settings
[2019/03/17 14:50:06 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2018/06/15 22:18:17 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\Roaming\Intel\Wireless\Settings
[2019/03/17 15:02:41 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\WLANProfiles

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2020/02/05 01:20:19 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2020/02/02 00:45:22 | 000,000,708 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
[2020/02/02 00:45:22 | 000,000,712 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]
  • 肉球
  • 2020/02/07 (Fri) 02:56:09
OTL15
Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST1000LM035-1RK172
Partitions: 5
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 500.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 916.00GB
Starting Offset: 659554304
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 876.00MB
Starting Offset: 984300388352
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 13.00GB
Starting Offset: 985218940928
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.00GB
Starting Offset: 998981500928
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2020/02/01 23:17:39 | 000,176,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:35 | 001,388,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2020/02/01 23:18:02 | 000,882,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2018/09/15 16:29:08 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:42 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2018/09/15 16:29:07 | 000,335,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
No service found with a name of Browser
SRV:[b]64bit:[/b] - [2018/09/15 16:28:46 | 000,095,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:07 | 001,205,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2019/08/25 01:42:58 | 000,368,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2019/08/25 01:44:41 | 000,325,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:09 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:23 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2018/09/15 16:29:08 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:57 | 000,629,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:50 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2018/09/15 16:28:39 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2018/09/15 16:28:25 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:47 | 000,579,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:47 | 000,385,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:45 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:38 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:11 | 000,774,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2018/09/15 16:28:57 | 000,104,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2020/02/01 23:19:33 | 000,927,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:07 | 001,205,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:56 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:46 | 000,057,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:24 | 000,314,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:16 | 000,279,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:14 | 000,616,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2018/09/15 16:29:27 | 000,566,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2020/02/01 23:20:53 | 000,872,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:21 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2018/09/15 16:29:32 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:44 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:10 | 000,470,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:28:58 | 001,516,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:59 | 001,929,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2020/02/01 23:17:00 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2018/09/15 16:29:13 | 000,148,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV - [2020/02/04 06:24:09 | 000,103,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:14 | 001,893,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2020/02/01 23:18:05 | 001,052,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (mpssvc)
SRV:[b]64bit:[/b] - [2020/02/01 23:24:16 | 000,651,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2019/08/25 02:31:22 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2019/08/25 02:33:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:29 | 000,228,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2020/02/01 23:16:21 | 003,000,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2018/09/15 16:28:25 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:59 | 002,633,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2019/09/04 00:27:16 | 000,290,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • 肉球
  • 2020/02/07 (Fri) 02:57:06
Extras1
OTL Extras logfile created on: 2020/02/07 1:44:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Yuu\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17763.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.90 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 34.23% Memory free
7.03 Gb Paging File | 3.71 Gb Available in Paging File | 52.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.09 Gb Total Space | 716.13 Gb Free Space | 78.17% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-9D7CG50 | User Name: Yuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
"DisableAvCheck" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = DA 0D 60 5D 8F DC D4 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
"DisableAvCheck" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E31DD3-B6BA-4EBB-AF86-D8DBCCF3CB7B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe |
"{3A022B7E-18F7-4536-AC78-954E17853E3B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
  • 肉球
  • 2020/02/07 (Fri) 03:01:23
Extras2

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039A12A1-299D-4B00-B6C5-0788DF3DFED8}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{04C5041B-73AC-4DDA-8557-CA9B0CAF85AF}" = dir=in | app=c:\program files\common files\mcafee\mmsshost\mmsshost.exe |
"{05374F08-8DE1-43D0-9905-58C231FB9439}" = dir=out | name=office |
"{05D4D4A8-8440-435D-8290-DECF83127349}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{06DB1F9D-05DA-4295-A3D5-CC4C6F5BABA3}" = protocol=17 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{0980F962-C4F5-4940-ABF9-C1DCDB3E9A7F}" = dir=in | name=@{microsoft.zunevideo_10.20011.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0B0F4D8C-875F-4DD1-B074-C1D04E52C763}" = dir=out | name=@{microsoft.windowsmaps_5.1909.2813.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{0CCF2610-5D13-4B87-AB56-96562753A12D}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.106.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{0EFF7E77-6E1C-4598-88EF-B9B1F09E85F1}" = dir=out | name=@{microsoft.bingweather_4.34.13393.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{12513B95-5B6C-471E-8FC1-6AA9FCC499D5}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{172803B2-2877-4A00-95FA-3B481636AF39}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{18D103A6-51E2-4524-8E96-21E3729E5DE6}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{19CF1CCB-F842-484A-B275-05CA9F0B2F0F}" = dir=out | name=windows_ie_ac_001 |
"{1A240C34-6C49-4554-A8E3-F61E4CF26BCC}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1BCC2026-8295-4B7D-8010-7E66438B8680}" = dir=out | name=@{microsoft.bingnews_4.35.20273.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{1C454F20-682F-418A-A1A7-B776006DA14A}" = dir=out | name=@{microsoft.windowscalculator_10.1910.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{1C5387BE-548D-4916-A0AC-0828CA5699CA}" = dir=in | name=@{microsoft.windowsstore_12001.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{1E1BD4D2-8B0F-4930-8600-8E829C848D67}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{1F1D67D9-5144-4DF7-8CB5-93325AC86F84}" = dir=out | name=@{microsoft.windows.photos_2019.19081.22010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{20C0FCB8-B718-439E-A951-6AAB0A23FD05}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\itunes.exe |
"{25670D8B-E49E-46CD-84B0-2C448FFA51DD}" = dir=in | name=@{microsoft.windows.cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{2567F422-032E-44A3-BE84-0525565C745A}" = dir=out | name=@{microsoft.zunemusic_10.20011.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2A19083D-DC0D-4A82-B5BF-D952B40EBB5A}" = dir=in | name=@{microsoft.zunemusic_10.20011.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2B6C5F9D-0F77-42D9-99CB-B7838518EBC9}" = dir=in | app=c:\program files (x86)\cyberlink\cyberlink media suite\powerdvd14\powerdvd.exe |
"{319C8C37-7086-456B-8A87-C8E73C41EA2A}" = dir=out | name=autodesk sketchbook |
"{32898C1B-9243-49CB-BA69-E0C2BF7282CA}" = dir=in | name=print 3d |
"{38532E2B-E256-458B-99A8-F481F1E3273D}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{38EEEDAC-008A-43DC-BC23-954890EDCCBE}" = dir=out | name=onenote |
"{39540F98-54A0-4B65-800A-FBCD1E648F18}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\itunes.exe |
"{399013AD-A54B-4ADA-B93B-C006D3DBA973}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{3E0D2000-73BB-489D-98A4-70750A37EB64}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{40A8947E-CCB3-4075-9B8E-F8DCDC9BAC51}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{439E5056-EE95-4450-88B3-C0409AF42E60}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{43D0A726-09B3-4609-A580-6AB533EE3A32}" = dir=in | name=@{a278ab0d.marchofempires_4.5.2.1_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{455C8249-7ED8-4FD5-BC9C-86EBD3AB002E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4AE04488-8C69-4E7D-BC0D-6342DBF15A2F}" = dir=in | name=dell supportassist for home pcs |
"{4BEEC8B9-3449-4D22-89CC-CFEC8A518E28}" = dir=in | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{4E85B257-1774-43A8-9647-4BEDC0FE9226}" = dir=out | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{55FF61F2-EAB1-4D67-8ED7-78C5FAD55547}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{57638ED9-8E7C-4370-8C1D-5ECF1378D104}" = dir=out | name=@{microsoft.xboxidentityprovider_12.58.1001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{579E05F3-87DA-4BAF-9120-09387399583E}" = dir=in | name=netflix |
"{5D94A7E6-1A96-4F28-8ED2-8FCAA0B516E0}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{60391424-AB18-4E5D-8529-0B301751F94B}" = dir=out | name=dell supportassist for home pcs |
"{62D7A0B2-AC0A-4374-997D-33C0567026C6}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{634BF67A-70DF-4720-B6DF-4603757F5868}" = dir=in | name=onenote |
"{642DFD0E-EC5F-4871-B1ED-5924B2D5FF79}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{6B53F8CF-366B-442D-9C7B-CF8AA1AB9466}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{6B665312-6006-437F-B4A0-734E17D2F351}" = dir=out | name=@{king.com.bubblewitch3saga_6.5.8.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} |
"{6C6825F2-FB72-4FEF-A707-4861EB1CB24A}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6EB62AFF-154E-46D8-9038-438222F1BA25}" = dir=out | name=@{microsoft.mspaint_6.1907.18017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{70BEAD2F-4334-4E5E-9D15-56C73F3F3245}" = dir=out | name=@{microsoft.windowscamera_2019.926.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{71B72885-3F08-48ED-89D1-4131417F7087}" = dir=out | name=xbox tcui |
"{731C9CD7-F708-44FB-98C6-931906E1513A}" = dir=in | name=@{microsoft.windows.photos_2019.19081.22010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{739B7008-172D-4C93-919D-548C0C6261D7}" = dir=out | name=@{a278ab0d.marchofempires_4.5.2.1_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{761C5257-DF82-4F87-AEEB-0EA9B789DAE1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{770369E8-319C-465F-8CB8-B0178041F5E1}" = dir=out | name=print 3d |
"{7856FFBA-1185-42CF-A822-9C02250D0F10}" = dir=out | name=@{microsoft.mixedreality.portal_2000.19101.1211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{78C0205C-801B-4EEC-A585-4AD99F980F3C}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{78C162BD-2EFC-4F1E-BBC8-0760DC5FAD16}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{791BD363-43D2-434C-861A-A8471C06D7D5}" = dir=in | name=3d builder |
"{7B392D52-EB61-48EC-8273-1BDC456BB9E4}" = dir=out | name=@{microsoft.xboxapp_48.59.13001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{7BDCAB69-1151-43B2-A8E4-5781D3520FFD}" = dir=out | name=3d builder |
"{873DAB70-A660-4815-ADC2-38AFE7CE23E9}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{8BEB1061-23AE-456E-B4D7-C4BB0B33FB13}" = dir=out | name=@{microsoft.windowsstore_12001.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8D65E626-E93B-4636-B579-ABBB7F9DA396}" = dir=out | name=shell input application |
"{8DA3AE5D-DA39-4F58-B781-D0380CD2DCCC}" = dir=out | name=xbox game bar |
"{8F6682A3-51A1-4871-B683-E3EE3D273827}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{901910A8-0FA5-4006-9156-100A438820C0}" = dir=out | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9261809A-18A7-4124-96C9-BD23966F3F0A}" = dir=out | name=@{microsoft.oneconnect_5.1911.3171.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{93E3B0F9-1FDE-4B9E-BF6C-141995879836}" = dir=out | name=@{microsoft.windows.cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{972E020C-5D4D-47A0-A362-38B0C024BD5F}" = dir=out | name=@{microsoft.microsoft3dviewer_7.1908.9012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{9FDFC23E-8A8A-4FED-9559-353D907C83CF}" = dir=in | app=c:\program files (x86)\common files\mcafee\mmsshost\mmsshost.exe |
"{A3BDA7C9-FED7-4F89-BF02-3CC583B2B851}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{A529A9B8-76BB-4569-B7FB-BC0A9DC58343}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.17763.1_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{A59347D9-44E9-4659-BB8D-67CAC1EA77FE}" = dir=out | name=microsoft solitaire collection |
"{A6113ED0-9D9F-40E0-9EED-3724D50A769F}" = dir=in | app=c:\program files (x86)\cyberlink\cyberlink media suite\powerdvd14\movie\powerdvdmovie.exe |
"{AF977D53-0D86-4C62-8E5A-A11AD28972FB}" = dir=out | name=line |
"{B0EC6759-16BA-4824-B3E8-9C3BAC13587D}" = dir=in | name=@{microsoft.microsoftedge_44.17763.831.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{B7907026-9BEB-4440-BAFD-360E5447A438}" = dir=in | name=autodesk sketchbook |
"{B7CA8EB6-DBF4-4FB8-8C7F-C61E8E2A428C}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{B8A9794B-EA51-49AB-A350-F8126894DFE5}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\itunes.exe |
"{B8C0075B-562A-4837-AEC5-F220B16B24CB}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{B8C7C68F-171C-45C0-99D0-E726FEBF66FF}" = dir=in | app=c:\program files (x86)\cyberlink\cyberlink media suite\powerdvd14\movie\powerdvd cinema\powerdvdcinema.exe |
"{BD4E5794-8052-43E5-B389-A3D9B2CA660C}" = dir=out | name=@{microsoft.storepurchaseapp_12001.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{BDA5C003-FCF2-4B64-85CE-4F9BD372D81F}" = dir=out | name=@{microsoft.people_10.1909.3457.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{BF9F1145-C748-4D6F-945E-3673F2973611}" = dir=in | name=@{microsoft.oneconnect_5.1911.3171.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{BFCBDDF7-A0DB-4398-AC91-5A5482F83F5F}" = dir=in | name=microsoft solitaire collection |
"{CA4024F1-DA26-4703-B81B-588EF206B773}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CA82F723-4A81-4362-8168-7528F92FD0D0}" = dir=in | name=xbox game bar |
"{CBD2F0B8-EE13-477B-AA94-726FEE81B900}" = dir=out | name=xbox game bar plugin |
"{CBD828D2-636D-450B-809A-618CC35B4254}" = dir=out | name=@{microsoft.microsoftedge_44.17763.831.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{CC48B32A-026D-44CF-8E9F-8D9FCC51C716}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{CD4AEEB7-D75F-45D5-B0DF-AC00F6E4ED62}" = dir=in | name=@{microsoft.xboxapp_48.59.13001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{CE6A23B5-FBB2-4391-98B9-1C33BC4864FD}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.106.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{D1E94203-DFC3-4219-855E-2365B5352920}" = dir=out | name=netflix |
"{D3C6D80C-6B68-4E85-9A77-1AE8FB136262}" = dir=in | name=skype |
"{D470210D-5AEE-4526-B587-62CE6CA7C7F7}" = dir=out | name=@{microsoft.lockapp_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{D5BE7C99-A7BC-4669-8738-F0F15E872390}" = dir=out | name=microsoft pay |
"{DA0D72CC-379E-498D-8C50-E9078316D3B6}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{DB3F85F7-AE77-4A29-814A-E7B95A24C596}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{E0E41C92-DE17-4992-B4B0-EB464F4649FB}" = dir=out | name=@{828b5831.hiddencitymysteryofshadows_1.33.3301.0_x86__ytsefhwckbdv6?ms-resource://828b5831.hiddencitymysteryofshadows/resources/appname} |
"{E1628D04-286B-4C0D-8E8C-E3C781E751D2}" = dir=out | name=@{microsoft.gethelp_10.1909.22691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{E401350D-C453-49FC-A81E-0A6EB1E09090}" = dir=out | name=@{microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{E418F392-D0E0-4DD4-B6CF-B16453DACE2F}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{E45CBB63-F6CB-46D4-8CCF-F4D3B9391EF6}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12104.2.43056.0_x64__nzyj5cx40ttqa\itunes.exe |
"{E6043EFD-A4E5-4546-835F-B40C69D9717A}" = dir=out | name=cyberlink media suite essentials |
"{E68C5BC4-624C-4D48-A48D-34706D0E58D0}" = dir=out | name=@{microsoft.accountscontrol_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{E6A9F75F-053F-47F2-A69C-A07BEB9B7B30}" = dir=out | name=skype |
"{ECD872B6-100C-4B0F-A369-14F768D3EB2A}" = dir=in | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{F2F70B4B-BE23-40D3-B159-5BB9F07C62D9}" = protocol=6 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{F49BE2ED-0866-495B-9BE8-D4EE8F074829}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{F8A543BD-DA14-4CDB-80B4-ACE2BD1102AC}" = dir=out | name=candy crush soda saga |
"{F94DFB50-5D64-4351-827E-16C4F927B347}" = dir=in | name=@{microsoft.yourphone_1.19122.138.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{FD748328-DAD8-4DC4-BC56-2CE219890D08}" = dir=out | name=@{microsoft.zunevideo_10.20011.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{FDF91D70-3423-410F-A16E-17F616308CBB}" = dir=out | name=@{microsoft.yourphone_1.19122.138.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F01829-4C5A-41B0-8198-0BDD02B34C47}" = SmartByte Drivers and Services
"{07AC08CE-C63D-4FAE-B215-F53E13EA005F}" = Intel® PROSet/Wireless WiFi Software
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{2DFD8316-9EF1-3210-908C-4CB61961C1AC}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{307032B2-6AF2-46D7-B933-62438DEB2B9A}" = Maxx Audio Installer (x64)
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 4.0.4.49
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{48114909-3C3B-43E6-BF98-AE9C396500A3}" = の商品登録
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5832D99C-C9C6-437F-861C-43ED6333956F}" = Dell SupportAssist Remediation
"{59263072-45a7-4c69-b7d2-8d70a2392972}" = Intel(R) PRO/Wireless Driver
"{6574B7E5-BC77-4EE6-8319-C18FD8B0C960}" = Intel(R) Management Engine Components
"{6CAEAB4F-2B43-485A-B7F9-AFC2D88BD7A3}" = Microsoft VC++ redistributables repacked.
"{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}" = Dell Update - SupportAssist Update Plugin
"{75FE588B-F158-4BB3-A283-A8D18E522A52}" = Intel® Trusted Connect Service Client
"{7E780845-303D-4B46-9746-9D49D94D16AB}" = デルのヘルプとサポート
"{81520FC5-3518-40E9-9803-70CE8A801D07}" = Intel(R) Chipset Device Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}" = True Color
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}" = Intel(R) Serial IO
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC4709F9-831D-4EDD-B8E8-83AC7C563B66}" = Intel(R) Management Engine Components
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B7682259-63F5-42FA-933B-ACD343CF7049}" = Dell SupportAssist
"{BB109E24-EE90-485B-A28B-ADDEFB40540B}" = Apple Application Support(64 ビット)
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}" = True Color XML Tables
"{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}" = Intel(R) Rapid Storage Technology
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"{FBC819D6-78B6-49AB-931E-3D127D43BE64}" = Intel(R) Serial IO
"CCleaner" = CCleaner
"HomeBusinessPipcRetail - ja-jp" = Microsoft Office Home and Business Premium - ja-jp
"PC-Doctor for Windows" = Dell SupportAssist
"VulkanRT1.0.33.0" = Vulkan Run Time Libraries 1.0.33.0
"VulkanRT1.0.54.1" = Vulkan Run Time Libraries 1.0.54.1
"VulkanRT1.0.54.1-2" = Vulkan Run Time Libraries 1.0.54.1
"VulkanRT1.0.54.1-3" = Vulkan Run Time Libraries 1.0.54.1
"VulkanRT1.0.65.1" = Vulkan Run Time Libraries 1.0.65.1
  • 肉球
  • 2020/02/07 (Fri) 03:03:22
Extras3


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000010-0200-1041-84C8-B8D95FA3C8C3}" = インテル(R) ワイヤレス Bluetooth(R)
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{1AB26641-D555-4648-B08B-676F707A0B1B}" = Microsoft VC++ redistributables repacked.
"{1dbe752f-b00e-4567-9276-141812b20d28}" = Dell Update - SupportAssist Update Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
"{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}" = CyberLink Power Media Player 14
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{35BEC446-269E-42E4-8EED-191A38CCFF3D}" = Dell Customer Connect
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{48253a97-70d4-4166-9a2b-80b3bb2fcc75}" = Dell SupportAssist Remediation
"{4B38FF9D-7308-411D-93BF-CCF259B476ED}" = Dell Digital Delivery
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5EBBC1DA-975F-44A0-B438-F325BCD45577}" = Dell Update
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}" = Intel(R) Dynamic Platform and Thermal Framework
"{6BADCD73-E925-46F7-A295-FF2448632728}" = CyberLink PowerDirector 14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}" = Dropbox 20 GB
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0411-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a914536c-bd41-479c-96aa-dee4a9639c22}" = インテル® PROSet/Wireless ソフトウェア
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918
"{bb0592a7-5772-4736-9d55-2402740085db}" = インテル® チップセット デバイス ソフトウェア
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD9CFD69-EB91-354E-9C98-D439E6091932}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918
"{bf377b78-c440-4ce9-a962-2fde04e6d4cd}" = TrueColorXMLTables
"{c38d939e-31d4-44fa-a07a-d28915046b7d}" = True Color
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}" = CyberLink Media Suite 12
"{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}" = Apple Application Support(32 ビット)
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Windows 10 Update Assistant
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Realtek PC Camera
"{E7086B15-806E-4519-A876-DBA9FDDE9A13}" = Qualcomm 11ac Wireless LAN&Bluetooth Installer
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player PPAPI" = Adobe Flash Player 32 PPAPI
"Google Chrome" = Google Chrome
"InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}" = Dellの商品登録
"InstallShield_{7E780845-303D-4B46-9746-9D49D94D16AB}" = デルのヘルプとサポート
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"proDAD-Adorage-3.0" = proDAD Adorage 3.0
"SuddenAttack" = サドンアタック

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2806530908-1018325289-3460742715-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2020/02/05 8:45:00 | Computer Name = DESKTOP-9D7CG50 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: backgroundTaskHost.exe、バージョン: 10.0.17763.1、タイム
スタンプ: 0x6fe3727f 障害が発生しているモジュール名: twinapi.appcore.dll、バージョン: 10.0.17763.973、タイム
スタンプ: 0x0d83a788 例外コード: 0xc000027b 障害オフセット: 0x00000000000bd578 障害が発生しているプロセス ID: 0x1334
障害が発生しているアプリケーションの開始時刻:
0x01d5dc21d1adb947 障害が発生しているアプリケーション パス: C:\WINDOWS\system32\backgroundTaskHost.exe
障害が発生しているモジュール
パス: C:\Windows\System32\twinapi.appcore.dll レポート ID: 4b5a4a9e-49c3-488f-8b94-dc5aff95f813
障害が発生しているパッケージの完全な名前:
DellInc.DellSupportAssistforPCs_3.4.8.0_x64__htrsf667h5kn2 障害が発生しているパッケージに関連するアプリケーション
ID: App

Error - 2020/02/05 8:48:45 | Computer Name = DESKTOP-9D7CG50 | Source = ESENT | ID = 489
Description = CCleaner64 (828,G,0) ?読み取るためにファイル "C:\Users\Yuu\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
を開こうとしましたが、システム エラー 32 (0x00000020): "プロセスはファイルにアクセスできません。別のプロセスが使用中です。 " が発生したため開けませんでした。ファイルを開く処理は、エラー
-1032 (0xfffffbf8) のため失敗します。

Error - 2020/02/05 20:38:36 | Computer Name = DESKTOP-9D7CG50 | Source = Service1 | ID = 0
Description = PowerEvent の処理に失敗しました。発生したエラーは: System.ArgumentOutOfRangeException:
タイムアウトの時間間隔は 2^32-2 未満でなければなりません。 パラメーター名:dueTm 場所 System.Threading.Timer..ctor(TimerCallback
callback, Object state, TimeSpan dueTime, TimeSpan period) 場所 OTBSurvey.Controller.SetSurveyRequestTimer()

場所 OTBSurvey.OTBSurveyService.OnPowerEvent(PowerBroadcastStatus powerStatus)
場所 System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr
eventData) です。

Error - 2020/02/05 23:47:05 | Computer Name = DESKTOP-9D7CG50 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2020/02/05 23:47:05 | Computer Name = DESKTOP-9D7CG50 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15625

Error - 2020/02/05 23:47:05 | Computer Name = DESKTOP-9D7CG50 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15625

Error - 2020/02/06 6:23:12 | Computer Name = DESKTOP-9D7CG50 | Source = Service1 | ID = 0
Description = PowerEvent の処理に失敗しました。発生したエラーは: System.ArgumentOutOfRangeException:
タイムアウトの時間間隔は 2^32-2 未満でなければなりません。 パラメーター名:dueTm 場所 System.Threading.Timer..ctor(TimerCallback
callback, Object state, TimeSpan dueTime, TimeSpan period) 場所 OTBSurvey.Controller.SetSurveyRequestTimer()

場所 OTBSurvey.OTBSurveyService.OnPowerEvent(PowerBroadcastStatus powerStatus)
場所 System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr
eventData) です。

Error - 2020/02/06 12:31:40 | Computer Name = DESKTOP-9D7CG50 | Source = .NET Runtime | ID = 1026
Description =

Error - 2020/02/06 12:31:41 | Computer Name = DESKTOP-9D7CG50 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: DeliveryService.exe、バージョン: 3.5.2013.0、タイム スタンプ:
0x5d025c33 障害が発生しているモジュール名: KERNELBASE.dll、バージョン: 10.0.17763.914、タイム スタンプ: 0x6cc9b5fd
例外コード:
0xe0434352 障害オフセット: 0x001219b2 障害が発生しているプロセス ID: 0x137c 障害が発生しているアプリケーションの開始時刻: 0x01d5dd0ae863119c
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 障害が発生しているモジュール
パス: C:\WINDOWS\System32\KERNELBASE.dll レポート ID: ab464bba-aab4-4d46-902b-cfc479a5a80b
障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2020/02/06 12:47:27 | Computer Name = DESKTOP-9D7CG50 | Source = VSS | ID = 8193
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 2020/02/06 6:23:28 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 6:27:13 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:21:05 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:28:31 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:28:31 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:30:29 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:30:29 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:30:29 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =

Error - 2020/02/06 12:31:49 | Computer Name = DESKTOP-9D7CG50 | Source = Service Control Manager | ID = 7034
Description = Dell Digital Delivery Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 1
回目です。

Error - 2020/02/06 12:39:53 | Computer Name = DESKTOP-9D7CG50 | Source = DCOM | ID = 10016
Description =


< End of report >
  • 肉球
  • 2020/02/07 (Fri) 03:04:43
Re:
ログのほう確認お願いします。
大量で大変だと思いますがどうぞよろしくお願いします。
  • 肉球
  • 2020/02/07 (Fri) 03:08:34
セキュリティソフトが稼働していないですね
ログを確認しました。
MBAMやACが削除されずに残っていますが、継続して使う場合は誤検出に注意してください。

ログを見たところ、マルウェアと思しきものは見つかりませんでしたが、セキュリティソフトが動作を停止しているのを確認しています。
現状ではWindows Defenderがそれに該当するでしょうから、以下の手順で有効にしてみてください。

スタートボタンを押し、設定を開きます。
更新とセキュリティ→Windows セキュリティの順番でクリックします。
ウイルスと驚異の防止と言う項目を開いてください。
こちらでWindows Defenderが有効になっているかご確認ください。
有効になっていない場合、こちらを有効に変更してください。

さて、ログを見たところPC側への感染はありませんでしたので、別方面から切り崩していきたいと思います。
スマートフォン等をご自宅のWi-Fiでご利用になられた時、同じような広告がたまに表示されたりしないでしょうか?
  • IVNO
  • 2020/02/07 (Fri) 17:39:00
Re: ウイルスなのか判断つかず相談を、、、
Windows Defenderは有効のままで作業していて、確認してみても有効になっているのですがこれは表示が有効になっているだけで実際にはきのうしていないということなのでしょうか?

スマホでは覗くサイトによりけりですが、マンガサイトなのど広告が表示されますが、PCに表示されるような広告が表示されたりすることはないです。
  • 肉球
  • 2020/02/07 (Fri) 23:28:03
となるとやれることは少ないですが
OTLのログ上では、アンチウイルスの検出機能が無効に設定されていました。
現状でアンチウイルスが正常に動作しているのであれば、そちらはOTLの問題ですので、PC側には特に問題はありません。
その説明から察するに、現状ではPC固有の問題のようですね。
となると、残された手立ては少ないですが、追加で一つ質問させていただきます。
ここに来る以前に、マルウェアと思われるものを自力でアンインストールしたでしょうか?
もし自力でアンインストールした場合、マルウェアと言うのは大半が表面上だけ消えるように作られていますので、見た目だけアンインストールされ、本体はそのままと言う状況に陥ります。
もし自力でアンインストールされたのであれば、これが原因で追跡できなくなっている可能性が高いです。
その場合は一応アンインストールされていますので、見た目上はなくなっているため、現状では処置は難しいとなります。
そうなると、残された手立ては以下の4つになります。

手立て1. 自力で探して手動駆除
手立て2. 遠隔操作ソフトを用いて私が遠隔操作により探し出して手動駆除
手立て3. Windows 10のインストールメディアを作成してWindows 10を入れ直す
手立て4. Windowsを入れ直すのも手間だと開き直ってそのまま使う

手動駆除を行う場合、プロセスから追跡が可能です。
Windows 10を入れなおす場合、最低でもCドライブに入っているデータはすべて消えます。
そのため、マルウェアも同時に消えることになります。
自力で何かをアンインストールしたと言うのであれば、上記選択肢をご検討ください。
  • IVNO
  • 2020/02/08 (Sat) 01:25:23
Re: ウイルスなのか判断つかず相談を、、、
マルウェアと思われるものは自分で削除したことはありません。

あと表示される広告に設定画面のようなものがあったのでそれを開いてみたら、chromeからの通知をoffにするとあって、それをoffにしたところ広告が表示されなくなったのですが、chromeにもなにか広告を表示させる機能があるんですか?
これが原因で表示されていたということですかね?
  • 肉球
  • 2020/02/08 (Sat) 21:40:01
そうでしょうね
psdrunner.comと言うのは、Chromeの拡張機能に潜り込むタイプのマルウェアが、広告として表示させることもあります。
ただ、OTLのログではそれらしいものが表示されませんでしたので、混乱を避けるため書いていませんでした。
この広告は、インストール型のマルウェアでも表示されることがあり、どちらが原因か判明しなかったということですね。
Chromeが原因と判明したのであれば、話は早いです。
現在Chromeに導入されている拡張機能を削除すれば、元を断つことが可能であると思われます。
ただ一部には、Chrome本体に感染してChromeの正規ファイルに偽装するマルウェアもいますので、そこの部分に関してはどちらが原因であるかは定かではありません。
確実なのは、まずChrome内部から拡張機能をすべて削除し、その後GUを使ってChrome本体を一度完全にアンインストールし、以下公式ページからChromeの再インストールを行うことです。
https://www.google.com/intl/ja_jp/chrome/
  • IVNO
  • 2020/02/09 (Sun) 02:10:26
Re:
拡張子を削除し、GUでアンインストールしてURLからchromeを新規DLしました。
現在は広告などの表示はなくなりました!

あと質問なんですがマカフィーのウェブアドバイザーは有益なソフトなんですかね?
  • 肉球
  • 2020/02/11 (Tue) 09:47:02
あれはなかなか評判が良いです
症状が安定したようで何よりです。
マカフィーウェブアドバイザーは、ブラウザの保護で言うなら定評のあるプラグインの一つです。
https://www.mcafee.com/consumer/ja-jp/store/m0/catalog/mwad_528/mcafee-web-advisor.html
利用者もそれなりにいますね。
しかし、すべてのマルウェアを防げるわけではないどころか、既知のマルウェアもちょこちょこ素通しするので、過信は禁物です。
既知のマルウェアに強いのであれば、アバストオンラインセキュリティですね。
https://www.avast.co.jp/avast-online-security
ただ、アバストの場合は未知のマルウェアに弱い傾向がありますので、その辺は一長一短です。
最終的には、自衛に勝るセキュリティは存在しないということですね。
  • IVNO
  • 2020/02/11 (Tue) 18:53:57
Re
返信遅くなりました。
ふむふむ、では今のところ広告などが表示されるのおさまったので、あとは解析に使ったソフトなどを整理してしまっていいですか?
ほかに何か対策しておいたほうがいいことなどもありますか?
  • 肉球
  • 2020/02/15 (Sat) 01:13:25
ほかですか
解析に使った各種ソフトウェアは、導入時の案内に従って削除なされてください。

ほかの対策としてはほぼ自衛策となるのですが、まずはWindows Defender以外のセキュリティソフトを導入されてみてはいかがでしょうか。
Windows Defenderには、ブラウザ監視やメール監視がなく、感染してから動き出しますので、事前に防げる他社セキュリティソフトの方が、感染しにくくなります。
それ以外には自衛策となり、非常に感染しやすいマルチメディア系ソフトウェアのインストールを控えるとか、Softonicのような確実に感染させてくる二次配布サイトを避け、公式ページからダウンロードするとか、そう言った類の感染を回避する意識が、そのまま対策の一つとなります。
あとはJavascriptの動作を規制するとかの非常に強力な措置もなくはないですが、これは閲覧するサイトによっては利便性や見た目の大部分が犠牲になるため、それをするかどうかについては判断を委ねたいと思います。
現状ではこんなところでしょうか。
  • IVNO
  • 2020/02/15 (Sat) 02:31:35
Re: ウイルスなのか判断つかず相談を、、、
わかりました。
ではあとは自分でセキュリティソフトを何入れるか考えてみます!
どうもお世話になりました。
  • 肉球
  • 2020/02/19 (Wed) 01:30:30

返信フォーム






プレビュー (投稿前に内容を確認)