悪代官の伏魔殿掲示板
リダイレクト?
お久しぶりです。以前ここでお世話になりましたペソネと申します。
今回はリダイレクト被害について相談させてください。

ネット閲覧中に、急に別のタブが開いて
https://win-great-prizes-now2.life/?u=ln18ekm&o=h0nelu9&t=trf1に接続し始めました
URL名の通り、当選詐欺臭かったので、すぐにタブを閉じ
Virustotalで検索したところ、案の定カスペルスキーが有害判定していたサイトのようでした。

そこでAdwcleanerを実行したり、Malwarebytesや
Windows Defender、セキュリティ対策ツールでフルスキャンしてみた結果
何も脅威は検出されませんでしたが、今までこのようなことは無かったので不安です。

どうかお知恵を貸していただけませんか。
ご迷惑をおかけしますがよろしくお願いします。

  • ペソネ
  • 2020/11/14 (Sat) 17:28:56
Re: リダイレクト?
HJTログ
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:13:24, on 2020/11/14
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:

F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.68\BHO\ie_to_edge_bho.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_52e255e - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @oem6.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: @oem34.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
O23 - Service: @oem42.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem42.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TmWscSvc - Trend Micro Inc. - C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8273 bytes

CCログ
3D ビューアー Microsoft Corporation 2020/10/02 7.2009.29132.0
BUFFALO エアステーション設定ツール BUFFALO INC. 2020/05/19 2.69 MB 2.0.19
CCleaner Piriform 2020/11/14 5.74
HEIF 画像拡張機能 Microsoft Corporation 2020/10/02 1.0.32532.0
Intel(R) Management Engine Components Intel Corporation 2019/12/17 1920.12.0.1273
Intel(R) Processor Graphics Intel Corporation 2020/09/29 26.20.100.7870
Intel® Graphics Control Panel INTEL CORP 2020/02/28 3.3.0.0
iPod Support Apple Inc. 2020/01/06 51.6 MB 120.7.3.55
iTunes Apple Inc. 2020/10/24 12109.10002.53004.0
Malwarebytes version 4.2.3.96 Malwarebytes 2020/11/14 4.2.3.96
Microsoft Edge Microsoft Corporation 2020/11/13 86.0.622.68
Microsoft Pay Microsoft Corporation 2019/12/17 2.4.18324.0
Microsoft Store Microsoft Corporation 2020/10/27 12010.1001.3.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2020/11/08 12011.1001.1.0
Microsoft Update Health Tools Microsoft Corporation 2020/09/30 1.18 MB 2.68.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/03/08 4.84 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2018/03/08 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2018/03/08 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2018/05/11 9.54 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2018/03/08 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2019/12/17 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2019/12/17 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2019/12/17 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2019/12/17 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2019/12/17 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 Microsoft Corporation 2019/12/17 22.3 MB 14.0.22816.0
Microsoft 付箋 Microsoft Corporation 2020/08/07 3.7.142.0
Mixed Reality ポータル Microsoft Corporation 2020/09/17 2000.20081.1312.0
Mozilla Firefox 82.0.3 (x64 ja) Mozilla 2020/11/10 207 MB 82.0.3
Mozilla Maintenance Service Mozilla 2019/12/18 547 KB 68.3.0
MPEG-2 ビデオ拡張機能 Microsoft Corporation 2019/12/17 1.0.22661.0
Music Center for PC Sony Home Entertainment & Sound Products Inc. 2020/08/05 248 MB 2.3.0.07060
NEC MFKB Driver NEC Personal Computers, Ltd. 2019/12/17 77.0 KB 1.19.1314
NX PAD Driver ELAN Microelectronic Corp. 2019/12/17 15.16.11.3
People Microsoft Corporation 2020/04/19 10.1909.10841.0
Print 3D Microsoft Corporation 2019/12/17 3.3.791.0
Realtek Card Reader Realtek Semiconductor Corp. 2019/12/17 14.6 MB 10.0.15063.21300
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2019/12/17 6.0.1.8125
VP9 ビデオ拡張機能 Microsoft Corporation 2020/10/02 1.0.32521.0
Web メディア拡張機能 Microsoft Corporation 2019/12/17 1.0.20875.0
Webp 画像拡張機能 Microsoft Corporation 2020/10/23 1.0.32731.0
Xbox Game Bar Microsoft Corporation 2020/11/08 5.420.10222.0
Xbox Game bar Microsoft Corporation 2020/06/13 1.54.4001.0
Xbox Game Speech Window Microsoft Corporation 2019/12/17 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 2020/08/07 12.67.21001.0
Xbox Live Microsoft Corporation 2019/12/17 1.24.10001.0
Xbox コンソール コンパニオン Microsoft Corporation 2020/10/27 48.70.21001.0
アプリ インストーラー Microsoft Corporation 2019/12/17 1.0.32912.0
アラーム & クロック Microsoft Corporation 2020/10/27 10.2009.5.0
インテル® グラフィックス・コマンド・センター INTEL CORP 2020/10/05 1.100.2765.0
カメラ Microsoft Corporation 2020/10/02 2020.504.60.0
スマホ同期 Microsoft Corporation 2020/11/08 1.20101.97.0
セキュリティ対策ツール 西日本電信電話株式会社 2020/04/02 450 MB 16.11
セキュリティ対策ツール 西日本電信電話株式会社 2020/04/02 16.11
デバイス製造元からの HEVC ビデオ拡張機能 Microsoft Corporation 2020/10/13 1.0.32762.0
ヒント Microsoft Corporation 2020/11/08 9.12.32951.0
フィードバック Hub Microsoft Corporation 2019/12/18 1.1907.3152.0
フォト Microsoft Corporation 2020/09/24 2020.20090.1002.0
フォト メディア エンジン アドオン Microsoft Corporation 2019/12/24 1.0.0.0
ペイント 3D Microsoft Corporation 2020/10/05 6.2009.30067.0
ボイス レコーダー Microsoft Corporation 2020/10/27 10.2009.2.0
マップ Microsoft Corporation 2020/10/27 10.2009.2.0
メッセージング Microsoft Corporation 2019/12/17 4.1901.10241.1000
メール/カレンダー Microsoft Corporation 2020/10/02 16005.13228.41011.0
モバイル通信プラン Microsoft Corporation 2020/10/27 5.2010.2962.0
切り取り & スケッチ Microsoft Corporation 2020/09/11 10.2008.2277.0
問い合わせ Microsoft Corporation 2020/06/13 10.2004.31291.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2020/10/15 18362.27.85.0
映画 & テレビ Microsoft Corporation 2020/10/09 10.20082.10421.0
電卓 Microsoft Corporation 2020/10/23 10.2009.4.0

バージョン
Microsoft Windows [Version 10.0.18363.1198]
  • ペソネ
  • 2020/11/14 (Sat) 17:35:47
Re: リダイレクト?
hostsファイルも問題ありませんでした。
  • ペソネ
  • 2020/11/14 (Sat) 17:55:12
ただの広告リダイレクトと思いますが
こんばんは。
前回は下記スレで来られた方ですね。
http://akudaikan-0.bbs.fc2.com/?act=reply&tid=7775900

>ネット閲覧中に、急に別のタブが開いて

リダイレクトですね。
そのタブが開いたときに閲覧していたサイトのURLもわかれば次回に貼っておしえてください。
わからなければそのことだけ教えてくれればいいです。

>Adwcleanerを実行したり、Malwarebytesや
>Windows Defender、セキュリティ対策ツールでフルスキャンしてみた結果
>何も脅威は検出されませんでしたが

広告誘導のリダイレクトされただけなら変なモノをくらってなければ感染はしないはずですが、HJTとインストール情報ログを見せてもらった範囲では怪しいものは見えませんね。
順番に調べてみましょうか。
以前のスレでの手順も参考に進めましょう。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
https://www.piriform.com/ccleaner/builds
最新バージョンの「ポータブル版」(Portable)をダウンロード後、解凍して起動してください。
片付けるときはそのフォルダを削除すればいいです。
ポータブル版を用意できたら通常版はアンインストールしていいです。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

下記アプリはご自身で必要としてお使いですか?
>Microsoft Pay Microsoft Corporation 2019/12/17 2.4.18324.0

使ってないならGUを使ってアンインストール推奨です。
PCでPayシステムを使うにしても日本で上記アプリを使う方はあまりいないと思うので、もし使用中ならその旨を教えてください。

スタートメニューの「プログラムとファイルの検索」に下記をコピペで貼り付けて

cleanmgr

ディスククリーンアップが起動したらゴミ箱以外の全項目にチェック入れて実行してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」、「Windowsサービス」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「ブラウザプラグイン」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

何か入り込んでいるとすればブラウザタブとスケジュールタブあたりに食い込んでいる疑いが考えられますが、最初の説明をうかがった限りではその恐れも薄いでしょうしあまり不安がらなくていいはずです
  • 悪代官
  • 2020/11/14 (Sat) 20:40:13
Re: リダイレクト?
悪代官さん、返信ありがとうございます。

アップデートとクリーンアップは無事行えました。

Windows Payに関しましては、Geek Uninstallerの一覧に何故か表示されませんでした。
パソコンのアプリ一覧にも出てこないので、
恐らく以前にアンインストールした時の残骸かなと思います。

そして、こちらがCCの各ログになります。
1回目
スタートアップ
有効 HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmWrk\UIWatchDog.exe"
スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task MicrosoftEdgeUpdateTaskMachineCore Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineUA Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
有効 Task necNbSchedRun NEC Personal Computers, Ltd. "C:\Program Files\necbatt\nbSched.exe"
有効 Task OneDrive Standalone Update Task v2 %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
コンテキストメニュー
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\tmdshell.dll
Windowsサービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
有効 Service Intel Bluetooth Service C:\WINDOWS\system32\ibtsiva
有効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
無効 Service iPod サービス Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe"
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe"
ブラウザプラグイン
IE
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.68\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.68\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll
FF
有効 Extension Amazon.com.au 1.3 default-release Firefox 82.0.3
有効 Extension Bing 1.2 default-release Firefox 82.0.3
有効 Extension DoH Roll-Out 2.0.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi
有効 Extension DuckDuckGo 1.1 default-release Firefox 82.0.3
有効 Extension Firefox Screenshots 39.0.0 Mozilla <screenshots-feedback@mozilla.com> default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Google 1.1 default-release Firefox 82.0.3
無効 Extension Trend Micro Toolbar 16.0.0.1374 default-release Firefox 82.0.3 C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
有効 Extension uBlock Origin 1.30.6 Raymond Hill & contributors default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi
有効 Extension Web Compat 15.1.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
無効 Extension WebCompat Reporter 1.4.0 Thomas Wisniewski <twisniewski@mozilla.com> default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Extension Wikipedia (en) 1.1 default-release Firefox 82.0.3
有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 82.0.3
有効 Extension ヤフオク! 1.2 default-release Firefox 82.0.3
有効 Extension 教えて!goo 1.0 default-release Firefox 82.0.3
有効 Extension 楽天市場 1.2 default-release Firefox 82.0.3
有効 Plugin 4.10.1582.2 Google Inc. default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.8.1.1 Mozilla Corporation default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll

  • ペソネ
  • 2020/11/15 (Sun) 00:56:33
Re: リダイレクト?
数時間後のログです。
2回目
スタートアップ
有効 HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmWrk\UIWatchDog.exe"
スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task MicrosoftEdgeUpdateTaskMachineCore Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineUA Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
有効 Task necNbSchedRun NEC Personal Computers, Ltd. "C:\Program Files\necbatt\nbSched.exe"
有効 Task OneDrive Standalone Update Task v2 %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
コンテキストメニュー
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\tmdshell.dll
Windowsサービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
有効 Service Intel Bluetooth Service C:\WINDOWS\system32\ibtsiva
有効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
無効 Service iPod サービス Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe"
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe"
ブラウザプラグイン
IE
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll
FF
有効 Extension Amazon.com.au 1.3 default-release Firefox 82.0.3
有効 Extension Bing 1.2 default-release Firefox 82.0.3
有効 Extension DoH Roll-Out 2.0.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi
有効 Extension DuckDuckGo 1.1 default-release Firefox 82.0.3
有効 Extension Firefox Screenshots 39.0.0 Mozilla <screenshots-feedback@mozilla.com> default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Google 1.1 default-release Firefox 82.0.3
無効 Extension Trend Micro Toolbar 16.0.0.1374 default-release Firefox 82.0.3 C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
有効 Extension uBlock Origin 1.30.6 Raymond Hill & contributors default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi
有効 Extension Web Compat 15.1.0 default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
無効 Extension WebCompat Reporter 1.4.0 Thomas Wisniewski <twisniewski@mozilla.com> default-release Firefox 82.0.3 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Extension Wikipedia (en) 1.1 default-release Firefox 82.0.3
有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 82.0.3
有効 Extension ヤフオク! 1.2 default-release Firefox 82.0.3
有効 Extension 教えて!goo 1.0 default-release Firefox 82.0.3
有効 Extension 楽天市場 1.2 default-release Firefox 82.0.3
有効 Plugin 4.10.1582.2 Google Inc. default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.8.1.1 Mozilla Corporation default-release Firefox 82.0.3 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll

お手数をおかけしますが、よろしくお願いします。
  • ペソネ
  • 2020/11/15 (Sun) 01:03:02
CCとFFの設定を軽量化しましょう
作業と報告、ご苦労様です。
続きの各ログを見せてもらいました。


>Windows Payに関しましては、Geek Uninstallerの一覧に何故か表示されませんでした。
>パソコンのアプリ一覧にも出てこないので、
>恐らく以前にアンインストールした時の残骸かなと思います

はい、そのようですね。ではMS Payはそのままにしておいていいです。

今のところ怪しい痕跡も見えないようですが、少し掃除しておきますか。

先の要領でCC起動してスタートアップタブの下記を無効化してください。
削除はしなくていいです。
>有効 HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

次にスケジュールタブの火器も同様に無効化を。
>有効 Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)

上記は見ての通りCCのエントリですが、有効化しているとその分負荷がかかるので必要でなければ無効化しておくといいです。

続いてブラウザのFFタブで下記のうち使わない検索は無効化を。
>有効 Extension Amazon.com.au 1.3 default-release Firefox 82.0.3
>有効 Extension Bing 1.2 default-release Firefox 82.0.3
>有効 Extension DuckDuckGo 1.1 default-release Firefox 82.0.3
>有効 Extension Google 1.1 default-release Firefox 82.0.3
>有効 Extension Wikipedia (en) 1.1 default-release Firefox 82.0.3
>有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 82.0.3
>有効 Extension ヤフオク! 1.2 default-release Firefox 82.0.3
>有効 Extension 教えて!goo 1.0 default-release Firefox 82.0.3
>有効 Extension 楽天市場 1.2 default-release Firefox 82.0.3

この時、事前にFFは終了させておかないと無効化できないので注意です。

ただFFの検索設定は無効化してもあとでまた有効に戻ったりもするので、ブラウザの設定で直接無効化しておくのがいいです。
FF起動してアドレスバーに下記をコピペで貼り付けて移動して

about:preferences#search

下段の「ワンクリック検索エンジン」欄で不要な検索はチェック外しておきましょう。
使わない検索ならここで「削除」もできますし、必要になったらまた追加もできます。

CCも設定の再確認してください。
CC起動して「オプション」「スマートクリーニング」欄で下段の「スマートクリーニングを有効化」にチェック入っていたらそのチェックを外して無効化推奨です。
スタートアップで有効になっていたのはこれです。

続いて「プライバシー」欄で改善や案内の項目にチェック入っていたらそこも無効化推奨です。
必要なら有効化のまま使うかは判断お任せします。

設定も確認出来たら今度はACとMBAMでスキャンをお願いします。
やり方はおわかりでしょうが一応案内します。

下記のツールを準備してください。
「AdwCleaner」(通称:AC)
https://downloads.malwarebytes.com/file/adwcleaner
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「設定」画面を開くとその下段にある「アンインストール」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

MBAMのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除してください。

次にACを起動してください。
起動したら今度は「今すぐスキャン」するとスキャン開始されます。

しばらく待ってスキャン終了したら結果が出るので、そこで画面左の「ログファイル」を押して、スキャンした日時のログを選択してダブルクリックするとそのログが表示されます。
それをデスクトップ上に保存してから、ACは終了です。
ここでは検出があっても処置はしないでおいてください。

ACスキャンが終わったら次はPCをセーフモードで再起動してしてください。

セーフモードで今度はMBAMの作業です。
MBAM起動してスキャンしてください。
MBAM起動したらメイン画面で中央の「スキャナ」→「高度なスキャナ」→「スキャンの設定」と開いてください。

その画面で対象の全ドライブと、「メモリオブジェクト」「レジストリおよびスタートアップ」「アーカイブ」欄もチェック入れてからスキャン開始です。

なお本来ならここで「ルートキット」欄もチェック入れてスキャンしたほうがより詳細なスキャン可能ですが、現在のMBAMはかなりリソース消費する仕様になってしまい、ルートキットスキャンするとPCスペックによっては丸1日以上かかることもあるので、必要と判断されるまでは使わないほうがいいでしょう。

こちらもスキャン終了したら「レポートを表示」で結果が表示されます。

そこで「エクスポート」選択するとMBAMのスキャンログが保存可能になるので、それをtxtファイルでデスクトップ上に保存したらMBAMは終了です。
MBAMでも検出された場合でも処置はしないように。

このあと両ツールのログをレスに貼って見せてください。

この2ツールは同じベンダーの製品ですが、最近になって過剰反応による誤検出が次々と見つかりだし、一部は国内メーカー製PCの再セットアップファイルまで脅威と検出してしまう事態まで起きたため、スキャンで見つかったものをすぐに隔離削除するのは危険です。
なのでまずはスキャンだけして、検出されたものがあればそれを解析後に対処することになります。
ログを見せてもらってから対処を考えましょう
  • 悪代官
  • 2020/11/15 (Sun) 21:00:21
一部訂正です
おはようございます、IVNOと申します。
ACの使い方ですが、訂正があります。
昨日、AC用の作業案内ページが完成しましたので、そちらを参考になされてください。
http://akumaden.web.fc2.com/manual.html
なお、本館トップページの「ご相談はこちら」の項目にある、「作業の手順書」というリンクからも同一ページがご確認いただけます。
MBAMの作業案内ページに関しては、鋭意制作中ですのでまだありません。
  • IVNO
  • 2020/11/16 (Mon) 09:36:14
Re: リダイレクト?
悪代官さん、IVNOさん、返信ありがとうございます。

教えてくださったとおり、ブラウザとCCの余計な設定は無効化しておきました。
そして,AdwcleanerとMalwarebytesでスキャンを行いました。
こちらがそのログになります。

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-16-2020
# Duration: 00:00:14
# OS: Windows 10 Home
# Scanned: 31909
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Malwarebytes
www.malwarebytes.com

-ログの詳細-
スキャン日付: 2020/11/16
スキャン時間: 1:44
ログファイル: e0c49f2d-2761-11eb-bde6-000000000000.json

-ソフトウェア情報-
バージョン: 4.2.3.96
コンポーネントバージョン: 1.0.1104
パッケージバージョンをアップデート: 1.0.32936
ライセンス: 無料版

-システム情報-
OS: Windows 10 (Build 18362.1198)
CPU: x64
ファイルシステム: NTFS
ユーザー: XXXX

-スキャン結果の概要-
スキャンタイプ: カスタムスキャン
スキャン開始日時: マニュアル
結果: 完了
スキャンされたオブジェクト: 350687
検出された脅威: 0
隔離された脅威: 0
経過時間: 10 分 6 秒

-スキャンオプション-
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 無効
ヒューリスティック: 有効
PUP: 検出
PUM: 検出

-スキャンの詳細-
プロセス: 0
(悪意のあるアイテムは検出されませんでした)

モジュール: 0
(悪意のあるアイテムは検出されませんでした)

レジストリキー: 0
(悪意のあるアイテムは検出されませんでした)

レジストリ値: 0
(悪意のあるアイテムは検出されませんでした)

レジストリデータ: 0
(悪意のあるアイテムは検出されませんでした)

データストリーム: 0
(悪意のあるアイテムは検出されませんでした)

フォルダ: 0
(悪意のあるアイテムは検出されませんでした)

ファイル: 0
(悪意のあるアイテムは検出されませんでした)

物理セクタ: 0
(悪意のあるアイテムは検出されませんでした)

WMI: 0
(悪意のあるアイテムは検出されませんでした)


(end)

お手数をおかけしますが、よろしくお願いします。
  • ペソネ
  • 2020/11/16 (Mon) 18:38:54
予想通りではありますね
さて続いて私からのご案内となります。
当初ご申告いただいていた通り、ACやMBAMでの検出は見られませんね。
となると、リダイレクトの原因はPC側の問題の可能性より、ルーター側の感染の可能性が高いとなりますが、問題の切り分けのためPC側を徹底して調べましょうか。
ACとMBAMは不要となりますので、処分する等をお願いします。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。
ただし、Windows 10の方に限り「Cleanup」ボタンを押さずにファイルのみ削除してください。
このOTLでのスキャンは再度ご案内する場合がありますが、
その際はこちらの手順をそのまま繰り返していただくこととなります。
OTLで再度スキャンをと言われた場合、こちらの作業のやり直しをお願いいたします。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
大抵は2分割すれば事足りると思います。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • 2020/11/16 (Mon) 22:27:03
Re: リダイレクト?
IVNOさん、返信ありがとうございます。
OldTimer Listitの作業が終わりましたので、ログを貼っていこうと思います。
OTL.txt
OTL logfile created on: 2020/11/17 2:17:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.18362.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.03 Gb Available Physical Memory | 63.54% Memory free
9.17 Gb Paging File | 5.96 Gb Available in Paging File | 65.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 186.54 Gb Free Space | 78.63% Space Free | Partition Type: NTFS

Computer Name: XXXXXXX-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2020/11/17 02:09:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXX\Downloads\OTL.exe
PRC - [2020/09/17 02:54:11 | 000,682,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2020/07/22 19:08:29 | 000,387,504 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2019/12/11 20:05:26 | 001,938,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\uiWinMgr.exe
PRC - [2019/12/11 20:02:10 | 000,247,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2019/05/16 08:08:00 | 000,541,672 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDService.exe
PRC - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) -- c:\Windows\SysWOW64\NTMETER.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2019/12/11 20:02:12 | 000,104,592 | ---- | M] () -- C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\boost_thread-vc140-mt-x32-1_69.dll
MOD - [2019/03/19 13:45:16 | 000,046,656 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2020/11/14 14:26:03 | 007,269,976 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2020/11/11 13:06:03 | 000,432,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:54 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 003,806,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 003,732,480 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 001,606,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:50 | 003,552,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:40 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:31 | 000,938,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:29 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 005,284,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:54 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:53 | 000,554,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:25 | 000,711,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:16 | 000,986,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:06 | 001,285,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 002,485,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 000,284,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 001,499,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 001,026,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 000,271,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 001,077,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,735,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,381,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,381,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2020/09/10 18:14:16 | 000,310,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2020/09/09 13:12:14 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:21 | 000,858,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:19 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:17 | 000,648,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:17 | 000,521,728 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2020/08/16 06:51:30 | 000,629,752 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe -- (jhi_service)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:43 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:40 | 000,157,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:39 | 000,867,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:37 | 000,374,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:36 | 000,340,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:40:05 | 000,405,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:39:46 | 002,136,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:39:46 | 001,059,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:55 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:54 | 000,352,256 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:47 | 000,215,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:45 | 001,125,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:37 | 000,179,200 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:36 | 000,931,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:34 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:33 | 000,651,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:33 | 000,128,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:30 | 001,271,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:30 | 000,361,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:28 | 000,243,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,922,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:14:10 | 002,184,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:14:10 | 000,477,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:13:56 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:55 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:54 | 001,393,664 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:43 | 001,536,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:41 | 000,231,912 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 001,263,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 000,943,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 000,893,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2020/04/22 14:46:24 | 000,736,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2020/04/22 14:46:22 | 000,139,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2020/04/22 14:45:59 | 000,534,528 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2020/04/22 05:41:28 | 000,783,112 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2020/04/22 05:41:26 | 000,856,848 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:52 | 001,190,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:52 | 000,358,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:39 | 002,157,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2020/02/14 15:20:19 | 000,157,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2019/12/11 15:32:33 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2019/11/14 15:24:40 | 000,061,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2019/09/27 15:23:56 | 000,599,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2019/09/27 15:23:38 | 000,236,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2019/09/11 14:58:30 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2019/09/11 14:58:28 | 001,158,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2019/09/01 14:48:14 | 000,810,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2019/07/28 13:00:02 | 000,957,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2019/07/28 13:00:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2019/03/19 21:32:45 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:56 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:53 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:50 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:38 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:35 | 000,033,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:34 | 000,103,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 001,268,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,263,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:04 | 001,264,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:47 | 000,079,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:47 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:36 | 000,336,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:23 | 000,239,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,487,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,482,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,190,464 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,050,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:12 | 000,092,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:11 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:11 | 000,061,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:04 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:03 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:01 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:55 | 000,740,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:53 | 000,831,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 001,063,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 000,422,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 001,390,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,394,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,382,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2018/05/15 12:28:34 | 000,541,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\ibtsiva.exe -- (ibtsiva)
SRV:[b]64bit:[/b] - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV - [2020/11/12 17:33:09 | 001,535,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2020/11/11 13:05:50 | 003,552,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2020/11/10 09:29:17 | 000,243,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2020/11/06 13:49:07 | 002,467,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/11/06 13:49:07 | 000,128,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/10/21 07:16:34 | 005,003,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2020/09/17 02:54:10 | 001,751,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2020/09/17 02:54:09 | 001,246,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2020/09/17 02:54:08 | 000,705,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2020/08/22 15:12:29 | 000,553,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2020/08/16 06:51:30 | 000,629,752 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe -- (jhi_service)
SRV - [2020/07/15 15:39:55 | 000,338,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2020/07/15 15:39:42 | 000,653,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2020/07/15 15:39:42 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2020/05/29 17:19:58 | 000,406,104 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe -- (TmWscSvc)
SRV - [2020/05/14 00:35:52 | 000,185,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2020/05/14 00:35:49 | 000,729,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2020/04/22 14:46:22 | 000,105,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2020/04/22 05:41:28 | 000,783,112 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe -- (Intel(R)
SRV - [2020/04/22 05:41:26 | 000,856,848 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe -- (Intel(R)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2019/09/11 14:58:32 | 000,957,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2019/07/28 13:00:19 | 000,072,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2019/05/16 08:08:00 | 000,541,672 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2019/03/19 13:45:58 | 000,029,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/06/09 16:45:46 | 002,413,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\IAStorAfsService\iaStorAfsService.exe -- (iaStorAfsService)
SRV - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- c:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2020/11/16 18:13:07 | 000,248,968 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2020/11/16 18:13:07 | 000,217,600 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2020/11/14 14:26:05 | 000,019,912 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:59 | 000,097,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:53 | 000,400,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 000,117,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 000,246,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,429,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,071,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,048,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:37 | 000,084,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:31 | 000,291,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:15 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2020/09/17 02:54:03 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 000,180,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,251,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,059,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:54 | 000,174,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:54 | 000,141,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2020/08/22 15:12:16 | 000,555,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2020/08/22 15:12:16 | 000,250,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2020/07/22 07:40:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,656,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2020/06/10 15:13:55 | 000,531,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2020/06/08 12:43:52 | 000,686,152 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmeyes.sys -- (tmeyes)
DRV:[b]64bit:[/b] - [2020/05/14 00:35:38 | 000,634,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2020/05/14 00:35:38 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2020/04/22 14:46:07 | 000,457,216 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2020/03/27 16:34:48 | 000,160,544 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TMUMH.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2020/03/25 15:48:21 | 000,297,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2020/03/25 15:48:21 | 000,151,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:48 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:42 | 001,972,536 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:40 | 000,201,744 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:38 | 000,337,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:38 | 000,180,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:37 | 000,355,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:37 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2020/01/18 14:51:05 | 000,043,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:[b]64bit:[/b] - [2019/12/11 15:32:34 | 000,986,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/10/26 15:19:22 | 000,359,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2019/10/09 03:45:20 | 000,225,080 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2019/09/27 15:23:39 | 000,931,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2019/09/27 15:23:37 | 000,079,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2019/09/11 14:58:26 | 000,231,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:14 | 000,182,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,108,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,030,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,018,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2019/06/28 15:05:46 | 000,257,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2019/06/06 00:06:04 | 000,205,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winquic.sys -- (WinQuic)
DRV:[b]64bit:[/b] - [2019/06/04 16:59:56 | 000,037,552 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2019/05/04 12:58:24 | 000,137,776 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2019/03/19 21:34:19 | 000,031,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2019/03/19 21:34:17 | 000,076,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:50 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:38 | 000,085,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,089,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:36 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:35 | 000,321,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:35 | 000,034,320 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:21 | 000,021,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,311,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,170,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,093,200 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,085,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,084,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,075,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,074,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,040,760 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,092,672 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,058,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:01 | 000,070,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:00 | 000,100,152 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,244,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,136,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,054,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,056,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,083,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,058,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,025,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,018,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,181,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,103,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,054,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,053,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,042,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,041,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,022,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,017,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 001,866,768 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 001,150,480 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,885,048 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,566,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,535,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,158,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,153,616 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,127,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,077,832 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,062,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,042,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,037,928 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:40 | 000,319,528 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:40 | 000,305,672 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 001,135,632 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,259,600 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,220,176 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,148,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,128,528 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,124,448 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,107,528 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,094,736 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,083,464 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,082,960 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,075,280 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,068,624 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,064,528 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,064,016 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,058,896 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,031,240 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,027,176 | ---- | M]
  • ペソネ
  • 2020/11/17 (Tue) 05:03:21
Re: リダイレクト?
Extra.txt
OTL Extras logfile created on: 2020/11/17 2:17:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.18362.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.03 Gb Available Physical Memory | 63.54% Memory free
9.17 Gb Paging File | 5.96 Gb Available in Paging File | 65.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 186.54 Gb Free Space | 78.63% Space Free | Partition Type: NTFS

Computer Name: XXXXXXX-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}]
"GUID" = {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
"DISPLAYNAME" = セキュリティ対策ツール
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\wschandler.exe -- (Trend Micro Inc.)
"REPORTINGEXE" = C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\WSCStatusController.exe -- (Trend Micro Inc.)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 54 84 DF 38 A5 B4 D5 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{44DF463F-C324-4547-8A2C-70ED8D74DD68}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BBE136-B217-4929-AD0A-855A2C9AB0DA}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{06ED0B48-7254-4779-95CA-39DEDDDDF7F8}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{09516E8F-2620-4EDD-BB35-E82B58353BBA}" = dir=in | name=@{microsoft.ppiprojection_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{09E320FC-6C25-4D4D-BE1D-DCFBAD37CD78}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{1436A383-021A-4BB8-A1CA-5819D581AC80}" = dir=out | name=@{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{16588BDC-93EF-4A13-970C-BF1D56BF6A32}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{18439F03-29F2-40DE-8C3E-F5F15455DD4C}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{1946B34C-D04B-4BA3-AAC7-EC3A98AE2222}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{1E126ACC-DC50-494B-86C7-5FDFD719C694}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2336D763-85DD-42C8-A70E-242E230FD276}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{2EBD88AB-4D32-4919-AA7D-9B50EA5E9B48}" = dir=out | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{2EBF9F19-A0FA-4803-86AB-253947F19D70}" = dir=out | name=windows_ie_ac_001 |
"{2EF67650-8EDC-45C9-A153-56922FCBA08B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{329E52E5-2A16-45B1-8749-B99B9BBB9D5E}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{36D4099B-04BA-4201-8BD4-6AD66FCB6FB8}" = dir=out | name=@{microsoft.win32webviewhost_10.0.18362.997_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{3A0D707D-65B8-4D47-A8A4-C06CDDD31DDB}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{47276C68-D9CD-4868-B343-094B12BBDEB5}" = dir=in | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{477C7975-2E46-486B-95F5-2FE66731674B}" = dir=out | name=@{microsoft.windowsmaps_10.2009.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{49B45C73-7FAA-414C-ACF0-F7E7907A76D2}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{4A2FBF01-A842-4887-8439-41B2DD1890E3}" = dir=out | name=xbox game bar |
"{4BEDB080-F9F4-4F47-93C5-7CAA746C5200}" = dir=out | name=print 3d |
"{50631FDC-A169-498C-B9D2-F73F6702F6D5}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{52BBF934-9F49-4964-B237-9CED440587FD}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{533122CD-E2E4-46E0-B1FA-E5FE11447714}" = dir=out | name=@{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{5485F6EA-9A84-44B8-80A7-8B08A2DB1500}" = dir=out | name=@{microsoft.storepurchaseapp_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{67AD64DE-A134-4355-A731-B238354E6FEF}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{6912D4B8-2B5E-4DCE-8949-2217339AAEDB}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{69210A7E-75CF-4FD5-8BCF-63A3FA4BE202}" = dir=in | name=print 3d |
"{6B4C7DC8-001C-40CD-B570-B89BC24EFAEC}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2009.29132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{6B91CD0D-42FE-4A4E-8FC8-AA04D0620041}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{6C90391B-6F1F-43EA-A890-63475EFDB2D0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{6D018593-548E-4D7F-8497-A7796238B8F0}" = dir=in | name=@{microsoft.windows.shellexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{6D89D248-7483-4F5D-B270-678D5E5CD190}" = dir=in | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{6EF1C03B-1C8F-4481-B3BC-B550E3706635}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{70124113-1224-48AA-988E-DEA3F45D7C61}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{70543954-6DAD-436B-9254-3BEC324DA250}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{745020ED-1C20-4DFF-B9C0-D2E63B80CBE4}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{750CEEFE-D50C-4125-9AA3-680C4AE1BE03}" = dir=in | name=@{microsoft.oneconnect_5.2011.3081.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{76A8878F-B9CE-4638-A15A-D6C95F8846E4}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{78AE7DC4-BEB4-45A8-860C-FBF6B810E89D}" = dir=in | name=@{microsoft.zunevideo_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7BC297ED-2BB3-4F48-A5AD-F47F163FC84D}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{80DC8A82-CACD-4DC1-8EBD-8F32A640AF7A}" = dir=out | name=xbox game bar plugin |
"{82D04C92-CA89-4723-9DF4-29ED636775B2}" = dir=out | name=@{microsoft.yourphone_1.20101.99.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{82D47261-FF15-4CA3-8613-F01A57DB77EB}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{83EE0BF9-1BD6-4323-B769-FEB18BB9B121}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{8412082D-4672-403D-91A4-8AD424E14280}" = dir=in | name=xbox game bar |
"{84471B59-8225-4F42-81A2-7D12DF9432AB}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{86900241-A390-4BC7-A904-6D2AE7A26680}" = dir=in | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{88B1EE20-9B64-470A-88F1-95585803711D}" = dir=out | name=@{microsoft.microsoftedge_44.18362.449.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{89206634-1857-4AC1-842C-C48239D3FC71}" = dir=out | name=shell input application |
"{8A7A0E6B-6776-48FB-A9EC-7B40B57E7AEE}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{8CD87CB6-A794-4A51-A51C-0029385FF3AA}" = dir=out | name=@{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{8DB06025-98BA-4EC3-B7D7-D0BE807DEF87}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{8E7D4193-9C9F-4D0B-BBBE-E75ADA35A1CF}" = dir=out | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{93031D58-76D2-4D0C-88C2-2C122997C6B1}" = dir=out | name=@{microsoft.oneconnect_5.2011.3081.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{953F39D3-223A-4083-B97D-67A0B6AFB530}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{97EC86F5-45A8-49B6-81C6-F217CB98EDF3}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{9E55F5EB-97C6-4580-83BA-227E8DC4595D}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{A147BAA8-B991-439F-8C55-1E6EEA163A8D}" = dir=out | name=@{appup.intelgraphicsexperience_1.100.2970.0_x64__8j3eq9eme6ctt?ms-resource://appup.intelgraphicsexperience/resources/system_item_title_intelgraphicscontrolpanel} |
"{A2E88420-7C07-41F5-8BF0-98536D60BE05}" = dir=in | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A5C64488-F0BE-44A3-98A1-607E585BA973}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{A6334306-41C4-49AD-B0FD-77DC9A7810A3}" = dir=out | name=@{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{A8F926A0-D21E-46FA-9EA9-1EB29FB0E58D}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{AC1A942E-9AAD-4166-83CA-34B5A1E3D7EC}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{B108A2E5-5AD2-45A6-AE4A-42661D829A6B}" = dir=out | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B2375728-24B0-4932-A02E-14E23093C683}" = dir=out | name=@{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{B2BFB21A-0048-4E7D-94F9-77E47DA034E5}" = dir=out | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B37534FD-1297-4182-9D9E-9B15D2777A87}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{B3E852EF-7A11-456A-94FA-BA20F6CC14DD}" = dir=in | name=@{microsoft.win32webviewhost_10.0.18362.997_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{B8AD9DA2-BEBD-4F96-8207-5D09C143BFC4}" = dir=out | name=@{microsoft.lockapp_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{BB44F53E-33F2-4E14-A599-DE03FC45C9C9}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BCBB77C2-6A0A-4FE6-916B-6D6FABDEFC96}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{BDD7E2FF-6FBE-41AA-9860-0885117C3057}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{BE1CFC60-D41E-47D0-A915-65A9A95204E4}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.18362.449_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{BF627853-C032-4B89-8ED2-541FE0AEF587}" = dir=out | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{BF8C018E-AA94-49A1-9CE7-39FFD3BDB837}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{C1108DBD-09CA-46EC-9C44-FD4F7C781CF9}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{C342EBB9-EA49-4794-A6E9-40B1D655BC45}" = dir=out | name=@{microsoft.ppiprojection_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{C7173264-F4C4-4C3A-82B3-5DFA892EB78B}" = dir=out | name=@{microsoft.accountscontrol_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{C92DFFAD-44BD-4818-8A57-B260517B74FA}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{D31943A4-F091-40DF-8642-46BE6A3526B1}" = dir=out | name=@{microsoft.accountscontrol_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{D4FA9D8F-B03D-4397-9B88-FD58F4122516}" = dir=out | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{D728AA46-1E0E-4098-8AC0-E304AAFE5873}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{D8D7F2AE-77B5-4D11-AEEB-AE8726D8749D}" = dir=out | name=xbox tcui |
"{D9B50AF7-D5FC-4322-9000-41A9749726FB}" = dir=in | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{D9D16947-2A80-4FCC-A036-3D3037A3879E}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{DB1AFE53-BAD5-4CD8-A5CA-F1B03EEEE18E}" = dir=out | name=microsoft pay |
"{DE6D7D2A-24D9-4999-8A4A-8262ACAFE1E0}" = dir=out | name=@{microsoft.getstarted_9.12.32951.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{E12392E0-850A-4BE0-9C6B-DBC556037122}" = dir=out | name=@{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{E1BAFEC3-BF9D-4054-AE21-D9919BF76619}" = dir=out | name=intel® graphics control panel |
"{E37B57C5-14AC-4010-B25B-04E4B4C19E46}" = dir=out | name=@{microsoft.windowscalculator_10.2009.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{E38D43C3-99F3-4FF6-AE74-E12899138A35}" = dir=in | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{E61652DA-12F8-477D-B658-C69357BF6A7A}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{E6ED289C-7236-4EBE-82F1-A29D0FAE3BC4}" = dir=in | name=@{microsoft.yourphone_1.20101.99.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{EBC992C7-836F-4832-933E-2A03E96B1F11}" = dir=out | name=@{microsoft.zunevideo_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{ECDBDF2C-DC8D-4322-8B2D-7F92B17FA2BD}" = dir=out | name=windows_ie_ac_001 |
"{EF3ABEDC-D3DC-4F57-B48A-3DE3F742E35D}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{F092E719-941F-4ED2-A5A8-E76A42CE3644}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F22F8E2D-9FF0-463C-B26D-16E54100FA12}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{F2619918-7478-4652-A6D3-2F423E47F1C2}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{FAA1C646-1D6A-4C84-A25B-14C272FBDD08}" = dir=out | name=shell input application |
"{FD47DEE4-F515-47F6-8930-AF5D29EE3C52}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{FEA43EE4-654B-46BB-92D3-9B9C6EE03F4E}" = dir=in | name=@{microsoft.microsoftedge_44.18362.449.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{FEA7B2D4-2739-4A84-AB26-F03EC0CD05B0}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F518B57-008A-3D18-970E-38645BBDB5E6}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.22816
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 4.2.3.96
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{57830BE1-7A89-4306-9CF9-B06D34C5383E}" = Intel(R) Management Engine Components
"{5F4839F1-836A-4BC3-8209-2B5C164F00E0}" = Microsoft VC++ redistributables repacked.
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8334B1A3-1141-4114-9AD6-50B5A3833C54}" = Intel(R) Management Engine Components
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}" = Intel(R) Chipset Device Software
"{97238E8A-4919-4A1E-965A-C6C36938F4CE}" = Microsoft Update Health Tools
"{A066AABA-5C85-3F9D-8DAA-3847EDCDA4F3}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.22816
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = セキュリティ対策ツール
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9552825-7BF2-4344-BA91-D3CD46F4C442}" = Intel(R) Trusted Connect Service Client x64
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DF5EEEE3-A2F1-464A-8157-64BA751943AB}" = NEC MFKB Driver
"{E6AF6AD3-4E80-4D73-8668-563BA8C16CE4}" = iPod Support
"{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}" = Intel(R) ME UninstallLegacy
"{FA441912-5726-4CB9-8590-89737670CD4A}" = Intel(R) Management Engine Driver
"CCleaner" = CCleaner
"Elantech" = NX PAD Driver
"Mozilla Firefox 82.0.3 (x64 ja)" = Mozilla Firefox 82.0.3 (x64 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07E1EEA7-5C81-464E-935F-7C7441E2FD34}" = Music Center for PC
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17408817-d415-4768-a160-ae6d46d6bdb0}" = インテル® チップセット デバイス ソフトウェア
"{17b12e02-9e0f-435b-a641-6fa68bb60b6d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1fec26b5-eeec-4604-877a-44f1843ae9d4}" = Intel(R) Trusted Connect Services Client
"{2749c485-3a8b-4533-92ff-7cf6e8221cff}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{37D556AE-3208-48D1-A43C-6D2EBD095C2C}" = Microsoft VC++ redistributables repacked.
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730ca3c6-815d-4b47-abc9-5082acd0267f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C9552825-7BF2-4344-BA91-D3CD46F4C441}" = Intel(R) Trusted Connect Service Client x86
"{d07b0db5-8dad-40e1-be90-88026298a46b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}" = Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"BUFFALO_AirSet2_is1" = BUFFALO エアステーション設定ツール
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2020/11/02 20:31:26 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/02 20:31:26 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/10 21:02:32 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/10 21:02:32 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/11 0:10:41 | Computer Name = XXXXXXX-XXXXXXX | Source = VSS | ID = 13
Description =

Error - 2020/11/11 0:10:41 | Computer Name = XXXXXXX-XXXXXXX | Source = VSS | ID = 8193
Description =

Error - 2020/11/14 0:03:27 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/14 0:03:27 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/16 5:16:04 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/16 5:16:04 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 2020/11/15 12:53:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:54:37 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:24 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:38 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:56:11 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =


< End of report >

お手数をおかけしますが、どうかよろしくお願いします。
  • ペソネ
  • 2020/11/17 (Tue) 05:06:44
OTL全部貼り損ねましたので続きから
OTL.txt続き
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 003,419,176 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,534,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,033,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:37 | 000,114,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:37 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 007,708,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwtw04.sys -- (Netwtw04)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,064,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,131,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,037,888 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2018/07/31 00:37:46 | 001,138,024 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2018/05/15 12:28:34 | 000,136,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2018/03/08 04:05:24 | 000,562,296 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2018/02/05 15:07:06 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:46 | 000,070,632 | ---- | M] (Intel Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorAfs.sys -- (iaStorAfs)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:44 | 000,894,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,042,592 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfkgtkey.sys -- (MFKGTKEY)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,034,408 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ps2Led.sys -- (Ps2Led)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,031,840 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Ps2LedIF.sys -- (Ps2LedIF)
DRV:[b]64bit:[/b] - [2017/05/15 18:47:04 | 000,782,816 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:[b]64bit:[/b] - [2017/05/10 15:46:18 | 000,147,672 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2017/04/21 17:15:30 | 000,045,960 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necbatt.sys -- (necbatt)
DRV:[b]64bit:[/b] - [2017/04/20 22:00:40 | 000,054,272 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necextif.sys -- (necextif)
DRV:[b]64bit:[/b] - [2017/04/11 11:09:18 | 000,032,024 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioSwitchHID.sys -- (RadioSwitchHID)
DRV:[b]64bit:[/b] - [2017/04/06 07:02:00 | 000,613,448 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)
DRV - [2020/07/22 07:40:04 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2019/09/01 14:48:09 | 000,108,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys -- (UfxChipidea)
DRV - [2019/09/01 14:48:09 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys -- (BasicDisplay)
DRV - [2019/09/01 14:48:09 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys -- (umbus)
DRV - [2019/09/01 14:48:09 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys -- (CompositeBus)
DRV - [2019/09/01 14:48:09 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys -- (BasicRender)
DRV - [2019/09/01 14:48:09 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys -- (UEFI)
DRV - [2019/09/01 14:48:09 | 000,030,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys -- (UrsChipidea)
DRV - [2019/09/01 14:48:09 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys -- (UrsSynopsys)
DRV - [2019/09/01 14:48:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys -- (genericusbfn)
DRV - [2019/09/01 14:48:09 | 000,018,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys -- (swenum)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found


64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fftmtoolbar@trendmicro.com: C:\PROGRAM FILES (X86)\NTTW\SECURITY\SEC\UIFRAMEWORK\TOOLBAR\FFTMTOOLBAR@TRENDMICRO.COM.XPI [2020/06/17 20:18:46 | 003,471,068 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fftmtoolbar@trendmicro.com: C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2020/06/17 20:18:46 | 003,471,068 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions
[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\SystemExtensionsDev
[2020/10/21 07:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions
[2020/01/09 15:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295
[2020/11/15 00:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1
[2020/11/17 02:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295
[2020/11/17 02:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295\idb
[2020/10/21 07:23:21 | 002,784,234 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi

O1 HOSTS File: ([2017/09/29 22:44:25 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O2 - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [Platinum] C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-852619868-549112645-581641478-1001..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = XXX.XXX.X.X
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8bd57898-9598-4a71-92ce-2a74e2528dcd}: DhcpNameServer = XXX.XXX.X.X
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {052860C8-3E53-3D0B-9332-48A8B4971352} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {9459C573-B17A-45AE-9F64-1857B5D58CEE} - "C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8E0A742C-D031-348A-954F-AFE3CB92EFB7} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2020/11/16 18:13:07 | 000,217,600 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020/11/14 21:31:32 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Geek Uninstaller
[2020/11/14 17:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2020/11/14 17:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2020/11/14 14:26:10 | 000,248,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020/11/14 14:26:07 | 000,019,912 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020/11/14 14:26:06 | 000,153,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020/11/14 14:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2020/11/14 14:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2020/11/11 13:06:03 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2020/11/11 13:06:02 | 002,315,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020/11/11 13:06:02 | 001,615,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020/11/11 13:06:01 | 025,445,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020/11/11 13:06:01 | 004,129,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020/11/11 13:06:01 | 002,495,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020/11/11 13:06:01 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2020/11/11 13:06:01 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2020/11/11 13:06:01 | 000,345,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2020/11/11 13:06:01 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcXtrnal.dll
[2020/11/11 13:06:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2020/11/11 13:06:00 | 007,008,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2020/11/11 13:06:00 | 005,906,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020/11/11 13:06:00 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2020/11/11 13:06:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2020/11/11 13:06:00 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakrathunk.dll
[2020/11/11 13:05:59 | 008,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2020/11/11 13:05:59 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2020/11/11 13:05:59 | 000,406,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2020/11/11 13:05:59 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2020/11/11 13:05:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2020/11/11 13:05:59 | 000,097,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\PktMon.sys
[2020/11/11 13:05:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdSSDP.dll
[2020/11/11 13:05:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2020/11/11 13:05:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcXtrnal.dll
[2020/11/11 13:05:58 | 007,761,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020/11/11 13:05:58 | 004,855,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2020/11/11 13:05:58 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2020/11/11 13:05:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2020/11/11 13:05:58 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakrathunk.dll
[2020/11/11 13:05:57 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2020/11/11 13:05:56 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2020/11/11 13:05:56 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2020/11/11 13:05:55 | 006,527,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:55 | 002,799,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020/11/11 13:05:55 | 001,459,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020/11/11 13:05:55 | 001,397,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020/11/11 13:05:55 | 001,077,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020/11/11 13:05:55 | 000,784,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020/11/11 13:05:55 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2020/11/11 13:05:55 | 000,694,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020/11/11 13:05:55 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2020/11/11 13:05:55 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2020/11/11 13:05:55 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2020/11/11 13:05:55 | 000,453,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2020/11/11 13:05:55 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2020/11/11 13:05:55 | 000,405,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2020/11/11 13:05:55 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2020/11/11 13:05:55 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2020/11/11 13:05:55 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2020/11/11 13:05:55 | 000,211,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020/11/11 13:05:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2020/11/11 13:05:55 | 000,199,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020/11/11 13:05:55 | 000,193,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2020/11/11 13:05:55 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2020/11/11 13:05:55 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdSSDP.dll
[2020/11/11 13:05:55 | 000,089,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2020/11/11 13:05:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020/11/11 13:05:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2020/11/11 13:05:54 | 001,565,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020/11/11 13:05:54 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2020/11/11 13:05:54 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2020/11/11 13:05:54 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2020/11/11 13:05:54 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2020/11/11 13:05:54 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2020/11/11 13:05:54 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2020/11/11 13:05:54 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2020/11/11 13:05:54 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2020/11/11 13:05:54 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2020/11/11 13:05:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2020/11/11 13:05:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2020/11/11 13:05:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2020/11/11 13:05:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2020/11/11 13:05:53 | 007,604,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:53 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020/11/11 13:05:53 | 001,170,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020/11/11 13:05:53 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2020/11/11 13:05:53 | 000,400,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2020/11/11 13:05:53 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2020/11/11 13:05:52 | 009,925,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020/11/11 13:05:52 | 003,806,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020/11/11 13:05:52 | 001,743,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020/11/11 13:05:52 | 001,488,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2020/11/11 13:05:52 | 001,259,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020/11/11 13:05:52 | 000,891,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020/11/11 13:05:52 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2020/11/11 13:05:52 | 000,518,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2020/11/11 13:05:52 | 000,467,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2020/11/11 13:05:52 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RasMediaManager.dll
[2020/11/11 13:05:52 | 000,247,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2020/11/11 13:05:52 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020/11/11 13:05:52 | 000,117,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020/11/11 13:05:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020/11/11 13:05:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindflt.dll
[2020/11/11 13:05:51 | 003,732,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020/11/11 13:05:51 | 003,728,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020/11/11 13:05:51 | 002,712,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020/11/11 13:05:51 | 001,834,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020/11/11 13:05:51 | 001,606,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2020/11/11 13:05:51 | 001,183,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2020/11/11 13:05:51 | 000,874,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020/11/11 13:05:51 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2020/11/11 13:05:51 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2020/11/11 13:05:51 | 000,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020/11/11 13:05:51 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2020/11/11 13:05:51 | 000,425,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2020/11/11 13:05:51 | 000,363,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2020/11/11 13:05:51 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020/11/11 13:05:51 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020/11/11 13:05:51 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiCloudStore.dll
[2020/11/11 13:05:51 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2020/11/11 13:05:51 | 000,246,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2020/11/11 13:05:51 | 000,127,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2020/11/11 13:05:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020/11/11 13:05:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2020/11/11 13:05:51 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiConfigSP.dll
[2020/11/11 13:05:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2020/11/11 13:05:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2020/11/11 13:05:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2020/11/11 13:05:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2020/11/11 13:05:50 | 001,816,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2020/11/11 13:05:50 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2020/11/11 13:05:50 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2020/11/11 13:05:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2020/11/11 13:01:30 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2020/11/11 13:01:30 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2020/11/10 09:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2020/10/21 07:16:49 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2020/10/21 07:16:49 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raserver.exe
[2020/10/21 07:16:49 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raserver.exe
[2020/10/21 07:16:48 | 001,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2020/10/21 07:16:48 | 001,012,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020/10/21 07:16:48 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2020/10/21 07:16:47 | 004,547,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2020/10/21 07:16:47 | 003,525,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020/10/21 07:16:47 | 001,272,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020/10/21 07:16:47 | 001,108,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2020/10/21 07:16:47 | 001,098,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2020/10/21 07:16:45 | 019,812,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020/10/21 07:16:45 | 001,842,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2020/10/21 07:16:45 | 000,892,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2020/10/21 07:16:45 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2020/10/21 07:16:44 | 002,230,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020/10/21 07:16:44 | 001,491,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2020/10/21 07:16:44 | 001,151,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020/10/21 07:16:44 | 000,516,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020/10/21 07:16:41 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2020/10/21 07:16:41 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2020/10/21 07:16:41 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2020/10/21 07:16:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2020/10/21 07:16:40 | 004,608,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2020/10/21 07:16:40 | 002,948,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2020/10/21 07:16:40 | 001,996,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2020/10/21 07:16:40 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2020/10/21 07:16:40 | 000,366,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2020/10/21 07:16:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2020/10/21 07:16:40 | 000,172,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PktMon.exe
[2020/10/21 07:16:40 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2020/10/21 07:16:40 | 000,099,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2020/10/21 07:16:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2020/10/21 07:16:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2020/10/21 07:16:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\delegatorprovider.dll
[2020/10/21 07:16:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi_passthru.dll
[2020/10/21 07:16:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2020/10/21 07:16:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2020/10/21 07:16:38 | 003,694,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2020/10/21 07:16:38 | 002,737,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2020/10/21 07:16:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\delegatorprovider.dll
[2020/10/21 07:16:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi_passthru.dll
[2020/10/21 07:16:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2020/10/21 07:16:37 | 000,775,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020/10/21 07:16:37 | 000,300,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020/10/21 07:16:37 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020/10/21 07:16:37 | 000,093,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020/10/21 07:16:37 | 000,084,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020/10/21 07:16:37 | 000,021,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2020/10/21 07:16:35 | 002,585,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020/10/21 07:16:35 | 001,991,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2020/10/21 07:16:35 | 001,022,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2020/10/21 07:16:35 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2020/10/21 07:16:35 | 000,894,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2020/10/21 07:16:35 | 000,877,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2020/10/21 07:16:35 | 000,538,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2020/10/21 07:16:35 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2020/10/21 07:16:35 | 000,473,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020/10/21 07:16:35 | 000,456,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2020/10/21 07:16:35 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2020/10/21 07:16:35 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2020/10/21 07:16:35 | 000,188,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2020/10/21 07:16:35 | 000,149,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2020/10/21 07:16:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2020/10/21 07:16:34 | 006,071,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020/10/21 07:16:34 | 005,003,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2020/10/21 07:16:34 | 003,741,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2020/10/21 07:16:34 | 002,564,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2020/10/21 07:16:34 | 002,306,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2020/10/21 07:16:34 | 001,673,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:34 | 000,833,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2020/10/21 07:16:34 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:34 | 000,675,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020/10/21 07:16:34 | 000,572,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:34 | 000,564,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2020/10/21 07:16:34 | 000,531,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2020/10/21 07:16:34 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2020/10/21 07:16:34 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2020/10/21 07:16:34 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:34 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2020/10/21 07:16:34 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:34 | 000,165,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:34 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2020/10/21 07:16:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwbase.dll
[2020/10/21 07:16:34 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManagerApi.dll
[2020/10/21 07:16:34 | 000,090,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2020/10/21 07:16:34 | 000,051,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2020/10/21 07:16:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2020/10/21 07:16:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2020/10/21 07:16:33 | 005,112,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2020/10/21 07:16:33 | 004,032,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020/10/21 07:16:33 | 001,957,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2020/10/21 07:16:33 | 001,369,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2020/10/21 07:16:33 | 001,307,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2020/10/21 07:16:33 | 001,048,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2020/10/21 07:16:33 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2020/10/21 07:16:33 | 000,851,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2020/10/21 07:16:33 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2020/10/21 07:16:33 | 000,680,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2020/10/21 07:16:33 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2020/10/21 07:16:33 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2020/10/21 07:16:33 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2020/10/21 07:16:33 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2020/10/21 07:16:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2020/10/21 07:16:33 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2020/10/21 07:16:33 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2020/10/21 07:16:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msobjs.dll
[2020/10/21 07:16:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\amsi.dll
[2020/10/21 07:16:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2020/10/21 07:16:33 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2020/10/21 07:16:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcicda.dll
[2020/10/21 07:16:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2020/10/21 07:16:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciwave.dll
[2020/10/21 07:16:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciseq.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsregtask.dll
[2020/10/21 07:16:32 | 003,761,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2020/10/21 07:16:32 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2020/10/21 07:16:31 | 002,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2020/10/21 07:16:31 | 001,835,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2020/10/21 07:16:31 | 001,101,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2020/10/21 07:16:31 | 000,938,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2020/10/21 07:16:31 | 000,889,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2020/10/21 07:16:31 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2020/10/21 07:16:31 | 000,551,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020/10/21 07:16:31 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2020/10/21 07:16:31 | 000,477,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020/10/21 07:16:31 | 000,423,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2020/10/21 07:16:31 | 000,364,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2020/10/21 07:16:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2020/10/21 07:16:31 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2020/10/21 07:16:31 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2020/10/21 07:16:31 | 000,108,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2020/10/21 07:16:31 | 000,094,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthHost.exe
[2020/10/21 07:16:30 | 003,371,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020/10/21 07:16:30 | 001,998,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020/10/21 07:16:30 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2020/10/21 07:16:30 | 001,393,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020/10/21 07:16:30 | 000,893,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020/10/21 07:16:30 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2020/10/21 07:16:30 | 000,680,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020/10/21 07:16:30 | 000,618,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2020/10/21 07:16:30 | 000,586,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020/10/21 07:16:30 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2020/10/21 07:16:30 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2020/10/21 07:16:30 | 000,132,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2020/10/21 07:16:30 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2020/10/21 07:16:30 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msobjs.dll
[2020/10/21 07:16:30 | 000,024,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2020/10/21 07:16:29 | 006,438,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2020/10/21 07:16:29 | 001,824,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2020/10/21 07:16:29 | 000,821,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2020/10/21 07:16:29 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2020/10/21 07:16:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2020/10/21 07:16:29 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2020/10/21 07:16:29 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2020/10/21 07:16:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2020/10/21 07:16:29 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2020/10/21 07:16:29 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2020/10/21 07:16:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2020/10/21 07:16:28 | 000,398,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2020/10/21 07:16:28 | 000,323,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2020/10/21 07:16:27 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2020/10/21 07:16:26 | 006,196,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020/10/21 07:16:26 | 000,598,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2020/10/21 07:16:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Taskbar.dll
[2020/10/21 07:16:25 | 005,284,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2020/10/21 07:16:25 | 003,387,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2020/10/21 07:16:25 | 001,656,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020/10/21 07:16:25 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2020/10/21 07:16:25 | 001,285,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2020/10/21 07:16:25 | 001,274,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:25 | 001,096,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2020/10/21 07:16:25 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2020/10/21 07:16:25 | 000,716,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2020/10/21 07:16:25 | 000,684,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2020/10/21 07:16:25 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2020/10/21 07:16:25 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2020/10/21 07:16:25 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2020/10/21 07:16:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2020/10/21 07:16:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2020/10/21 07:16:25 | 000,214,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2020/10/21 07:16:25 | 000,209,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:25 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:25 | 000,180,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2020/10/21 07:16:25 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwbase.dll
[2020/10/21 07:16:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudDomainJoinAUG.dll
[2020/10/21 07:16:25 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2020/10/21 07:16:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2020/10/21 07:16:25 | 000,105,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2020/10/21 07:16:25 | 000,104,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:25 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpnUserService.dll
[2020/10/21 07:16:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2020/10/21 07:16:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2020/10/21 07:16:24 | 007,913,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020/10/21 07:16:24 | 004,471,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2020/10/21 07:16:24 | 003,265,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2020/10/21 07:16:24 | 002,261,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:24 | 002,073,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2020/10/21 07:16:24 | 001,282,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2020/10/21 07:16:24 | 001,083,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2020/10/21 07:16:24 | 000,916,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020/10/21 07:16:24 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:24 | 000,642,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2020/10/21 07:16:24 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2020/10/21 07:16:24 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerApi.dll
[2020/10/21 07:16:24 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2020/10/21 07:16:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2020/10/21 07:16:23 | 004,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020/10/21 07:16:23 | 002,870,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2020/10/21 07:16:23 | 002,466,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2020/10/21 07:
  • ペソネ
  • 2020/11/17 (Tue) 05:18:15
失敗したので最初から貼り直します
失敗したので貼り直します
OTL.txt 1
OTL logfile created on: 2020/11/17 2:17:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.18362.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.03 Gb Available Physical Memory | 63.54% Memory free
9.17 Gb Paging File | 5.96 Gb Available in Paging File | 65.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 186.54 Gb Free Space | 78.63% Space Free | Partition Type: NTFS

Computer Name: XXXXXXX-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2020/11/17 02:09:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXX\Downloads\OTL.exe
PRC - [2020/09/17 02:54:11 | 000,682,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2020/07/22 19:08:29 | 000,387,504 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2019/12/11 20:05:26 | 001,938,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\uiWinMgr.exe
PRC - [2019/12/11 20:02:10 | 000,247,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2019/05/16 08:08:00 | 000,541,672 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDService.exe
PRC - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) -- c:\Windows\SysWOW64\NTMETER.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2019/12/11 20:02:12 | 000,104,592 | ---- | M] () -- C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\boost_thread-vc140-mt-x32-1_69.dll
MOD - [2019/03/19 13:45:16 | 000,046,656 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2020/11/14 14:26:03 | 007,269,976 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2020/11/11 13:06:03 | 000,432,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:54 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 003,806,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 003,732,480 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 001,606,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:50 | 003,552,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:40 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:31 | 000,938,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:29 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 005,284,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:54 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:53 | 000,554,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:25 | 000,711,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:16 | 000,986,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:06 | 001,285,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 002,485,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 000,284,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 001,499,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 001,026,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:56 | 000,271,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 001,077,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,735,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,381,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,381,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2020/09/10 18:14:16 | 000,310,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2020/09/09 13:12:14 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:21 | 000,858,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:19 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:17 | 000,648,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:17 | 000,521,728 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2020/08/16 06:51:30 | 000,629,752 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe -- (jhi_service)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:43 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:40 | 000,157,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:39 | 000,867,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:37 | 000,374,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:36 | 000,340,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:40:05 | 000,405,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:39:46 | 002,136,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2020/07/22 07:39:46 | 001,059,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:55 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:54 | 000,352,256 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:47 | 000,215,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:45 | 001,125,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:37 | 000,179,200 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:36 | 000,931,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:34 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:33 | 000,651,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:33 | 000,128,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:30 | 001,271,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:30 | 000,361,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:28 | 000,243,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,922,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:14:10 | 002,184,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:14:10 | 000,477,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:13:56 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:55 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:54 | 001,393,664 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:43 | 001,536,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:41 | 000,231,912 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 001,263,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 000,943,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2020/05/14 00:35:39 | 000,893,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2020/04/22 14:46:24 | 000,736,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2020/04/22 14:46:22 | 000,139,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2020/04/22 14:45:59 | 000,534,528 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2020/04/22 05:41:28 | 000,783,112 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2020/04/22 05:41:26 | 000,856,848 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:52 | 001,190,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:52 | 000,358,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2020/02/28 15:31:39 | 002,157,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2020/02/14 15:20:19 | 000,157,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2019/12/11 15:32:33 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2019/11/14 15:24:40 | 000,061,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2019/09/27 15:23:56 | 000,599,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2019/09/27 15:23:38 | 000,236,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2019/09/11 14:58:30 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2019/09/11 14:58:28 | 001,158,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2019/09/01 14:48:14 | 000,810,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2019/07/28 13:00:02 | 000,957,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2019/07/28 13:00:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2019/03/19 21:32:45 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:56 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,302,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:54 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:53 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:50 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:38 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:35 | 000,033,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:34 | 000,103,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 001,268,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,263,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:04 | 001,264,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:47 | 000,079,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:47 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:36 | 000,336,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,053,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_d0cd8f)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:23 | 000,239,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,487,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,482,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,190,464 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,050,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:15 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:12 | 000,092,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:11 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:11 | 000,061,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:04 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:03 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:01 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:55 | 000,740,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:53 | 000,831,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 001,063,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 000,422,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 001,390,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,394,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,382,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2018/05/15 12:28:34 | 000,541,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\ibtsiva.exe -- (ibtsiva)
SRV:[b]64bit:[/b] - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV - [2020/11/12 17:33:09 | 001,535,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2020/11/11 13:05:50 | 003,552,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2020/11/10 09:29:17 | 000,243,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2020/11/06 13:49:07 | 002,467,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/11/06 13:49:07 | 000,128,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/10/21 07:16:34 | 005,003,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2020/09/17 02:54:10 | 001,751,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2020/09/17 02:54:09 | 001,246,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2020/09/17 02:54:08 | 000,705,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2020/08/22 15:12:29 | 000,553,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2020/08/16 06:51:30 | 000,629,752 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe -- (jhi_service)
SRV - [2020/07/15 15:39:55 | 000,338,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2020/07/15 15:39:42 | 000,653,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2020/07/15 15:39:42 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2020/05/29 17:19:58 | 000,406,104 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe -- (TmWscSvc)
SRV - [2020/05/14 00:35:52 | 000,185,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2020/05/14 00:35:49 | 000,729,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2020/04/22 14:46:22 | 000,105,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2020/04/22 05:41:28 | 000,783,112 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe -- (Intel(R)
SRV - [2020/04/22 05:41:26 | 000,856,848 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe -- (Intel(R)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2019/09/11 14:58:32 | 000,957,952 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2019/07/28 13:00:19 | 000,072,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2019/05/16 08:08:00 | 000,541,672 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2019/03/19 13:45:58 | 000,029,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/06/09 16:45:46 | 002,413,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\IAStorAfsService\iaStorAfsService.exe -- (iaStorAfsService)
SRV - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- c:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)
  • ペソネ
  • 2020/11/17 (Tue) 05:27:32
Re: リダイレクト?
OTL.txt2です
[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2020/11/16 18:13:07 | 000,248,968 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2020/11/16 18:13:07 | 000,217,600 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2020/11/14 14:26:05 | 000,019,912 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:59 | 000,097,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:53 | 000,400,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:52 | 000,117,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 000,246,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,429,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,071,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2020/11/06 13:49:07 | 000,048,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:37 | 000,084,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:31 | 000,291,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2020/10/21 07:16:15 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2020/09/17 02:54:03 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 000,180,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,251,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,059,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:54 | 000,174,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2020/09/17 02:53:54 | 000,141,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2020/08/22 15:12:16 | 000,555,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2020/08/22 15:12:16 | 000,250,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2020/07/22 07:40:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2020/07/15 15:39:26 | 000,656,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2020/06/10 15:13:55 | 000,531,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2020/06/08 12:43:52 | 000,686,152 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmeyes.sys -- (tmeyes)
DRV:[b]64bit:[/b] - [2020/05/14 00:35:38 | 000,634,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2020/05/14 00:35:38 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2020/04/22 14:46:07 | 000,457,216 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2020/03/27 16:34:48 | 000,160,544 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TMUMH.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2020/03/25 15:48:21 | 000,297,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2020/03/25 15:48:21 | 000,151,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:48 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:42 | 001,972,536 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:40 | 000,201,744 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:38 | 000,337,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:38 | 000,180,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:37 | 000,355,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2020/02/28 15:31:37 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2020/01/18 14:51:05 | 000,043,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:[b]64bit:[/b] - [2019/12/11 15:32:34 | 000,986,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/10/26 15:19:22 | 000,359,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2019/10/09 03:45:20 | 000,225,080 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2019/09/27 15:23:39 | 000,931,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2019/09/27 15:23:37 | 000,079,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2019/09/11 14:58:26 | 000,231,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:14 | 000,182,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,108,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,030,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2019/09/01 14:48:09 | 000,018,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2019/06/28 15:05:46 | 000,257,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2019/06/06 00:06:04 | 000,205,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winquic.sys -- (WinQuic)
DRV:[b]64bit:[/b] - [2019/06/04 16:59:56 | 000,037,552 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2019/05/04 12:58:24 | 000,137,776 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2019/03/19 21:34:19 | 000,031,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2019/03/19 21:34:17 | 000,076,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:50 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:38 | 000,085,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:32 | 000,089,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2019/03/19 13:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:36 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:35 | 000,321,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:35 | 000,034,320 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:21 | 000,021,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,311,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,170,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,093,200 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,085,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,084,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,075,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,074,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,040,760 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:18 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,092,672 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,058,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:01 | 000,070,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2019/03/19 13:44:00 | 000,100,152 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,244,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,136,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,054,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:47 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,056,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:45 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,083,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,058,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,025,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:44 | 000,018,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,181,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,103,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,054,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,053,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,042,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,041,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,022,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:43 | 000,017,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 001,866,768 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 001,150,480 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,885,048 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,566,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,535,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,158,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,153,616 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,127,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,077,832 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,062,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,042,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,037,928 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:41 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:40 | 000,319,528 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:40 | 000,305,672 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 001,135,632 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,259,600 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,220,176 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,148,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,128,528 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,124,448 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,107,528 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,094,736 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,083,464 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,082,960 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,075,280 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,068,624 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,064,528 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,064,016 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,058,896 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,031,240 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,027,176 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:39 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 003,419,176 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,534,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,033,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:38 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:37 | 000,114,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:37 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 007,708,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwtw04.sys -- (Netwtw04)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,064,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:34 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,131,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,037,888 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2019/03/19 13:43:33 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2018/07/31 00:37:46 | 001,138,024 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2018/05/15 12:28:34 | 000,136,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2018/03/08 04:05:24 | 000,562,296 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2018/02/05 15:07:06 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:46 | 000,070,632 | ---- | M] (Intel Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorAfs.sys -- (iaStorAfs)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:44 | 000,894,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,042,592 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfkgtkey.sys -- (MFKGTKEY)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,034,408 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ps2Led.sys -- (Ps2Led)
DRV:[b]64bit:[/b] - [2017/05/16 16:08:30 | 000,031,840 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Ps2LedIF.sys -- (Ps2LedIF)
DRV:[b]64bit:[/b] - [2017/05/15 18:47:04 | 000,782,816 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:[b]64bit:[/b] - [2017/05/10 15:46:18 | 000,147,672 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2017/04/21 17:15:30 | 000,045,960 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necbatt.sys -- (necbatt)
DRV:[b]64bit:[/b] - [2017/04/20 22:00:40 | 000,054,272 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necextif.sys -- (necextif)
DRV:[b]64bit:[/b] - [2017/04/11 11:09:18 | 000,032,024 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioSwitchHID.sys -- (RadioSwitchHID)
DRV:[b]64bit:[/b] - [2017/04/06 07:02:00 | 000,613,448 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)
DRV - [2020/07/22 07:40:04 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2019/09/01 14:48:09 | 000,108,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys -- (UfxChipidea)
DRV - [2019/09/01 14:48:09 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys -- (BasicDisplay)
DRV - [2019/09/01 14:48:09 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys -- (umbus)
DRV - [2019/09/01 14:48:09 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys -- (CompositeBus)
DRV - [2019/09/01 14:48:09 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys -- (BasicRender)
DRV - [2019/09/01 14:48:09 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys -- (UEFI)
DRV - [2019/09/01 14:48:09 | 000,030,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys -- (UrsChipidea)
DRV - [2019/09/01 14:48:09 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys -- (UrsSynopsys)
DRV - [2019/09/01 14:48:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys -- (genericusbfn)
DRV - [2019/09/01 14:48:09 | 000,018,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys -- (swenum)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  • ペソネ
  • 2020/11/17 (Tue) 05:29:02
Re: リダイレクト?
OTL3です
[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found


64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fftmtoolbar@trendmicro.com: C:\PROGRAM FILES (X86)\NTTW\SECURITY\SEC\UIFRAMEWORK\TOOLBAR\FFTMTOOLBAR@TRENDMICRO.COM.XPI [2020/06/17 20:18:46 | 003,471,068 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fftmtoolbar@trendmicro.com: C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2020/06/17 20:18:46 | 003,471,068 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 82.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions
[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\SystemExtensionsDev
[2020/10/21 07:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions
[2020/01/09 15:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295
[2020/11/15 00:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1
[2020/11/17 02:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295
[2020/11/17 02:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295\idb
[2020/10/21 07:23:21 | 002,784,234 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi

O1 HOSTS File: ([2017/09/29 22:44:25 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O2 - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [Platinum] C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files (x86)\NTTW\SECURITY\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-852619868-549112645-581641478-1001..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = XXX.XXX.X.X
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8bd57898-9598-4a71-92ce-2a74e2528dcd}: DhcpNameServer = XXX.XXX.X.X
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {052860C8-3E53-3D0B-9332-48A8B4971352} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {9459C573-B17A-45AE-9F64-1857B5D58CEE} - "C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.69\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8E0A742C-D031-348A-954F-AFE3CB92EFB7} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
  • ペソネ
  • 2020/11/17 (Tue) 05:29:55
Re: リダイレクト?
OTL4です
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2020/11/16 18:13:07 | 000,217,600 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020/11/14 21:31:32 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Geek Uninstaller
[2020/11/14 17:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2020/11/14 17:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2020/11/14 14:26:10 | 000,248,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020/11/14 14:26:07 | 000,019,912 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020/11/14 14:26:06 | 000,153,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020/11/14 14:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2020/11/14 14:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2020/11/11 13:06:03 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2020/11/11 13:06:02 | 002,315,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020/11/11 13:06:02 | 001,615,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020/11/11 13:06:01 | 025,445,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020/11/11 13:06:01 | 004,129,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020/11/11 13:06:01 | 002,495,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020/11/11 13:06:01 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2020/11/11 13:06:01 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2020/11/11 13:06:01 | 000,345,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2020/11/11 13:06:01 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcXtrnal.dll
[2020/11/11 13:06:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2020/11/11 13:06:00 | 007,008,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2020/11/11 13:06:00 | 005,906,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020/11/11 13:06:00 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2020/11/11 13:06:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2020/11/11 13:06:00 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakrathunk.dll
[2020/11/11 13:05:59 | 008,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2020/11/11 13:05:59 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2020/11/11 13:05:59 | 000,406,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2020/11/11 13:05:59 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2020/11/11 13:05:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2020/11/11 13:05:59 | 000,097,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\PktMon.sys
[2020/11/11 13:05:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdSSDP.dll
[2020/11/11 13:05:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2020/11/11 13:05:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcXtrnal.dll
[2020/11/11 13:05:58 | 007,761,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020/11/11 13:05:58 | 004,855,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2020/11/11 13:05:58 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2020/11/11 13:05:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2020/11/11 13:05:58 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakrathunk.dll
[2020/11/11 13:05:57 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2020/11/11 13:05:56 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2020/11/11 13:05:56 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2020/11/11 13:05:55 | 006,527,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:55 | 002,799,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020/11/11 13:05:55 | 001,459,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020/11/11 13:05:55 | 001,397,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020/11/11 13:05:55 | 001,077,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020/11/11 13:05:55 | 000,784,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020/11/11 13:05:55 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2020/11/11 13:05:55 | 000,694,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020/11/11 13:05:55 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2020/11/11 13:05:55 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2020/11/11 13:05:55 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2020/11/11 13:05:55 | 000,453,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2020/11/11 13:05:55 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2020/11/11 13:05:55 | 000,405,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2020/11/11 13:05:55 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2020/11/11 13:05:55 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2020/11/11 13:05:55 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2020/11/11 13:05:55 | 000,211,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020/11/11 13:05:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2020/11/11 13:05:55 | 000,199,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020/11/11 13:05:55 | 000,193,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2020/11/11 13:05:55 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2020/11/11 13:05:55 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdSSDP.dll
[2020/11/11 13:05:55 | 000,089,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2020/11/11 13:05:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020/11/11 13:05:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2020/11/11 13:05:54 | 001,565,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020/11/11 13:05:54 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2020/11/11 13:05:54 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2020/11/11 13:05:54 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2020/11/11 13:05:54 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2020/11/11 13:05:54 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2020/11/11 13:05:54 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2020/11/11 13:05:54 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2020/11/11 13:05:54 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2020/11/11 13:05:54 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2020/11/11 13:05:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2020/11/11 13:05:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2020/11/11 13:05:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2020/11/11 13:05:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2020/11/11 13:05:53 | 007,604,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:53 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020/11/11 13:05:53 | 001,170,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020/11/11 13:05:53 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2020/11/11 13:05:53 | 000,400,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2020/11/11 13:05:53 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2020/11/11 13:05:52 | 009,925,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020/11/11 13:05:52 | 003,806,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020/11/11 13:05:52 | 001,743,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020/11/11 13:05:52 | 001,488,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2020/11/11 13:05:52 | 001,259,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020/11/11 13:05:52 | 000,891,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020/11/11 13:05:52 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2020/11/11 13:05:52 | 000,518,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2020/11/11 13:05:52 | 000,467,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2020/11/11 13:05:52 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RasMediaManager.dll
[2020/11/11 13:05:52 | 000,247,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2020/11/11 13:05:52 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020/11/11 13:05:52 | 000,117,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020/11/11 13:05:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020/11/11 13:05:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindflt.dll
[2020/11/11 13:05:51 | 003,732,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020/11/11 13:05:51 | 003,728,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020/11/11 13:05:51 | 002,712,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020/11/11 13:05:51 | 001,834,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020/11/11 13:05:51 | 001,606,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2020/11/11 13:05:51 | 001,183,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2020/11/11 13:05:51 | 000,874,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020/11/11 13:05:51 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2020/11/11 13:05:51 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2020/11/11 13:05:51 | 000,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020/11/11 13:05:51 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2020/11/11 13:05:51 | 000,425,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2020/11/11 13:05:51 | 000,363,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2020/11/11 13:05:51 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020/11/11 13:05:51 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020/11/11 13:05:51 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiCloudStore.dll
[2020/11/11 13:05:51 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2020/11/11 13:05:51 | 000,246,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2020/11/11 13:05:51 | 000,127,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2020/11/11 13:05:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020/11/11 13:05:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2020/11/11 13:05:51 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiConfigSP.dll
[2020/11/11 13:05:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2020/11/11 13:05:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2020/11/11 13:05:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2020/11/11 13:05:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2020/11/11 13:05:50 | 001,816,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2020/11/11 13:05:50 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2020/11/11 13:05:50 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2020/11/11 13:05:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2020/11/11 13:01:30 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2020/11/11 13:01:30 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2020/11/10 09:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2020/10/21 07:16:49 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2020/10/21 07:16:49 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raserver.exe
[2020/10/21 07:16:49 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raserver.exe
[2020/10/21 07:16:48 | 001,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2020/10/21 07:16:48 | 001,012,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020/10/21 07:16:48 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2020/10/21 07:16:47 | 004,547,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2020/10/21 07:16:47 | 003,525,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020/10/21 07:16:47 | 001,272,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020/10/21 07:16:47 | 001,108,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2020/10/21 07:16:47 | 001,098,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2020/10/21 07:16:45 | 019,812,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020/10/21 07:16:45 | 001,842,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2020/10/21 07:16:45 | 000,892,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2020/10/21 07:16:45 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2020/10/21 07:16:44 | 002,230,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020/10/21 07:16:44 | 001,491,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2020/10/21 07:16:44 | 001,151,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020/10/21 07:16:44 | 000,516,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020/10/21 07:16:41 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2020/10/21 07:16:41 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2020/10/21 07:16:41 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2020/10/21 07:16:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2020/10/21 07:16:40 | 004,608,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2020/10/21 07:16:40 | 002,948,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2020/10/21 07:16:40 | 001,996,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2020/10/21 07:16:40 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2020/10/21 07:16:40 | 000,366,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2020/10/21 07:16:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2020/10/21 07:16:40 | 000,172,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PktMon.exe
[2020/10/21 07:16:40 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2020/10/21 07:16:40 | 000,099,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2020/10/21 07:16:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2020/10/21 07:16:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2020/10/21 07:16:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\delegatorprovider.dll
[2020/10/21 07:16:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi_passthru.dll
[2020/10/21 07:16:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2020/10/21 07:16:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2020/10/21 07:16:38 | 003,694,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2020/10/21 07:16:38 | 002,737,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2020/10/21 07:16:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\delegatorprovider.dll
[2020/10/21 07:16:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi_passthru.dll
[2020/10/21 07:16:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2020/10/21 07:16:37 | 000,775,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020/10/21 07:16:37 | 000,300,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020/10/21 07:16:37 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020/10/21 07:16:37 | 000,093,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020/10/21 07:16:37 | 000,084,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020/10/21 07:16:37 | 000,021,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2020/10/21 07:16:35 | 002,585,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020/10/21 07:16:35 | 001,991,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2020/10/21 07:16:35 | 001,022,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2020/10/21 07:16:35 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2020/10/21 07:16:35 | 000,894,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2020/10/21 07:16:35 | 000,877,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2020/10/21 07:16:35 | 000,538,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2020/10/21 07:16:35 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2020/10/21 07:16:35 | 000,473,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020/10/21 07:16:35 | 000,456,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2020/10/21 07:16:35 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2020/10/21 07:16:35 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2020/10/21 07:16:35 | 000,188,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2020/10/21 07:16:35 | 000,149,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2020/10/21 07:16:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2020/10/21 07:16:34 | 006,071,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020/10/21 07:16:34 | 005,003,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2020/10/21 07:16:34 | 003,741,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2020/10/21 07:16:34 | 002,564,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2020/10/21 07:16:34 | 002,306,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2020/10/21 07:16:34 | 001,673,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:34 | 000,833,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2020/10/21 07:16:34 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:34 | 000,675,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020/10/21 07:16:34 | 000,572,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:34 | 000,564,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2020/10/21 07:16:34 | 000,531,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2020/10/21 07:16:34 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2020/10/21 07:16:34 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2020/10/21 07:16:34 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:34 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2020/10/21 07:16:34 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:34 | 000,165,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:34 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2020/10/21 07:16:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwbase.dll
[2020/10/21 07:16:34 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManagerApi.dll
[2020/10/21 07:16:34 | 000,090,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2020/10/21 07:16:34 | 000,051,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2020/10/21 07:16:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2020/10/21 07:16:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2020/10/21 07:16:33 | 005,112,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2020/10/21 07:16:33 | 004,032,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020/10/21 07:16:33 | 001,957,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2020/10/21 07:16:33 | 001,369,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2020/10/21 07:16:33 | 001,307,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2020/10/21 07:16:33 | 001,048,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2020/10/21 07:16:33 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2020/10/21 07:16:33 | 000,851,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2020/10/21 07:16:33 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2020/10/21 07:16:33 | 000,680,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2020/10/21 07:16:33 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2020/10/21 07:16:33 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2020/10/21 07:16:33 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2020/10/21 07:16:33 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2020/10/21 07:16:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2020/10/21 07:16:33 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2020/10/21 07:16:33 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2020/10/21 07:16:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msobjs.dll
[2020/10/21 07:16:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\amsi.dll
[2020/10/21 07:16:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2020/10/21 07:16:33 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2020/10/21 07:16:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcicda.dll
[2020/10/21 07:16:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2020/10/21 07:16:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciwave.dll
[2020/10/21 07:16:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciseq.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsregtask.dll
[2020/10/21 07:16:32 | 003,761,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2020/10/21 07:16:32 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2020/10/21 07:16:31 | 002,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2020/10/21 07:16:31 | 001,835,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2020/10/21 07:16:31 | 001,101,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2020/10/21 07:16:31 | 000,938,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2020/10/21 07:16:31 | 000,889,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2020/10/21 07:16:31 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2020/10/21 07:16:31 | 000,551,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020/10/21 07:16:31 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2020/10/21 07:16:31 | 000,477,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020/10/21 07:16:31 | 000,423,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2020/10/21 07:16:31 | 000,364,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2020/10/21 07:16:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2020/10/21 07:16:31 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2020/10/21 07:16:31 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2020/10/21 07:16:31 | 000,108,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2020/10/21 07:16:31 | 000,094,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthHost.exe
[2020/10/21 07:16:30 | 003,371,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020/10/21 07:16:30 | 001,998,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020/10/21 07:16:30 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2020/10/21 07:16:30 | 001,393,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020/10/21 07:16:30 | 000,893,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020/10/21 07:16:30 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2020/10/21 07:16:30 | 000,680,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020/10/21 07:16:30 | 000,618,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2020/10/21 07:16:30 | 000,586,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020/10/21 07:16:30 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2020/10/21 07:16:30 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2020/10/21 07:16:30 | 000,132,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2020/10/21 07:16:30 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2020/10/21 07:16:30 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msobjs.dll
[2020/10/21 07:16:30 | 000,024,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2020/10/21 07:16:29 | 006,438,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2020/10/21 07:16:29 | 001,824,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2020/10/21 07:16:29 | 000,821,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2020/10/21 07:16:29 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2020/10/21 07:16:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2020/10/21 07:16:29 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2020/10/21 07:16:29 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2020/10/21 07:16:29 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2020/10/21 07:16:29 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2020/10/21 07:16:29 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2020/10/21 07:16:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2020/10/21 07:16:28 | 000,398,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2020/10/21 07:16:28 | 000,323,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2020/10/21 07:16:27 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2020/10/21 07:16:26 | 006,196,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020/10/21 07:16:26 | 000,598,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2020/10/21 07:16:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Taskbar.dll
[2020/10/21 07:16:25 | 005,284,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2020/10/21 07:16:25 | 003,387,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2020/10/21 07:16:25 | 001,656,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020/10/21 07:16:25 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2020/10/21 07:16:25 | 001,285,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2020/10/21 07:16:25 | 001,274,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:25 | 001,096,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2020/10/21 07:16:25 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2020/10/21 07:16:25 | 000,716,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2020/10/21 07:16:25 | 000,684,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2020/10/21 07:16:25 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2020/10/21 07:16:25 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2020/10/21 07:16:25 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2020/10/21 07:16:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2020/10/21 07:16:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2020/10/21 07:16:25 | 000,214,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2020/10/21 07:16:25 | 000,209,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:25 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:25 | 000,180,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2020/10/21 07:16:25 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwbase.dll
[2020/10/21 07:16:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudDomainJoinAUG.dll
[2020/10/21 07:16:25 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2020/10/21 07:16:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2020/10/21 07:16:25 | 000,105,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2020/10/21 07:16:25 | 000,104,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:25 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpnUserService.dll
[2020/10/21 07:16:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2020/10/21 07:16:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2020/10/21 07:16:24 | 007,913,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020/10/21 07:16:24 | 004,471,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2020/10/21 07:16:24 | 003,265,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2020/10/21 07:16:24 | 002,261,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:24 | 002,073,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2020/10/21 07:16:24 | 001,282,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2020/10/21 07:16:24 | 001,083,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2020/10/21 07:16:24 | 000,916,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020/10/21 07:16:24 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:24 | 000,642,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2020/10/21 07:16:24 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2020/10/21 07:16:24 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerApi.dll
[2020/10/21 07:16:24 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2020/10/21 07:16:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2020/10/21 07:16:23 | 004,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020/10/21 07:16:23 | 002,870,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2020/10/21 07:16:23 | 002,466,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2020/10/21 07:16:23 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2020/10/21 07:16:23 | 000,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2020/10/21 07:16:23 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2020/10/21 07:16:23 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2020/10/21 07:16:23 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2020/10/21 07:16:23 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2020/10/21 07:16:23 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2020/10/21 07:16:23 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2020/10/21 07:16:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2020/10/21 07:16:18 | 007,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2020/10/21 07:16:18 | 002,505,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2020/10/21 07:16:18 | 002,296,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020/10/21 07:16:18 | 001,751,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020/10/21 07:16:18 | 001,150,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020/10/21 07:16:18 | 001,017,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2020/10/21 07:16:18 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2020/10/21 07:16:18 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2020/10/21 07:16:18 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2020/10/21 07:16:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2020/10/21 07:16:18 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2020/10/21 07:16:18 | 000,047,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2020/10/21 07:16:17 | 017,790,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2020/10/21 07:16:17 | 001,784,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2020/10/21 07:16:17 | 001,385,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2020/10/21 07:16:16 | 006,233,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020/10/21 07:16:16 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2020/10/21 07:16:16 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2020/10/21 07:16:15 | 004,685,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020/10/21 07:16:15 | 002,985,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FluencyDS.dll
[2020/10/21 07:16:15 | 001,746,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2020/10/21 07:16:15 | 001,127,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcRefreshTask.dll
[2020/10/21 07:16:15 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2020/10/21 07:16:15 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2020/10/21 07:16:15 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxAPDS.dll
[2020/10/21 07:16:15 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxHAPDS.dll
[2020/10/21 07:16:15 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtCangjieDS.dll
[2020/10/21 07:16:15 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtBopomofoDS.dll
[2020/10/21 07:16:15 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtHkStrokeDS.dll
[2020/10/21 07:16:15 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChsStrokeDS.dll
[2020/10/21 07:16:15 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtQuickDS.dll
[2020/10/21 07:16:15 | 000,374,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpndecoder.dll
[2020/10/21 07:16:15 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxDecoder.dll
[2020/10/21 07:16:15 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chxinputrouter.dll
[2020/10/21 07:16:15 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2020/10/21 07:16:15 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2020/10/21 07:16:15 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MtfDecoder.dll
[2020/10/21 07:16:15 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcTok.exe
[2020/10/21 07:16:15 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.Ngc.dll
[2020/10/21 07:16:15 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpnranker.dll
[2020/10/21 07:16:15 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2020/10/21 07:16:15 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\trie.dll
[2020/10/21 07:16:15 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.System.UserProfile.dll
[2020/10/21 07:16:15 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFFuzzyDS.dll
[2020/10/21 07:16:15 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdvancedEmojiDS.dll
[2020/10/21 07:16:15 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VocabRoamingHandler.dll
[2020/10/21 07:16:15 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chxranker.dll
[2020/10/21 07:16:15 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2020/10/21 07:16:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFSpellcheckDS.dll
[2020/10/21 07:16:15 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HashtagDS.dll
[2020/10/21 07:16:15 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtAdvancedDS.dll
[2020/10/21 07:16:15 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFAppServiceDS.dll
[2020/10/21 07:16:15 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RuleBasedDS.dll
[2020/10/21 07:16:15 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpninputrouter.dll
[2020/10/21 07:16:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\amsi.dll
[2020/10/21 07:16:15 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2020/10/21 07:16:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TransliterationRanker.dll
[2020/10/21 07:16:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmojiDS.dll
[2020/10/21 07:16:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2020/10/21 07:16:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcicda.dll
[2020/10/21 07:16:15 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2020/10/21 07:16:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciwave.dll
[2020/10/21 07:16:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\KNetPwrDepBroker.sys
[2020/10/21 07:16:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciseq.dll
[2020/10/21 07:16:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregtask.dll
[2020/10/21 07:16:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll
[2020/10/21 07:16:15 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\amsiproxy.dll
  • ペソネ
  • 2020/11/17 (Tue) 05:30:44
Re: リダイレクト?
OTL5です
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2020/11/17 02:21:37 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2020/11/17 02:00:10 | 3399,548,928 | -HS- | M] () -- C:\hiberfil.sys
[2020/11/16 18:19:57 | 001,451,806 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2020/11/16 18:19:57 | 000,701,782 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2020/11/16 18:19:57 | 000,482,994 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2020/11/16 18:19:57 | 000,133,526 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2020/11/16 18:19:57 | 000,133,094 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2020/11/16 18:13:07 | 000,248,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020/11/16 18:13:07 | 000,217,600 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020/11/16 18:13:02 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2020/11/16 01:43:48 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2020/11/15 00:04:02 | 000,002,258 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2020/11/14 17:11:36 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020/11/14 14:26:19 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020/11/14 14:26:05 | 000,153,312 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020/11/14 14:26:05 | 000,019,912 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020/11/11 13:11:11 | 000,306,544 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2020/11/11 13:06:03 | 000,432,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2020/11/11 13:06:02 | 025,445,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020/11/11 13:06:02 | 002,315,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020/11/11 13:06:02 | 001,615,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020/11/11 13:06:01 | 007,008,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2020/11/11 13:06:01 | 004,129,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020/11/11 13:06:01 | 002,495,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020/11/11 13:06:01 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2020/11/11 13:06:01 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2020/11/11 13:06:01 | 000,345,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2020/11/11 13:06:01 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcXtrnal.dll
[2020/11/11 13:06:01 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2020/11/11 13:06:00 | 005,906,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020/11/11 13:06:00 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2020/11/11 13:06:00 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2020/11/11 13:06:00 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakrathunk.dll
[2020/11/11 13:05:59 | 008,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2020/11/11 13:05:59 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2020/11/11 13:05:59 | 000,406,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2020/11/11 13:05:59 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2020/11/11 13:05:59 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2020/11/11 13:05:59 | 000,097,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\PktMon.sys
[2020/11/11 13:05:59 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdSSDP.dll
[2020/11/11 13:05:59 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2020/11/11 13:05:59 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcXtrnal.dll
[2020/11/11 13:05:58 | 007,761,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020/11/11 13:05:58 | 004,855,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2020/11/11 13:05:58 | 000,705,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2020/11/11 13:05:58 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2020/11/11 13:05:58 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakrathunk.dll
[2020/11/11 13:05:57 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2020/11/11 13:05:57 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2020/11/11 13:05:56 | 001,285,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2020/11/11 13:05:55 | 006,527,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:55 | 002,799,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020/11/11 13:05:55 | 001,565,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020/11/11 13:05:55 | 001,459,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020/11/11 13:05:55 | 001,397,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020/11/11 13:05:55 | 001,077,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020/11/11 13:05:55 | 000,784,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020/11/11 13:05:55 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2020/11/11 13:05:55 | 000,694,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020/11/11 13:05:55 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2020/11/11 13:05:55 | 000,499,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2020/11/11 13:05:55 | 000,496,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2020/11/11 13:05:55 | 000,453,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2020/11/11 13:05:55 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2020/11/11 13:05:55 | 000,405,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2020/11/11 13:05:55 | 000,328,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2020/11/11 13:05:55 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2020/11/11 13:05:55 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2020/11/11 13:05:55 | 000,211,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020/11/11 13:05:55 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2020/11/11 13:05:55 | 000,199,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020/11/11 13:05:55 | 000,193,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2020/11/11 13:05:55 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2020/11/11 13:05:55 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdSSDP.dll
[2020/11/11 13:05:55 | 000,089,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2020/11/11 13:05:55 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020/11/11 13:05:55 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth9.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth12.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth11.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth10.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin
[2020/11/11 13:05:54 | 000,956,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2020/11/11 13:05:54 | 000,911,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2020/11/11 13:05:54 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2020/11/11 13:05:54 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2020/11/11 13:05:54 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2020/11/11 13:05:54 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2020/11/11 13:05:54 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2020/11/11 13:05:54 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2020/11/11 13:05:54 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2020/11/11 13:05:54 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2020/11/11 13:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2020/11/11 13:05:54 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2020/11/11 13:05:54 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2020/11/11 13:05:53 | 009,925,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020/11/11 13:05:53 | 007,604,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020/11/11 13:05:53 | 001,698,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020/11/11 13:05:53 | 001,170,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020/11/11 13:05:53 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2020/11/11 13:05:53 | 000,400,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2020/11/11 13:05:53 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2020/11/11 13:05:52 | 003,806,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020/11/11 13:05:52 | 003,728,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020/11/11 13:05:52 | 001,743,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020/11/11 13:05:52 | 001,488,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2020/11/11 13:05:52 | 001,259,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020/11/11 13:05:52 | 000,891,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020/11/11 13:05:52 | 000,544,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2020/11/11 13:05:52 | 000,518,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2020/11/11 13:05:52 | 000,467,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2020/11/11 13:05:52 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RasMediaManager.dll
[2020/11/11 13:05:52 | 000,247,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2020/11/11 13:05:52 | 000,222,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020/11/11 13:05:52 | 000,117,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020/11/11 13:05:52 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020/11/11 13:05:52 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindflt.dll
[2020/11/11 13:05:51 | 003,732,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020/11/11 13:05:51 | 002,876,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2020/11/11 13:05:51 | 002,712,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020/11/11 13:05:51 | 001,834,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020/11/11 13:05:51 | 001,606,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2020/11/11 13:05:51 | 001,183,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2020/11/11 13:05:51 | 000,874,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020/11/11 13:05:51 | 000,863,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2020/11/11 13:05:51 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2020/11/11 13:05:51 | 000,441,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020/11/11 13:05:51 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2020/11/11 13:05:51 | 000,425,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2020/11/11 13:05:51 | 000,363,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2020/11/11 13:05:51 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020/11/11 13:05:51 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020/11/11 13:05:51 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiCloudStore.dll
[2020/11/11 13:05:51 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2020/11/11 13:05:51 | 000,246,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2020/11/11 13:05:51 | 000,127,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2020/11/11 13:05:51 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020/11/11 13:05:51 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2020/11/11 13:05:51 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiConfigSP.dll
[2020/11/11 13:05:51 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2020/11/11 13:05:51 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2020/11/11 13:05:51 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2020/11/11 13:05:51 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2020/11/11 13:05:50 | 001,816,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2020/11/11 13:05:50 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2020/11/11 13:05:50 | 000,372,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2020/11/11 13:05:50 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2020/11/06 13:49:07 | 000,429,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2020/11/06 13:49:07 | 000,071,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2020/11/06 13:49:07 | 000,048,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2020/10/21 07:16:49 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2020/10/21 07:16:49 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raserver.exe
[2020/10/21 07:16:49 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raserver.exe
[2020/10/21 07:16:48 | 003,525,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020/10/21 07:16:48 | 001,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2020/10/21 07:16:48 | 001,012,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020/10/21 07:16:48 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2020/10/21 07:16:47 | 004,547,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2020/10/21 07:16:47 | 001,272,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020/10/21 07:16:47 | 001,108,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2020/10/21 07:16:47 | 001,098,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2020/10/21 07:16:46 | 019,812,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020/10/21 07:16:45 | 001,842,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2020/10/21 07:16:45 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2020/10/21 07:16:45 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2020/10/21 07:16:44 | 002,230,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020/10/21 07:16:44 | 001,491,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2020/10/21 07:16:44 | 001,151,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020/10/21 07:16:44 | 000,516,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020/10/21 07:16:41 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2020/10/21 07:16:41 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2020/10/21 07:16:41 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2020/10/21 07:16:41 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2020/10/21 07:16:40 | 004,608,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2020/10/21 07:16:40 | 002,948,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2020/10/21 07:16:40 | 001,996,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2020/10/21 07:16:40 | 000,743,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2020/10/21 07:16:40 | 000,366,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2020/10/21 07:16:40 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2020/10/21 07:16:40 | 000,172,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PktMon.exe
[2020/10/21 07:16:40 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2020/10/21 07:16:40 | 000,099,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2020/10/21 07:16:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2020/10/21 07:16:40 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2020/10/21 07:16:40 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\delegatorprovider.dll
[2020/10/21 07:16:40 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi_passthru.dll
[2020/10/21 07:16:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2020/10/21 07:16:39 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2020/10/21 07:16:38 | 003,694,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2020/10/21 07:16:38 | 002,737,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2020/10/21 07:16:38 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\delegatorprovider.dll
[2020/10/21 07:16:38 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi_passthru.dll
[2020/10/21 07:16:38 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2020/10/21 07:16:37 | 000,775,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020/10/21 07:16:37 | 000,300,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020/10/21 07:16:37 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020/10/21 07:16:37 | 000,093,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020/10/21 07:16:37 | 000,084,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020/10/21 07:16:37 | 000,021,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2020/10/21 07:16:35 | 003,741,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2020/10/21 07:16:35 | 002,585,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020/10/21 07:16:35 | 001,991,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2020/10/21 07:16:35 | 001,022,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2020/10/21 07:16:35 | 000,899,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2020/10/21 07:16:35 | 000,894,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2020/10/21 07:16:35 | 000,877,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2020/10/21 07:16:35 | 000,538,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2020/10/21 07:16:35 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2020/10/21 07:16:35 | 000,473,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020/10/21 07:16:35 | 000,456,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2020/10/21 07:16:35 | 000,307,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2020/10/21 07:16:35 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2020/10/21 07:16:35 | 000,188,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2020/10/21 07:16:35 | 000,149,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2020/10/21 07:16:35 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2020/10/21 07:16:34 | 006,071,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020/10/21 07:16:34 | 005,003,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2020/10/21 07:16:34 | 002,564,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2020/10/21 07:16:34 | 002,306,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2020/10/21 07:16:34 | 001,673,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:34 | 001,101,312 | ---- | M] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2020/10/21 07:16:34 | 000,833,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2020/10/21 07:16:34 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:34 | 000,675,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020/10/21 07:16:34 | 000,572,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:34 | 000,564,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2020/10/21 07:16:34 | 000,531,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2020/10/21 07:16:34 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2020/10/21 07:16:34 | 000,283,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2020/10/21 07:16:34 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:34 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2020/10/21 07:16:34 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:34 | 000,165,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:34 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2020/10/21 07:16:34 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwbase.dll
[2020/10/21 07:16:34 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManagerApi.dll
[2020/10/21 07:16:34 | 000,090,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:34 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2020/10/21 07:16:34 | 000,051,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2020/10/21 07:16:34 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2020/10/21 07:16:34 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:34 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2020/10/21 07:16:33 | 005,112,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2020/10/21 07:16:33 | 004,032,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020/10/21 07:16:33 | 001,957,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2020/10/21 07:16:33 | 001,369,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2020/10/21 07:16:33 | 001,307,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2020/10/21 07:16:33 | 001,048,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2020/10/21 07:16:33 | 000,863,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2020/10/21 07:16:33 | 000,862,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2020/10/21 07:16:33 | 000,851,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2020/10/21 07:16:33 | 000,696,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2020/10/21 07:16:33 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2020/10/21 07:16:33 | 000,512,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2020/10/21 07:16:33 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2020/10/21 07:16:33 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2020/10/21 07:16:33 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2020/10/21 07:16:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2020/10/21 07:16:33 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2020/10/21 07:16:33 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2020/10/21 07:16:33 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msobjs.dll
[2020/10/21 07:16:33 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\amsi.dll
[2020/10/21 07:16:33 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2020/10/21 07:16:33 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2020/10/21 07:16:33 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcicda.dll
[2020/10/21 07:16:33 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2020/10/21 07:16:33 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciwave.dll
[2020/10/21 07:16:33 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciseq.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2020/10/21 07:16:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsregtask.dll
[2020/10/21 07:16:32 | 003,761,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2020/10/21 07:16:31 | 002,147,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2020/10/21 07:16:31 | 001,835,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2020/10/21 07:16:31 | 001,101,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2020/10/21 07:16:31 | 000,938,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2020/10/21 07:16:31 | 000,889,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2020/10/21 07:16:31 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2020/10/21 07:16:31 | 000,551,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020/10/21 07:16:31 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2020/10/21 07:16:31 | 000,477,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020/10/21 07:16:31 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2020/10/21 07:16:31 | 000,364,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2020/10/21 07:16:31 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2020/10/21 07:16:31 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2020/10/21 07:16:31 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2020/10/21 07:16:31 | 000,108,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2020/10/21 07:16:31 | 000,094,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthHost.exe
[2020/10/21 07:16:30 | 003,371,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020/10/21 07:16:30 | 001,998,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020/10/21 07:16:30 | 001,669,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2020/10/21 07:16:30 | 001,393,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020/10/21 07:16:30 | 000,893,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020/10/21 07:16:30 | 000,863,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2020/10/21 07:16:30 | 000,680,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020/10/21 07:16:30 | 000,618,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2020/10/21 07:16:30 | 000,586,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020/10/21 07:16:30 | 000,435,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2020/10/21 07:16:30 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2020/10/21 07:16:30 | 000,132,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2020/10/21 07:16:30 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2020/10/21 07:16:30 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msobjs.dll
[2020/10/21 07:16:30 | 000,024,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2020/10/21 07:16:29 | 006,438,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2020/10/21 07:16:29 | 001,824,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreShell.dll
[2020/10/21 07:16:29 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2020/10/21 07:16:29 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2020/10/21 07:16:29 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2020/10/21 07:16:29 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2020/10/21 07:16:29 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2020/10/21 07:16:29 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2020/10/21 07:16:29 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2020/10/21 07:16:29 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2020/10/21 07:16:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2020/10/21 07:16:28 | 000,398,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2020/10/21 07:16:28 | 000,323,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2020/10/21 07:16:27 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2020/10/21 07:16:26 | 006,196,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020/10/21 07:16:26 | 000,598,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2020/10/21 07:16:26 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Taskbar.dll
[2020/10/21 07:16:25 | 005,284,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2020/10/21 07:16:25 | 003,387,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2020/10/21 07:16:25 | 001,656,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020/10/21 07:16:25 | 001,632,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2020/10/21 07:16:25 | 001,285,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2020/10/21 07:16:25 | 001,274,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2020/10/21 07:16:25 | 001,096,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2020/10/21 07:16:25 | 000,733,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2020/10/21 07:16:25 | 000,716,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2020/10/21 07:16:25 | 000,684,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2020/10/21 07:16:25 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2020/10/21 07:16:25 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2020/10/21 07:16:25 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2020/10/21 07:16:25 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2020/10/21 07:16:25 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2020/10/21 07:16:25 | 000,214,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2020/10/21 07:16:25 | 000,209,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2020/10/21 07:16:25 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2020/10/21 07:16:25 | 000,180,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2020/10/21 07:16:25 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwbase.dll
[2020/10/21 07:16:25 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudDomainJoinAUG.dll
[2020/10/21 07:16:25 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2020/10/21 07:16:25 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2020/10/21 07:16:25 | 000,105,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2020/10/21 07:16:25 | 000,104,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2020/10/21 07:16:25 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpnUserService.dll
[2020/10/21 07:16:25 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2020/10/21 07:16:25 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2020/10/21 07:16:25 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2020/10/21 07:16:24 | 007,913,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020/10/21 07:16:24 | 004,471,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2020/10/21 07:16:24 | 003,265,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2020/10/21 07:16:24 | 002,870,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2020/10/21 07:16:24 | 002,261,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2020/10/21 07:16:24 | 002,073,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2020/10/21 07:16:24 | 001,841,152 | ---- | M] () -- C:\WINDOWS\SysNative\TextInputMethodFormatter.dll
[2020/10/21 07:16:24 | 001,282,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2020/10/21 07:16:24 | 001,083,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2020/10/21 07:16:24 | 000,916,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020/10/21 07:16:24 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2020/10/21 07:16:24 | 000,642,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2020/10/21 07:16:24 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2020/10/21 07:16:24 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2020/10/21 07:16:24 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerApi.dll
[2020/10/21 07:16:24 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2020/10/21 07:16:24 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2020/10/21 07:16:23 | 004,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020/10/21 07:16:23 | 002,466,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2020/10/21 07:16:23 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2020/10/21 07:16:23 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2020/10/21 07:16:23 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2020/10/21 07:16:23 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2020/10/21 07:16:23 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2020/10/21 07:16:23 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2020/10/21 07:16:23 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2020/10/21 07:16:23 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2020/10/21 07:16:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2020/10/21 07:16:18 | 007,846,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2020/10/21 07:16:18 | 002,505,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2020/10/21 07:16:18 | 002,296,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020/10/21 07:16:18 | 001,751,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020/10/21 07:16:18 | 001,150,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020/10/21 07:16:18 | 001,017,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2020/10/21 07:16:18 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2020/10/21 07:16:18 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2020/10/21 07:16:18 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2020/10/21 07:16:18 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2020/10/21 07:16:18 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2020/10/21 07:16:18 | 000,047,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2020/10/21 07:16:17 | 017,790,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2020/10/21 07:16:17 | 001,784,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2020/10/21 07:16:17 | 001,385,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2020/10/21 07:16:16 | 006,233,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020/10/21 07:16:16 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2020/10/21 07:16:16 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2020/10/21 07:16:16 | 000,164,864 | ---- | M] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe
[2020/10/21 07:16:15 | 004,685,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020/10/21 07:16:15 | 002,985,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FluencyDS.dll
[2020/10/21 07:16:15 | 001,746,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2020/10/21 07:16:15 | 001,127,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcRefreshTask.dll
[2020/10/21 07:16:15 | 001,075,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2020/10/21 07:16:15 | 000,825,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2020/10/21 07:16:15 | 000,532,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxAPDS.dll
[2020/10/21 07:16:15 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxHAPDS.dll
[2020/10/21 07:16:15 | 000,460,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtCangjieDS.dll
[2020/10/21 07:16:15 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtBopomofoDS.dll
[2020/10/21 07:16:15 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtHkStrokeDS.dll
[2020/10/21 07:16:15 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChsStrokeDS.dll
[2020/10/21 07:16:15 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtQuickDS.dll
[2020/10/21 07:16:15 | 000,374,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpndecoder.dll
[2020/10/21 07:16:15 | 000,373,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChxDecoder.dll
[2020/10/21 07:16:15 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chxinputrouter.dll
[2020/10/21 07:16:15 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2020/10/21 07:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2020/10/21 07:16:15 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MtfDecoder.dll
[2020/10/21 07:16:15 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcTok.exe
[2020/10/21 07:16:15 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.Ngc.dll
[2020/10/21 07:16:15 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpnranker.dll
[2020/10/21 07:16:15 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2020/10/21 07:16:15 | 000,200,704 | ---- | M] () -- C:\WINDOWS\SysNative\IHDS.dll
[2020/10/21 07:16:15 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\trie.dll
[2020/10/21 07:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.System.UserProfile.dll
[2020/10/21 07:16:15 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFFuzzyDS.dll
[2020/10/21 07:16:15 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdvancedEmojiDS.dll
[2020/10/21 07:16:15 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VocabRoamingHandler.dll
[2020/10/21 07:16:15 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chxranker.dll
[2020/10/21 07:16:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2020/10/21 07:16:15 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFSpellcheckDS.dll
[2020/10/21 07:16:15 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HashtagDS.dll
[2020/10/21 07:16:15 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChtAdvancedDS.dll
[2020/10/21 07:16:15 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTFAppServiceDS.dll
[2020/10/21 07:16:15 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RuleBasedDS.dll
[2020/10/21 07:16:15 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jpninputrouter.dll
[2020/10/21 07:16:15 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\amsi.dll
[2020/10/21 07:16:15 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2020/10/21 07:16:15 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TransliterationRanker.dll
[2020/10/21 07:16:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmojiDS.dll
[2020/10/21 07:16:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2020/10/21 07:16:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcicda.dll
[2020/10/21 07:16:15 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2020/10/21 07:16:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciwave.dll
[2020/10/21 07:16:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\KNetPwrDepBroker.sys
[2020/10/21 07:16:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciseq.dll
[2020/10/21 07:16:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregtask.dll
[2020/10/21 07:16:15 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll
[2020/10/21 07:16:15 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\amsiproxy.dll
  • ペソネ
  • 2020/11/17 (Tue) 05:31:28
Re: リダイレクト?
OTL6です
[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2020/11/16 01:43:48 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2020/11/14 17:11:36 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020/11/14 14:26:19 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
[2020/11/14 14:26:19 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth9.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth12.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth11.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth10.bin
[2020/11/11 13:05:55 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin
[2020/10/21 07:16:34 | 001,101,312 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2020/10/21 07:16:24 | 001,841,152 | ---- | C] () -- C:\WINDOWS\SysNative\TextInputMethodFormatter.dll
[2020/10/21 07:16:16 | 000,164,864 | ---- | C] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe
[2020/10/21 07:16:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysNative\IHDS.dll
[2020/02/20 03:00:38 | 001,361,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2020/02/20 03:00:38 | 001,361,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2020/02/20 03:00:36 | 000,953,928 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
[2020/02/20 03:00:36 | 000,953,928 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2020/02/20 03:00:26 | 000,154,608 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2020/02/20 03:00:26 | 000,138,736 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2020/02/20 03:00:26 | 000,127,496 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2019/12/17 16:44:37 | 000,000,036 | ---- | C] () -- C:\Users\XXXX\AppData\Local\housecall.guid.cache
[2019/12/17 15:39:44 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2019/12/17 15:19:43 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2019/12/17 15:15:18 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2019/12/17 15:15:18 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2019/12/17 15:15:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2019/03/19 13:46:09 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2019/03/19 13:46:04 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2019/03/19 13:45:59 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2019/03/19 13:45:19 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2019/03/19 13:45:16 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2019/03/19 13:45:16 | 000,046,656 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2019/03/19 13:45:13 | 003,577,856 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2019/03/19 13:45:13 | 000,208,384 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2019/03/19 13:45:13 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2019/03/19 13:45:13 | 000,064,000 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2019/03/19 13:45:13 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2019/03/19 13:45:07 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2019/03/19 13:44:58 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2019/03/19 13:44:30 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2020/10/21 07:16:24 | 007,913,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2020/10/21 07:16:34 | 006,071,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2019/03/19 13:43:54 | 001,031,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2019/03/19 13:45:12 | 000,810,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019/03/19 13:44:00 | 000,532,992 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2020/11/14 14:26:06 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk
[2019/12/17 16:17:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2018/05/11 12:31:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2020/11/14 21:35:09 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Settings
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2019/12/17 16:23:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\2020-04-02-07-07-54
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR\2020-04-02-07-07-54
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44
[2020/04/02 16:07:54 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44\2020-04-02-07-07-54
[2019/12/17 15:43:03 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Settings
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2019/12/17 16:23:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2019/12/17 15:47:45 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData
[2019/12/17 16:18:37 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\MicrosoftEdgeBackups
[2020/10/01 11:43:01 | 000,000,000 | RH-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\Burn\Burn
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2020/11/16 20:25:06 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\Content.MSO
[2020/04/02 16:01:33 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2019/12/17 15:22:33 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2019/12/17 15:51:14 | 000,000,000 | -H-D | M] -- C:\Users\Default\Pictures\NEC
[2020/10/21 07:20:46 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2020/11/14 17:11:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2019/12/17 15:15:15 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2020/11/14 14:26:07 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2019/12/17 15:15:13 | 000,000,000 | -H-D | M] -- C:\Windows\LanguageOverlayCache
[2019/12/21 15:30:39 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2019/12/20 11:53:48 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2020/11/16 01:43:48 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG MZ7LN256HAJQ-000L7
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 237.00GB
Starting Offset: 290455552
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,000.00MB
Starting Offset: 255011586048
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2020/10/21 07:16:18 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:16 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:18 | 001,588,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:01 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:34 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2020/07/15 15:39:42 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:53 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2020/10/15 02:14:57 | 000,336,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
No service found with a name of Browser
SRV:[b]64bit:[/b] - [2019/03/19 13:44:35 | 000,096,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:30 | 001,260,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:29 | 000,388,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2020/10/21 07:16:35 | 000,321,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:29 | 000,350,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2019/03/19 13:43:49 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:50 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2019/03/19 13:45:24 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2020/04/15 09:18:24 | 000,629,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:47 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2020/06/10 15:13:58 | 000,457,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2020/10/15 02:14:51 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:54 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2020/07/15 15:39:37 | 000,382,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2019/10/26 15:19:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:21 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2020/06/10 15:13:55 | 000,765,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2019/03/19 13:45:02 | 000,104,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:54 | 000,951,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:30 | 001,260,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2020/08/22 15:12:23 | 000,057,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2019/10/26 15:19:23 | 000,322,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:36 | 000,280,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:38 | 000,252,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2019/03/19 13:45:59 | 000,197,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2020/10/21 07:16:29 | 000,859,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:46 | 000,309,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2020/08/12 08:39:47 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2019/03/19 13:44:33 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:30 | 000,492,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2020/06/10 15:13:58 | 001,447,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 001,942,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2020/09/17 02:53:55 | 000,735,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2020/10/15 02:14:59 | 000,148,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV - [2020/11/06 13:49:07 | 000,128,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2020/09/17 02:54:02 | 001,918,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:25 | 001,062,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (mpssvc)
SRV:[b]64bit:[/b] - [2020/08/12 08:39:43 | 000,671,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2019/03/19 13:45:45 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2019/03/19 13:46:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:17 | 000,233,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:18 | 003,136,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2020/04/15 09:18:22 | 000,268,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2020/11/11 13:05:51 | 002,656,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2020/10/21 07:16:31 | 000,295,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • ペソネ
  • 2020/11/17 (Tue) 05:32:14
Re: リダイレクト?
ついでにExtraも貼り直します
OTL Extras logfile created on: 2020/11/17 2:17:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.18362.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.03 Gb Available Physical Memory | 63.54% Memory free
9.17 Gb Paging File | 5.96 Gb Available in Paging File | 65.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 186.54 Gb Free Space | 78.63% Space Free | Partition Type: NTFS

Computer Name: XXXXXXX-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}]
"GUID" = {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
"DISPLAYNAME" = セキュリティ対策ツール
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\wschandler.exe -- (Trend Micro Inc.)
"REPORTINGEXE" = C:\Program Files (x86)\NTTW\SECURITY\SEC\TmWscSvc\WSCStatusController.exe -- (Trend Micro Inc.)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 54 84 DF 38 A5 B4 D5 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{44DF463F-C324-4547-8A2C-70ED8D74DD68}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BBE136-B217-4929-AD0A-855A2C9AB0DA}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{06ED0B48-7254-4779-95CA-39DEDDDDF7F8}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{09516E8F-2620-4EDD-BB35-E82B58353BBA}" = dir=in | name=@{microsoft.ppiprojection_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{09E320FC-6C25-4D4D-BE1D-DCFBAD37CD78}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{1436A383-021A-4BB8-A1CA-5819D581AC80}" = dir=out | name=@{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{16588BDC-93EF-4A13-970C-BF1D56BF6A32}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{18439F03-29F2-40DE-8C3E-F5F15455DD4C}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{1946B34C-D04B-4BA3-AAC7-EC3A98AE2222}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{1E126ACC-DC50-494B-86C7-5FDFD719C694}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2336D763-85DD-42C8-A70E-242E230FD276}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{2EBD88AB-4D32-4919-AA7D-9B50EA5E9B48}" = dir=out | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{2EBF9F19-A0FA-4803-86AB-253947F19D70}" = dir=out | name=windows_ie_ac_001 |
"{2EF67650-8EDC-45C9-A153-56922FCBA08B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{329E52E5-2A16-45B1-8749-B99B9BBB9D5E}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{36D4099B-04BA-4201-8BD4-6AD66FCB6FB8}" = dir=out | name=@{microsoft.win32webviewhost_10.0.18362.997_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{3A0D707D-65B8-4D47-A8A4-C06CDDD31DDB}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{47276C68-D9CD-4868-B343-094B12BBDEB5}" = dir=in | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{477C7975-2E46-486B-95F5-2FE66731674B}" = dir=out | name=@{microsoft.windowsmaps_10.2009.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{49B45C73-7FAA-414C-ACF0-F7E7907A76D2}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{4A2FBF01-A842-4887-8439-41B2DD1890E3}" = dir=out | name=xbox game bar |
"{4BEDB080-F9F4-4F47-93C5-7CAA746C5200}" = dir=out | name=print 3d |
"{50631FDC-A169-498C-B9D2-F73F6702F6D5}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{52BBF934-9F49-4964-B237-9CED440587FD}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{533122CD-E2E4-46E0-B1FA-E5FE11447714}" = dir=out | name=@{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{5485F6EA-9A84-44B8-80A7-8B08A2DB1500}" = dir=out | name=@{microsoft.storepurchaseapp_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{67AD64DE-A134-4355-A731-B238354E6FEF}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{6912D4B8-2B5E-4DCE-8949-2217339AAEDB}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{69210A7E-75CF-4FD5-8BCF-63A3FA4BE202}" = dir=in | name=print 3d |
"{6B4C7DC8-001C-40CD-B570-B89BC24EFAEC}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2009.29132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{6B91CD0D-42FE-4A4E-8FC8-AA04D0620041}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{6C90391B-6F1F-43EA-A890-63475EFDB2D0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{6D018593-548E-4D7F-8497-A7796238B8F0}" = dir=in | name=@{microsoft.windows.shellexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{6D89D248-7483-4F5D-B270-678D5E5CD190}" = dir=in | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{6EF1C03B-1C8F-4481-B3BC-B550E3706635}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{70124113-1224-48AA-988E-DEA3F45D7C61}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{70543954-6DAD-436B-9254-3BEC324DA250}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{745020ED-1C20-4DFF-B9C0-D2E63B80CBE4}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{750CEEFE-D50C-4125-9AA3-680C4AE1BE03}" = dir=in | name=@{microsoft.oneconnect_5.2011.3081.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{76A8878F-B9CE-4638-A15A-D6C95F8846E4}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{78AE7DC4-BEB4-45A8-860C-FBF6B810E89D}" = dir=in | name=@{microsoft.zunevideo_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7BC297ED-2BB3-4F48-A5AD-F47F163FC84D}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{80DC8A82-CACD-4DC1-8EBD-8F32A640AF7A}" = dir=out | name=xbox game bar plugin |
"{82D04C92-CA89-4723-9DF4-29ED636775B2}" = dir=out | name=@{microsoft.yourphone_1.20101.99.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{82D47261-FF15-4CA3-8613-F01A57DB77EB}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{83EE0BF9-1BD6-4323-B769-FEB18BB9B121}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{8412082D-4672-403D-91A4-8AD424E14280}" = dir=in | name=xbox game bar |
"{84471B59-8225-4F42-81A2-7D12DF9432AB}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{86900241-A390-4BC7-A904-6D2AE7A26680}" = dir=in | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{88B1EE20-9B64-470A-88F1-95585803711D}" = dir=out | name=@{microsoft.microsoftedge_44.18362.449.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{89206634-1857-4AC1-842C-C48239D3FC71}" = dir=out | name=shell input application |
"{8A7A0E6B-6776-48FB-A9EC-7B40B57E7AEE}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{8CD87CB6-A794-4A51-A51C-0029385FF3AA}" = dir=out | name=@{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{8DB06025-98BA-4EC3-B7D7-D0BE807DEF87}" = protocol=6 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\itunes.exe |
"{8E7D4193-9C9F-4D0B-BBBE-E75ADA35A1CF}" = dir=out | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{93031D58-76D2-4D0C-88C2-2C122997C6B1}" = dir=out | name=@{microsoft.oneconnect_5.2011.3081.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{953F39D3-223A-4083-B97D-67A0B6AFB530}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{97EC86F5-45A8-49B6-81C6-F217CB98EDF3}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{9E55F5EB-97C6-4580-83BA-227E8DC4595D}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{A147BAA8-B991-439F-8C55-1E6EEA163A8D}" = dir=out | name=@{appup.intelgraphicsexperience_1.100.2970.0_x64__8j3eq9eme6ctt?ms-resource://appup.intelgraphicsexperience/resources/system_item_title_intelgraphicscontrolpanel} |
"{A2E88420-7C07-41F5-8BF0-98536D60BE05}" = dir=in | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A5C64488-F0BE-44A3-98A1-607E585BA973}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{A6334306-41C4-49AD-B0FD-77DC9A7810A3}" = dir=out | name=@{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{A8F926A0-D21E-46FA-9EA9-1EB29FB0E58D}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{AC1A942E-9AAD-4166-83CA-34B5A1E3D7EC}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{B108A2E5-5AD2-45A6-AE4A-42661D829A6B}" = dir=out | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B2375728-24B0-4932-A02E-14E23093C683}" = dir=out | name=@{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{B2BFB21A-0048-4E7D-94F9-77E47DA034E5}" = dir=out | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B37534FD-1297-4182-9D9E-9B15D2777A87}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{B3E852EF-7A11-456A-94FA-BA20F6CC14DD}" = dir=in | name=@{microsoft.win32webviewhost_10.0.18362.997_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{B8AD9DA2-BEBD-4F96-8207-5D09C143BFC4}" = dir=out | name=@{microsoft.lockapp_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{BB44F53E-33F2-4E14-A599-DE03FC45C9C9}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BCBB77C2-6A0A-4FE6-916B-6D6FABDEFC96}" = protocol=17 | dir=in | app=c:\program files\windowsapps\appleinc.itunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\amds64\applemobiledeviceprocess.exe |
"{BDD7E2FF-6FBE-41AA-9860-0885117C3057}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{BE1CFC60-D41E-47D0-A915-65A9A95204E4}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.18362.449_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{BF627853-C032-4B89-8ED2-541FE0AEF587}" = dir=out | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{BF8C018E-AA94-49A1-9CE7-39FFD3BDB837}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{C1108DBD-09CA-46EC-9C44-FD4F7C781CF9}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{C342EBB9-EA49-4794-A6E9-40B1D655BC45}" = dir=out | name=@{microsoft.ppiprojection_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{C7173264-F4C4-4C3A-82B3-5DFA892EB78B}" = dir=out | name=@{microsoft.accountscontrol_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{C92DFFAD-44BD-4818-8A57-B260517B74FA}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{D31943A4-F091-40DF-8642-46BE6A3526B1}" = dir=out | name=@{microsoft.accountscontrol_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{D4FA9D8F-B03D-4397-9B88-FD58F4122516}" = dir=out | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{D728AA46-1E0E-4098-8AC0-E304AAFE5873}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{D8D7F2AE-77B5-4D11-AEEB-AE8726D8749D}" = dir=out | name=xbox tcui |
"{D9B50AF7-D5FC-4322-9000-41A9749726FB}" = dir=in | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{D9D16947-2A80-4FCC-A036-3D3037A3879E}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{DB1AFE53-BAD5-4CD8-A5CA-F1B03EEEE18E}" = dir=out | name=microsoft pay |
"{DE6D7D2A-24D9-4999-8A4A-8262ACAFE1E0}" = dir=out | name=@{microsoft.getstarted_9.12.32951.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{E12392E0-850A-4BE0-9C6B-DBC556037122}" = dir=out | name=@{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{E1BAFEC3-BF9D-4054-AE21-D9919BF76619}" = dir=out | name=intel® graphics control panel |
"{E37B57C5-14AC-4010-B25B-04E4B4C19E46}" = dir=out | name=@{microsoft.windowscalculator_10.2009.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{E38D43C3-99F3-4FF6-AE74-E12899138A35}" = dir=in | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{E61652DA-12F8-477D-B658-C69357BF6A7A}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{E6ED289C-7236-4EBE-82F1-A29D0FAE3BC4}" = dir=in | name=@{microsoft.yourphone_1.20101.99.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{EBC992C7-836F-4832-933E-2A03E96B1F11}" = dir=out | name=@{microsoft.zunevideo_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{ECDBDF2C-DC8D-4322-8B2D-7F92B17FA2BD}" = dir=out | name=windows_ie_ac_001 |
"{EF3ABEDC-D3DC-4F57-B48A-3DE3F742E35D}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{F092E719-941F-4ED2-A5A8-E76A42CE3644}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F22F8E2D-9FF0-463C-B26D-16E54100FA12}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.1171_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{F2619918-7478-4652-A6D3-2F423E47F1C2}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{FAA1C646-1D6A-4C84-A25B-14C272FBDD08}" = dir=out | name=shell input application |
"{FD47DEE4-F515-47F6-8930-AF5D29EE3C52}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{FEA43EE4-654B-46BB-92D3-9B9C6EE03F4E}" = dir=in | name=@{microsoft.microsoftedge_44.18362.449.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{FEA7B2D4-2739-4A84-AB26-F03EC0CD05B0}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F518B57-008A-3D18-970E-38645BBDB5E6}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.22816
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 4.2.3.96
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{57830BE1-7A89-4306-9CF9-B06D34C5383E}" = Intel(R) Management Engine Components
"{5F4839F1-836A-4BC3-8209-2B5C164F00E0}" = Microsoft VC++ redistributables repacked.
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8334B1A3-1141-4114-9AD6-50B5A3833C54}" = Intel(R) Management Engine Components
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}" = Intel(R) Chipset Device Software
"{97238E8A-4919-4A1E-965A-C6C36938F4CE}" = Microsoft Update Health Tools
"{A066AABA-5C85-3F9D-8DAA-3847EDCDA4F3}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.22816
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = セキュリティ対策ツール
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9552825-7BF2-4344-BA91-D3CD46F4C442}" = Intel(R) Trusted Connect Service Client x64
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DF5EEEE3-A2F1-464A-8157-64BA751943AB}" = NEC MFKB Driver
"{E6AF6AD3-4E80-4D73-8668-563BA8C16CE4}" = iPod Support
"{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}" = Intel(R) ME UninstallLegacy
"{FA441912-5726-4CB9-8590-89737670CD4A}" = Intel(R) Management Engine Driver
"CCleaner" = CCleaner
"Elantech" = NX PAD Driver
"Mozilla Firefox 82.0.3 (x64 ja)" = Mozilla Firefox 82.0.3 (x64 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07E1EEA7-5C81-464E-935F-7C7441E2FD34}" = Music Center for PC
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17408817-d415-4768-a160-ae6d46d6bdb0}" = インテル® チップセット デバイス ソフトウェア
"{17b12e02-9e0f-435b-a641-6fa68bb60b6d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1fec26b5-eeec-4604-877a-44f1843ae9d4}" = Intel(R) Trusted Connect Services Client
"{2749c485-3a8b-4533-92ff-7cf6e8221cff}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{37D556AE-3208-48D1-A43C-6D2EBD095C2C}" = Microsoft VC++ redistributables repacked.
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730ca3c6-815d-4b47-abc9-5082acd0267f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C9552825-7BF2-4344-BA91-D3CD46F4C441}" = Intel(R) Trusted Connect Service Client x86
"{d07b0db5-8dad-40e1-be90-88026298a46b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}" = Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"BUFFALO_AirSet2_is1" = BUFFALO エアステーション設定ツール
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2020/11/02 20:31:26 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/02 20:31:26 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/10 21:02:32 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/10 21:02:32 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/11 0:10:41 | Computer Name = XXXXXXX-XXXXXXX | Source = VSS | ID = 13
Description =

Error - 2020/11/11 0:10:41 | Computer Name = XXXXXXX-XXXXXXX | Source = VSS | ID = 8193
Description =

Error - 2020/11/14 0:03:27 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/14 0:03:27 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 2020/11/16 5:16:04 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 2020/11/16 5:16:04 | Computer Name = XXXXXXX-XXXXXXX | Source = Firefox Default Browser Agent | ID = 470759
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 2020/11/15 12:53:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:54:37 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:24 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:38 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:55:51 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =

Error - 2020/11/15 12:56:11 | Computer Name = XXXXXXX-XXXXXXX | Source = DCOM | ID = 10005
Description =


< End of report >

貼り付けに手間取ってしまい、申し訳ありませんでした。
どうかよろしくお願いします。
  • ペソネ
  • 2020/11/17 (Tue) 05:33:55
オールグリーンですね
ログを確認いたしました。
PC側の問題ではなさそうですね。
OTLは、導入時の案内に従って削除をお願いします。

となると、ルーターやONU(以下、ルーター等)のリセットから始めてみましょうか。
一部端末を除き、ルーター等をリセットするとインターネットへの接続情報が途切れます。
そのため、インターネットの開通工事前にプロバイダから送られてきた契約情報の資料が必要となります。
そちらを用意した上でプロバイダに連絡を取るか、あるいはリセット手順をご存じであるなら、自力でリセットなされてみてください。
中継として別途無線LANルーターを利用している場合、そちらもリセットの対象としてください。
なお万一を考えて、ルーターに関する情報はネット上に公開しない方が良いですので、ルーター等の設定に関する内容は、各メーカー、あるいは契約先であると思われるOCNさんにお問い合わせください。
  • IVNO
  • 2020/11/17 (Tue) 11:03:39
Re: リダイレクト?
IVNOさん、返信ありがとうございます。
一つ質問させてもらってもよろしいでしょうか?

今回のリダイレクトの件、発生したのはとある個人ブログのみで、なおかつ1回だけなのです。
ここに相談してから4日経っておりますが、
ネットを閲覧していても、他のサイトでは同じ被害は起きていません。

そこで私なりに考えてみたのですが、もしかしたらブログが原因というのはあり得ませんか?
Aguseで調べたら、そのサイトはWordPress製でした。
WordPress製のサイトではハッキング被害が起きていると聞きます。

参考URLです
https://hanami-web.tokyo.jp/blog/website-running/security-case/wordpress-falsification/
https://webfood.info/wordpress-redirect-hacking/
https://wpmake.jp/contents/security/wordpress_redirect/

もちろん、IVNOさんがおっしゃっている事は、リダイレクト被害の対策として正しいと思います。
PCに問題が無いので、次はルータというのは当然のことです。
しかし、もしもこちらのルータが被害に遭っているならば、
DNSが書き換えられていたり、サイトを問わずにリダイレクトが頻発するのではありませんか?
(確認しましたが、DNSはまともでした)

疑う様な発言をしてしまい申し訳ございませんが、本当にこちらのルータの問題なのでしょうか?
  • ペソネ
  • 2020/11/18 (Wed) 08:30:06
となると無関係ですね
リダイレクトが一度のみ、それも特定のブログのみとなると、可能性は2つに絞られます。
一つが、ブログのクラッキングによる乗っ取り、もう一つが、ドメイン契約に関するものですね。
この2つの見分け方は、Webページに飛んだ際のURLで判断できます。
ですので、今回の事例では、ブログの乗っ取りである可能性が高いでしょう。

クラッキングにより奪われた場合、ブログのJavascriptや.htaccessが書き換えられている可能性が濃厚ですね。
ブログのログインIDやパスワードが抜かれたならば、比較的容易に改変が可能ですし、利用するレンタルサーバーや状況によっては、IDの特定だけならURLに書かれているので筒抜けです。
ルーターが書き換えられていた場合、閲覧するページに関係なくリダイレクトが発生しますので、特定のページだけとなると、今回の場合はそれには該当しないでしょう。
よって、この場合は該当ブログの管理人、または該当ブログの運営にその旨を通達なされるくらいしか解決策がないと思われます。

別のパターンのドメインについては、ドメインの有効期限が切れて売りに出され、それを別の人が購入したため、同じURLで別の場所に繋がったというものです。
このドメインについては、ドメインの管理、売買を行う業者とのサブスクリプション契約となりますので、契約期限が切れれば売りに出されるのは当然の話です。
と言うことで、ドメインの売買により発生した別サイトへのアクセスであるなら、全く違法性はなく、むしろ至って正常な挙動であると言えます。
言うなれば、賃貸マンションでしょうか。
賃料未払いで追い出された部屋に、後から別の人が入居しても文句が言えないように、更新料未払いで使用できなくなったドメインを、後から別の人が購入して使用しても文句は言えません。

いずれにせよ、特定ブログでのみ発生するという時点で、既にご家庭の環境の問題ではないと断言できる状況ですね。
今回の事例は、仮にどちらのパターンにせよブログ側の問題と言うことで決着しましたし、この機会にほかの質問があるならばお受けします。
それと完全に余談で個人的なものなのですが、私はハッキングと言う言葉が好きではないので、個人的にはクラッキングと言う言葉を用いています。
ハッキングとは本来、生産するという意味を持っています。
ですので、農家が農作物を作るのもハッキングですし、プログラマがソフトウェア開発をするのもハッキングです。
ハッキングと言う言葉そのものには善悪の概念は存在しませんので、ハッキングと言う言葉が悪意のある言葉のように扱われているのが、同じハッカー(生産者)として耐えがたいと言いますか。
まあ、個人的な感情です。
  • IVNO
  • 2020/11/19 (Thu) 04:33:42
Re: リダイレクト?
IVNOさん、返信ありがとうございます。

今回の件は、ブログの乗っ取りだったのですね。
答えてくださったおかげで安心できました。

>リダイレクトが一度のみ、それも特定のブログのみとなると、可能性は2つに絞られます。
>ブログのクラッキングによる乗っ取り、もう一つが、ドメイン契約に関するものですね。

ブログの内容は以前のままだったので、恐らく前者だと思います。
早速この件についてサイトの管理人に報告してみます。

>私はハッキングと言う言葉が好きではないので、個人的にはクラッキングと言う言葉を用いています。

てっきり、「ハッキング」という言葉がネガティブなものだと思い込んでおりました。
私の発言で不快な思いをさせてしまって、大変申し訳ありませんでした。

真摯に対応してくださって、どうもありがとうございました。
またご迷惑をお掛けすることがあるかと思いますが、その際にはよろしくお願いします。
  • ペソネ
  • 2020/11/20 (Fri) 08:46:51
Re: リダイレクト?
すみません、また同じような被害に遭ったので相談させて下さい。

グーグル検索からhttps://iqjohnsongn98.cocolog-nifty.com/blog/2020/05/post-f4b41e.htmlというサイトを閲覧しようとした際
突然画面が真っ白になりhttp://videowatchmore.com/coco2に飛ばされました
すぐにページを閉じてVirusTotalで検索したところ、特にヒットはせず、
悪質ではありますが、ただの広告サイトでした。

その後、しばらくネットを使っていても、リダイレクトされることは無く
恐らく、以前に相談させてもらった件と同じ、ブログ側の問題であると思うのですが、どうにも不安でして。
何度もお手数をおかけして申し訳ないのですが、今回も助けて頂けないでしょうか。




  • ペソネ
  • 2021/04/05 (Mon) 15:47:37
HJTログです
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:50:12, on 2021/04/05
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Users\XXXX\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5567a7f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
O23 - Service: @oem37.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem37.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TmWscSvc - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8133 bytes
  • ペソネ
  • 2021/04/05 (Mon) 15:52:31
CCログとバージョンです
CCインストール一覧
3D ビューアー Microsoft Corporation 2020/12/09 7.2010.15012.0
BUFFALO エアステーション設定ツール BUFFALO INC. 2020/05/19 2.69 MB 2.0.19
CCleaner Piriform 2021/04/05 5.78
Cortana Microsoft Corporation 2021/03/08 2.2102.8653.0
HEIF 画像拡張機能 Microsoft Corporation 2021/02/26 1.0.40392.0
Intel(R) Management Engine Components Intel Corporation 2019/12/17 1920.12.0.1273
Intel(R) Processor Graphics Intel Corporation 2020/09/29 26.20.100.7870
Intel® Graphics Control Panel INTEL CORP 2020/02/28 3.3.0.0
iPod Support Apple Inc. 2020/01/06 51.6 MB 120.7.3.55
iTunes Apple Inc. 2020/11/17 12110.26.53016.0
Malwarebytes version 4.3.0.98 Malwarebytes 2021/04/02 4.3.0.98
Microsoft Edge Microsoft Corporation 2021/04/03 89.0.774.68
Microsoft Pay Microsoft Corporation 2019/12/17 2.4.18324.0
Microsoft Solitaire Collection Microsoft Studios 2021/02/08 4.9.1252.0
Microsoft Store Microsoft Corporation 2020/11/14 12011.1001.1.0
Microsoft Store エクスペリエンス ホスト Microsoft Corporation 2021/03/14 12101.1001.21.0
Microsoft Update Health Tools Microsoft Corporation 2021/02/20 1.09 MB 2.75.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/03/08 4.84 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2018/03/08 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2018/03/08 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2018/05/11 9.54 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2018/03/08 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2021/01/13 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2021/01/13 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2021/01/13 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2020/12/02 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2021/01/13 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 Microsoft Corporation 2021/01/13 22.3 MB 14.0.22816.0
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 Microsoft Corporation 2021/01/13 22.5 MB 14.26.28720.3
Microsoft 付箋 Microsoft Corporation 2021/02/08 3.8.8.0
Mixed Reality ポータル Microsoft Corporation 2020/12/20 2000.20111.1381.0
Mozilla Firefox 87.0 (x64 ja) Mozilla 2021/03/25 208 MB 87.0
Mozilla Maintenance Service Mozilla 2021/01/13 547 KB 68.3.0
MPEG-2 ビデオ拡張機能 Microsoft Corporation 2019/12/17 1.0.22661.0
Music Center for PC Sony Corporation 2021/02/26 270 MB 2.4.0.13222
NEC MFKB Driver NEC Personal Computers, Ltd. 2019/12/17 77.0 KB 1.19.1314
NX PAD Driver ELAN Microelectronic Corp. 2021/01/13 15.16.11.3
OneNote for Windows 10 Microsoft Corporation 2021/03/08 16001.13801.20202.0
People Microsoft Corporation 2021/02/08 10.1909.12456.0
Print 3D Microsoft Corporation 2019/12/17 3.3.791.0
PrintDialog 2021/01/13
Realtek Card Reader Realtek Semiconductor Corp. 2021/01/13 14.6 MB 10.0.15063.21300
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2021/01/13 6.0.1.8125
Trend Micro Titanium 西日本電信電話株式会社 2021/04/02 450 MB 17.11
VP9 ビデオ拡張機能 Microsoft Corporation 2020/10/02 1.0.32521.0
Web メディア拡張機能 Microsoft Corporation 2021/03/26 1.0.40471.0
Webp 画像拡張機能 Microsoft Corporation 2020/10/23 1.0.32731.0
Xbox Game bar Microsoft Corporation 2020/06/13 1.54.4001.0
Xbox Game Bar Microsoft Corporation 2021/03/25 5.521.3093.0
Xbox Game Speech Window Microsoft Corporation 2019/12/17 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 2020/08/07 12.67.21001.0
Xbox Live Microsoft Corporation 2019/12/17 1.24.10001.0
Xbox コンソール コンパニオン Microsoft Corporation 2020/12/12 48.72.4001.0
アプリ インストーラー Microsoft Corporation 2020/11/17 1.4.3161.0
アラーム & クロック Microsoft Corporation 2021/03/08 10.2101.28.0
インテル® グラフィックス・コマンド・センター INTEL CORP 2021/01/03 1.100.3282.0
カメラ Microsoft Corporation 2021/03/26 2021.105.10.0
スマホ同期 Microsoft Corporation 2021/03/26 1.21022.139.0
セキュリティ対策ツール 西日本電信電話株式会社 2021/04/02 450 MB 17.11
デバイス製造元からの HEVC ビデオ拡張機能 Microsoft Corporation 2021/02/26 1.0.40203.0
ヒント Microsoft Corporation 2020/12/09 9.13.33161.0
フィードバック Hub Microsoft Corporation 2021/02/26 1.2009.10055.0
フォト Microsoft Corporation 2021/03/14 2020.20120.4004.0
フォト メディア エンジン アドオン Microsoft Corporation 2019/12/24 1.0.0.0
ペイント 3D Microsoft Corporation 2020/10/05 6.2009.30067.0
ボイス レコーダー Microsoft Corporation 2021/02/26 10.2101.28.0
マップ Microsoft Corporation 2021/02/26 10.2101.9.0
メール/カレンダー Microsoft Corporation 2021/02/26 16005.13426.20688.0
切り取り & スケッチ Microsoft Corporation 2020/09/11 10.2008.2277.0
問い合わせ Microsoft Corporation 2021/03/25 10.2101.40482.0
天気 Microsoft Corporation 2021/01/15 4.46.23383.0
日本語 ローカル エクスペリエンス パック Microsoft Corporation 2021/03/15 19041.17.51.0
映画 & テレビ Microsoft Corporation 2021/03/08 10.21021.10311.0
電卓 Microsoft Corporation 2021/02/26 10.2101.10.0

バージョン Microsoft Windows [Version 10.0.19042.906]
  • ペソネ
  • 2021/04/05 (Mon) 15:59:45
お気づきの通りブログ側の問題です
こんばんは。お久しぶりです。

説明とログを見せてもらいました。

ご自身でもおわかりのように今回のリダイレクト原因はブログ側ですね。
ソースを解析したところ、リダイレクト先と同じvideowatchmore.comのURLが含まれてます。

これとは別の事例ですが、以前から個人ブログでリダイレクト発生して閲覧者だけでなく管理人自身がPCのマルウェア感染やブログ乗っ取りかと大騒ぎした事例はい幾度も見ています。
その原因の多くは感染や乗っ取りではなく、ブログパーツでした。

ブログ主が画面の各種用途で入れたブログパーツの作成提供元の企業がサポート終了や事業譲渡等で元の機能を失うとともに譲渡先の会社が管理するページにリダイレクトされる症状が起きるのです。

なのでこの場合はブログ主が管理画面でブログパーツを無効削除すれば正常に戻ります。
伏魔殿とは別のところで自分も素性を隠していくつものブログに対処法メッセージを送って処置案内したこともあります。

今回自分が見た範囲ではリダイレクトが起きるのは2020年5月21日のあずみページだけのようなのでトップやそれ以外の記事ページにアクセスしてもリダイレクトは起きませんね。
ペソネさんがお気に入りのブログならブログ主さんに該当ページの編集か削除またはブログパーツの見直し勧めてみてはいかがですか?

個人サイトの場合管理人が管理しなくなって更新も止まったところは利用サービスの都合でこうやって思わぬ改変が起きるので、サイト管理できなくなった方は放置せず責任もって閉鎖削除するのも義務と認識してもらいたいですね。

ペソネさんのログではいまのところ不審点は見えないようですが、一応確認したほうがいいので以前のスレ手順に沿ってCCでの各タブログも見せてもらえますか。
  • 悪代官
  • 2021/04/05 (Mon) 19:52:35
Re: リダイレクト?
悪代官さん、返信ありがとうございます。

ブログパーツが原因だったのですね。
てっきり怪しいサイトに飛ばされたもんだと勘違いしておりました。
いくらVirusTotalで引っ掛からなかったとはいえ、どうにも確信が持てずに
不安で仕方なかったもので...
調べてくださって、ありがとうございます。

それと、こちらがCCログです。
またもやお手数をおかけし申し訳ないのですが、どうかよろしくお願いします。
スタートアップ
無効 HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task MicrosoftEdgeUpdateTaskMachineCore Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineCore1d6e948b6ffcc9 Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineUA Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
有効 Task necNbSchedRun NEC Personal Computers, Ltd. "C:\Program Files\necbatt\nbSched.exe"
有効 Task OneDrive Standalone Update Task v2 %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
コンテキストメニュー
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
Windowsサービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
無効 Service iPod サービス Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe"
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe"
ブラウザプラグイン IE
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
ブラウザプラグイン FF
有効 Extension Amazon.com.au 1.4 default-release Firefox 87.0
有効 Extension Bing 1.3 default-release Firefox 87.0
有効 Extension DoH Roll-Out 2.0.0 default-release Firefox 87.0 C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi
有効 Extension DuckDuckGo 1.1 default-release Firefox 87.0
有効 Extension Firefox Screenshots 39.0.0 Mozilla <screenshots-feedback@mozilla.com> default-release Firefox 87.0 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Form Autofill 1.0 default-release Firefox 87.0 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Google 1.1 default-release Firefox 87.0
有効 Extension Reset Search Defaults 1.0.6 default-release Firefox 87.0 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\features\{a415a934-865e-41ca-8c9d-36b2bdc1a23e}\reset-search-defaults@mozilla.com.xpi
有効 Extension uBlock Origin 1.34.0 Raymond Hill & contributors default-release Firefox 87.0 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi
有効 Extension Web Compatibility Interventions 20.1.0 default-release Firefox 87.0 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
無効 Extension WebCompat Reporter 1.4.0 Thomas Wisniewski <twisniewski@mozilla.com> default-release Firefox 87.0 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
有効 Extension Wikipedia (en) 1.1 default-release Firefox 87.0
有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 87.0
有効 Extension ヤフオク! 1.2 default-release Firefox 87.0
有効 Extension 教えて!goo 1.0 default-release Firefox 87.0
有効 Extension 楽天市場 1.2 default-release Firefox 87.0
有効 Plugin 4.10.1582.2 Google Inc. default-release Firefox 87.0 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-widevinecdm\4.10.1582.2\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.8.1.1 Mozilla Corporation default-release Firefox 87.0 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-gmpopenh264\1.8.1.1\gmpopenh264.dll

  • ペソネ
  • 2021/04/05 (Mon) 23:12:04
CCの設定を軽量化しますか
レスが遅くなってすみません。
現在のCCログも見せてもらいました。

おおむね問題なさそうですが、CCの常駐設定で有効になっている個所を軽量化しておくなら以下の作業をお勧めします。

CC起動してオプションの「スマートクリーニング」画面で、スマートクリーニングを有効化と、ごみファイル発生したら通知のチェックを外しておくと負荷が軽減されます。

続いてスタートアップの「スケジュール」タブの下記を無効化。

>有効 Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)

これでCCの常駐機能が無効化されて動作負担が少なくなります。
無効化していてもCCのバージョン更新されると有効化設定になることもあるので、CC更新したら各種設定も再確認をどうぞ。

今度はFirefoxの検索も軽量化を。
FF起動してアドレスバーに下記をコピペで貼り付けて移動して

about:preferences#search

「検索ショートカット」欄で不要な検索エンジンはチェック外してから「削除」するとリストからも消えます。
削除した検索をまた入れたくなったら「他の検索エンジンを追加」から可能です。

これで現在見えている範囲の動作負担はいくらか軽減されるでしょう。
他にも何かおかしな挙動あれば教えてください
  • 悪代官
  • 2021/04/06 (Tue) 22:33:51
Re: リダイレクト?
悪代官さん、返信ありがとうございます。

教えていただいた通りに、CCの常駐機能を無効化しておきました。
検索ショートカットは、何故かGoogleしか見当たりませんでした。

また、相談した時から今に至るまで、何かしらの異常はありません。
真摯に対応してくださって、どうもありがとうございました。
  • ペソネ
  • 2021/04/06 (Tue) 23:34:18

返信フォーム






プレビュー (投稿前に内容を確認)