悪代官の伏魔殿掲示板

Adwcleanerの誤検出？

お世話になります。ペソネと申します。
気になった事がありまして、相談させてください。

本日Adwcleanerでスキャンしたら、PUP.Optional.DNSChanger DNSwalters.exeが検出されました。

しかし、この手の乗っ取り系によくある、リダイレクト被害は一切無く、
また、DNSの数値にも異常はありませんでした。

恐らくAdwcleanerの誤検出だとは思うのですが、どうにも確信が持てず困っております。
皆様のお知恵を貸していただけませんでしょうか。

ペソネ
2022/07/17 (Sun) 15:00:44

返信フォームへ

HJTログです

ogfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:26:06, on 2022/07/17
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22000.0120)

Boot mode: Normal

Running processes:
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe
C:\Users\XXXX\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\BHO\ie_to_edge_bho.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_66f51 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
O23 - Service: @oem35.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem35.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TmWscSvc - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8304 bytes

ペソネ
2022/07/17 (Sun) 15:02:21

返信フォームへ

CCログです

3D ビューアー Microsoft Corporation 2022/03/24 1.0.35.0
BUFFALO エアステーション設定ツール Buffalo Inc. 2022/05/13 2.1.2
CCleaner Piriform 2022/07/17 6.01
Cortana Microsoft Corporation 2022/06/19 4.2204.13303.0
HEIF Image Extensions Microsoft Corporation 2022/05/11 1.0.43012.0
Intel(R) Management Engine Components Intel Corporation 2019/12/17 1920.12.0.1273
Intel(R) Processor Graphics Intel Corporation 2020/09/29 26.20.100.7870
Intel® Graphics Control Panel INTEL CORP 2022/03/20 3.3.0.0
iTunes Apple Inc. 2022/05/20 12124.1.57017.0
Malwarebytes version 4.5.11.202 Malwarebytes 2022/07/17 4.5.11.202
Maps Microsoft Corporation 2022/03/24 1.0.28.0
Microsoft Edge Microsoft Corporation 2022/07/16 103.0.1264.62
Microsoft Edge WebView2 Runtime Microsoft Corporation 2022/07/10 103.0.1264.49
Microsoft Store Microsoft Corporation 2022/07/08 22205.1401.13.0
Microsoft Store エクスペリエンスホスト Microsoft Corporation 2022/05/05 12203.44.0.0
Microsoft Update Health Tools Microsoft Corporation 2022/04/07 0.99 MB 4.67.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2018/03/08 4.84 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2018/03/08 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2018/03/08 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2018/05/11 9.54 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2018/03/08 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2018/03/08 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2020/12/02 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2020/12/02 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2020/12/02 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2020/12/02 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2020/12/02 12.0.30501.0
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 Microsoft Corporation 2020/12/02 14.0.22816.0
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 Microsoft Corporation 2020/12/02 14.26.28720.3
Microsoft 付箋 Microsoft Corporation 2022/06/19 4.5.5.0
Mixed Reality ポータル Microsoft Corporation 2021/07/16 2000.21051.1282.0
Mozilla Firefox (x64 ja) Mozilla 2022/07/07 102.0.1
Mozilla Maintenance Service Mozilla 2019/12/18 68.3.0
MPEG-2 ビデオ拡張機能 Microsoft Corporation 2022/01/25 1.0.42152.0
Music Center for PC Sony Corporation 2021/12/16 280 MB 2.5.0.11260
NEC MFKB Driver NEC Personal Computers, Ltd. 2019/12/17 77.0 KB 1.19.1314
NX PAD Driver ELAN Microelectronic Corp. 2022/03/22 15.16.11.3
OneNote for Windows 10 Microsoft Corporation 2022/06/19 16.14326.20837.0
People Microsoft Corporation 2022/05/06 10.2105.4.0
Print 3D Microsoft Corporation 2022/03/22 3.3.791.0
Realtek Card Reader Realtek Semiconductor Corp. 2022/03/22 10.0.15063.21300
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2022/03/22 6.0.1.8125
Snipping Tool Microsoft Corporation 2022/07/01 11.2205.10.0
Solitaire Collection Microsoft Studios 2022/07/10 4.13.7040.0
Trend Micro Titanium 西日本電信電話株式会社 2022/04/23 450 MB 17.71
VP9 Video Extensions Microsoft Corporation 2022/05/20 1.0.51171.0
Web メディア拡張機能 Microsoft Corporation 2021/10/11 1.0.42192.0
Webp 画像拡張機能 Microsoft Corporation 2022/03/08 1.0.42351.0
Windows PC 正常性チェック Microsoft Corporation 2021/10/22 11.4 MB 3.2.2110.14001
Windows Print
Windows Web Experience Pack Microsoft Windows 2022/07/07 421.20070.545.0
Windows サウンドレコーダー Microsoft Corporation 2022/07/14 11.2205.15.0
Windows セキュリティ Microsoft Corporation 2022/06/15 1000.22000.251.0
Xbox Game Bar Microsoft Corporation 2022/07/14 5.822.6271.0
Xbox Game bar Microsoft Corporation 2020/06/13 1.54.4001.0
Xbox Game Speech Window Microsoft Corporation 2022/03/22 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 2022/06/23 12.90.14001.0
Xbox Live Microsoft Corporation 2022/03/22 1.24.10001.0
Xbox コンソールコンパニオン Microsoft Corporation 2022/06/23 48.89.25001.0
アプリインストーラー Microsoft Corporation 2022/06/23 1.17.11601.0
インテル® グラフィックス・コマンド・センター INTEL CORP 2021/12/15 1.100.3407.0
カメラ Microsoft Corporation 2022/07/01 2022.2205.8.0
クロック Microsoft Corporation 2022/07/15 11.2205.23.0
スマートフォン連携 Microsoft Corporation 2022/07/07 1.22052.136.0
セキュリティ対策ツール西日本電信電話株式会社 2022/04/23 17.71
デバイス製造元からの HEVC ビデオ拡張機能 Microsoft Corporation 2022/05/20 2.0.51121.0
ヒント Microsoft Corporation 2022/07/01 10.2205.0.0
フィードバック Hub Microsoft Corporation 2022/03/24 1.2203.761.0
フォト Microsoft Corporation 2022/07/06 2022.31060.30005.0
フォトメディアエンジンアドオン Microsoft Corporation 2021/10/08 1.0.0.0
ペイント Microsoft Corporation 2022/07/01 11.2205.9.0
ペイント 3D Microsoft Corporation 2022/03/10 6.2203.1037.0
メモ帳 Microsoft Corporation 2022/07/01 11.2205.11.0
メール/カレンダー Microsoft Corporation 2022/05/20 16005.14326.20970.0
問い合わせ Microsoft Corporation 2022/06/19 10.2204.1222.0
天気 Microsoft Corporation 2022/07/15 3.2.2.0
日本語ローカルエクスペリエンスパック Microsoft Corporation 2022/07/17 22000.23.94.0
映画 & テレビ Microsoft Corporation 2022/06/06 10.22041.10091.0
電卓 Microsoft Corporation 2022/07/01 11.2205.9.0

ペソネ
2022/07/17 (Sun) 15:04:07

返信フォームへ

Windowsのバージョン

Microsoft Windows [Version 10.0.22000.795]

お手間をお掛けしますが、よろしくお願いします。

ペソネ
2022/07/17 (Sun) 15:05:59

返信フォームへ

ACのログを見せてもらえますか

こんばんは。
以前にも相談されたペソネさんでしょうか。
https://akudaikan-0.bbs.fc2bbs.net/?act=reply&tid=8018953

別の方でしたらその旨だけ次回レスで教えてください。

さて説明とログを見せてもらいましたが、

>DNSwalters.exe

というと当掲示板の過去相談でも出たことがあるモノですね。
https://akudaikan-0.bbs.fc2bbs.net/?act=reply&tid=6862471

ワード検索で上記スレがヒットして来られましたか。
もし上記スレと同じモノとするとDNS Unlocker絡みかもしれませんが、見せてもらったログではその痕跡は見えませんね。

AdwCleaner(AC)で検出されたならACの検出時スキャンログをレスで見せてもらえますか。
どのファイル、エントリをdnswalters.exeとして検出しているかわかればある程度判断可能です。
その内容を見てから安全な対応を案内していきましょう

悪代官
2022/07/17 (Sun) 22:21:12

返信フォームへ

ACスキャンログです

悪代官さん、返信ありがとうございます。
こちらがACの検出時スキャンログになります。

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-17-2022
# Duration: 00:00:05
# OS: Windows 10 Home
# Scanned: 32050
# Detected: 1

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.DNSChanger C:\Users\XXXX\AppData\Local\Programs\dnswalters.exe

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

ペソネ
2022/07/17 (Sun) 22:58:38

返信フォームへ

誤検出ではなさそうです

レスが遅くなってすみません。
ACでの検出結果を見せてもらいましたが、

>PUP.Optional.DNSChanger C:\Users\XXXX\AppData\Local\Programs\dnswalters.exe

ただの誤検出ではなさそうですね。
そのフォルダ直下にファイルだけ存在するだけでも妙です。

慎重に調べてから対処を考えましょう。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
https://www.piriform.com/ccleaner/builds
最新バージョンの「ポータブル版」(Portable)をダウンロード後、解凍して起動してください。
片付けるときはそのフォルダを削除すればいいです。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

スタートメニューの「プログラムとファイルの検索」に下記をコピペで貼り付けて

cleanmgr

ディスククリーンアップが起動したらゴミ箱以外の全項目にチェック入れて実行してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」、「Windowsサービス」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「ブラウザプラグイン」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

Windows標準のタスクスケジューラや、ブラウザの拡張機能に潜り込んでいるおそれがあるのでそのあたりを探ります

悪代官
2022/07/18 (Mon) 20:32:05

返信フォームへ

Re: Adwcleanerの誤検出？

悪代官さん、返信ありがとうございます。
Windows Updateは問題なく行えました。

>>ただの誤検出ではなさそうですね。
>>そのフォルダ直下にファイルだけ存在するだけでも妙です。

同じような事例を見つけたので報告します。
https://forums.malwarebytes.com/topic/285742-found-dnswalters-once-but-not-again-after/#comment-1511182
https://www.reddit.com/r/antivirus/comments/w1l7k6/dnswaltersexe_detected_windows_defender_is/

それと、dnswalters.exeが検出された際、焦ってクリーニングしてしまったのですが
検証自体に問題はありませんか？一応ACログ貼っておきます。

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-17-2022
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\XXXX\AppData\Local\Programs\dnswalters.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Hosts File
[+] Reset Winsock

*************************

ペソネ
2022/07/18 (Mon) 22:37:10

返信フォームへ

CC各ログ

Windows

有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"

スケジュールされたタスク
有効 Task CCleanerSkipUAC - XXXX Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task MicrosoftEdgeUpdateTaskMachineCore Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineCore1d83d86f433ed7f Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineUA Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
有効 Task necNbSchedRun NEC Personal Computers, Ltd. "C:\Program Files\necbatt\nbSched.exe"
有効 Task OneDrive Standalone Update Task v2 %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

コンテキストメニュー
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll

サービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe"

IE
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe"

FF
有効 Extension Add-ons Search Detection 2.0.0 default-release Firefox 102.0.1 path
有効 Extension Amazon.com.au 1.9 default-release Firefox 102.0.1 path
有効 Extension Bing 1.3 default-release Firefox 102.0.1 path
有効 Extension DoH Roll-Out 2.0.0 default-release Firefox 102.0.1 path
有効 Extension DuckDuckGo 1.1 default-release Firefox 102.0.1 path
有効 Extension Firefox Screenshots 39.0.1 Mozilla <screenshots-feedback@mozilla.com> default-release Firefox 102.0.1 path
有効 Extension Form Autofill 1.0.1 default-release Firefox 102.0.1 path
有効 Extension Google 1.2 default-release Firefox 102.0.1 path
有効 Extension Picture-In-Picture 1.0.0 default-release Firefox 102.0.1 path
有効 Extension uBlock Origin 1.43.0 Raymond Hill & contributors default-release Firefox 102.0.1 path
有効 Extension Web Compatibility Interventions 102.0.0 default-release Firefox 102.0.1 path
無効 Extension WebCompat Reporter 1.4.2 Thomas Wisniewski <twisniewski@mozilla.com> default-release Firefox 102.0.1 path
有効 Extension Wikipedia (en) 1.1 default-release Firefox 102.0.1 path
有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 102.0.1 path
有効 Extension ヤフオク! 1.3 default-release Firefox 102.0.1 path
有効 Extension 楽天市場 1.2 default-release Firefox 102.0.1 path
有効 Plugin 4.10.2449.0 Google LLC default-release Firefox 102.0.1 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-widevinecdm\4.10.2449.0\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.8.1.2 Mozilla Corporation default-release Firefox 102.0.1 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

ペソネ
2022/07/18 (Mon) 22:47:47

返信フォームへ

CC各ログ2回目

Windows
有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"

スケジュールされたタスク
有効 Task CCleanerSkipUAC - XXXX Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task MicrosoftEdgeUpdateTaskMachineCore Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineCore1d83d86f433ed7f Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
有効 Task MicrosoftEdgeUpdateTaskMachineUA Microsoft Corporation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
有効 Task necNbSchedRun NEC Personal Computers, Ltd. "C:\Program Files\necbatt\nbSched.exe"
有効 Task OneDrive Standalone Update Task v2 %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

コンテキストメニュー
有効 Directory PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここで開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll

サービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe"

IE
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll

FF
有効 Extension Add-ons Search Detection 2.0.0 default-release Firefox 102.0.1 path
有効 Extension Amazon.com.au 1.9 default-release Firefox 102.0.1 path
有効 Extension Bing 1.3 default-release Firefox 102.0.1 path
有効 Extension DoH Roll-Out 2.0.0 default-release Firefox 102.0.1 path
有効 Extension DuckDuckGo 1.1 default-release Firefox 102.0.1 path
有効 Extension Firefox Screenshots 39.0.1 Mozilla <screenshots-feedback@mozilla.com> default-release Firefox 102.0.1 path
有効 Extension Form Autofill 1.0.1 default-release Firefox 102.0.1 path
有効 Extension Google 1.2 default-release Firefox 102.0.1 path
有効 Extension Picture-In-Picture 1.0.0 default-release Firefox 102.0.1 path
有効 Extension uBlock Origin 1.43.0 Raymond Hill & contributors default-release Firefox 102.0.1 path
有効 Extension Web Compatibility Interventions 102.0.0 default-release Firefox 102.0.1 path
無効 Extension WebCompat Reporter 1.4.2 Thomas Wisniewski <twisniewski@mozilla.com> default-release Firefox 102.0.1 path
有効 Extension Wikipedia (en) 1.1 default-release Firefox 102.0.1 path
有効 Extension Yahoo! JAPAN 1.0 default-release Firefox 102.0.1 path
有効 Extension ヤフオク! 1.3 default-release Firefox 102.0.1 path
有効 Extension 楽天市場 1.2 default-release Firefox 102.0.1 path
有効 Plugin 4.10.2449.0 Google LLC default-release Firefox 102.0.1 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-widevinecdm\4.10.2449.0\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.8.1.2 Mozilla Corporation default-release Firefox 102.0.1 C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\gle0pcpf.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

1時間後のスキャン結果です。使用中、PCに異常な症状はありませんでした。

お手数をおかけしますが、よろしくお願いします。

ペソネ
2022/07/18 (Mon) 23:55:15

返信フォームへ

OTLで解析します

レスが遅くなってすみません。
作業後のCCログを見せてもらいました。

>同じような事例を見つけたので報告します。

参考リンクも見つけてくれてありがとうございます。海外でも似た事例が出てますか。

>それと、dnswalters.exeが検出された際、焦ってクリーニングしてしまったのですが
>検証自体に問題はありませんか？

ACでクリーニングしてもまだ「隔離」状態なので、隔離した対象物を完全削除してしまうともう復元はできませんが、隔離しただけならあとで復元可能です。
万一過剰反応での誤検出なら復元したほうがいいですが、もし完全削除していたならその旨を次回レスで教えてください。

CCログを見た範囲ではdnswalters.exeらしいものが動いている痕跡は見えません。
一応手動目視で確認もお願いします。

デスクトップでタスクバーを右クリックから「タスクマネージャー」を開いて、「プロセス」タブ画面でdnswalters.exeを探してください。
多分見つからないとは思いますがもし見つかったらそれを選択してタスクの終了させてください。
探しても見つからなければタスク画面は閉じていいですが、もし見つかったらそのことを教えてください。

先に見つかった際のACログでは下記になってましたね。
>PUP.Optional.DNSChanger C:\Users\XXXX\AppData\Local\Programs\dnswalters.exe

ACではPUPとして検出されたようですが、他社セキュリティソフトによってはDNSChangerをトロイと扱うこともあります。

今のところ決め手になる材料は見つかってないので、少し踏み込んで解析します。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

ログの最後に< End of report >という表示が出るのでそこまで全部貼り付けてください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

悪代官
2022/07/19 (Tue) 22:17:21

返信フォームへ

OTLログ1

悪代官さん、返信ありがとうございます。

>>もし完全削除していたならその旨を次回レスで教えてください。
検出されたexeファイルは完全削除してしまいました。

>>プロセスタブ画面でdnswalters.exeを探してください。
dnswalters.exeはありませんでした。

そして、こちらがOTLログになります。お手数をおかけしますが、検証よろしくお願いします。
OTL logfile created on: 2022/07/19 22:30:24 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.22000.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.13 Gb Available Physical Memory | 64.79% Memory free
9.17 Gb Paging File | 6.36 Gb Available in Paging File | 69.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 140.86 Gb Free Space | 59.38% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2022/07/19 22:27:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXX\Downloads\OTL.exe
PRC - [2022/02/21 14:26:56 | 000,386,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) -- c:\Windows\SysWOW64\NTMETER.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2022/03/22 09:30:49 | 000,617,648 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2022/07/17 12:11:17 | 008,683,336 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2022/07/13 12:04:16 | 000,716,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2022/07/13 12:04:16 | 000,532,480 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:50 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\McpManagementService.dll -- (McpManagementService)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:48 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:46 | 000,778,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:39 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 006,131,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,851,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,643,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudkservices.shellcommon.dll -- (UdkUserSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,094,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:24 | 000,462,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 001,339,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 003,932,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:22 | 001,171,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:22 | 000,319,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServerMonitor.dll -- (FrameServerMonitor)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:18 | 000,066,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 001,527,808 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 001,294,336 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:09 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:05 | 001,273,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:04 | 000,141,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:03 | 001,544,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:01 | 004,419,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:59 | 000,679,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:56 | 000,659,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:55 | 000,868,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:53 | 001,224,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:53 | 000,274,104 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:51 | 000,385,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:50 | 000,278,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:46 | 002,109,440 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:46 | 001,785,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:42 | 001,933,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:37 | 000,466,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:05 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\p9rdrservice.dll -- (P9RdrService)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:03 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,349,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcvss.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:50 | 000,434,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:50 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:49 | 000,212,992 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:48 | 001,093,632 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 001,388,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,430,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PenService.dll -- (PenService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:28 | 000,212,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:22 | 000,352,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:22 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:18 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:15 | 000,253,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,761,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,163,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,106,496 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:07 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:06 | 000,233,472 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\NPSM.dll -- (NPSMSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:06 | 000,114,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:03 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,455,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,455,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:00 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 001,137,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 000,466,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 001,294,336 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 000,414,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,155,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,089,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,569,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,512,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2022/04/13 09:04:18 | 002,073,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2022/04/13 09:04:10 | 000,380,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2022/03/23 20:56:00 | 000,378,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:31:09 | 000,757,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2022/03/22 09:31:09 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:58 | 000,618,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 001,268,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PenService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (P9RdrService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (NPSMSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:11 | 000,946,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:11 | 000,733,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:09 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:08 | 006,776,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:07 | 002,723,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:07 | 000,077,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:03 | 001,622,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:53 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:51 | 001,052,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:48 | 001,101,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2022/02/21 16:13:42 | 001,133,224 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\NTTW\SECURITY\SEC\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2022/02/21 16:13:36 | 000,393,984 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe -- (TmWscSvc)
SRV:[b]64bit:[/b] - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV:[b]64bit:[/b] - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV:[b]64bit:[/b] - [2021/06/06 02:47:49 | 000,165,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:16 | 000,331,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:15 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,409,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,086,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:40 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:27 | 001,187,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,606,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:10 | 000,290,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 001,585,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 001,122,304 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,352,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,253,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,184,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:06 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:06 | 000,086,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:05 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:03 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:02 | 000,561,152 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:04:52 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2021/06/05 04:12:00 | 000,389,120 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2021/06/05 02:53:00 | 000,382,976 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV - [2022/07/14 15:56:53 | 001,696,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2022/07/13 12:04:18 | 000,367,616 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2022/07/13 11:59:45 | 000,930,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2022/07/13 11:59:18 | 003,932,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2022/07/07 14:04:49 | 000,232,824 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2022/05/25 09:02:23 | 000,046,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2022/05/25 09:02:13 | 001,971,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2022/05/25 09:02:11 | 001,353,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2022/05/25 09:02:10 | 000,821,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2022/05/11 16:29:39 | 000,163,328 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\NPSM.dll -- (NPSMSvc)
SRV - [2022/04/08 08:50:35 | 003,116,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe -- (WdNisSvc)
SRV - [2022/04/08 08:50:35 | 000,133,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe -- (WinDefend)
SRV - [2022/03/30 09:13:53 | 000,199,392 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2022/03/30 09:13:50 | 000,528,896 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2022/03/22 09:30:57 | 000,355,840 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2022/03/22 09:30:53 | 000,824,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2022/03/22 09:30:52 | 000,115,200 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2022/03/22 09:30:51 | 005,679,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2022/03/22 09:30:43 | 000,817,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe -- (Intel(R)
SRV - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe -- (Intel(R)
SRV - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV - [2021/06/06 02:47:49 | 000,119,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2021/06/05 21:05:51 | 000,933,888 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2017/06/09 16:45:46 | 002,413,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\IAStorAfsService\iaStorAfsService.exe -- (iaStorAfsService)
SRV - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- c:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2022/07/19 22:21:15 | 000,223,176 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:50 | 000,062,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,443,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:27 | 000,238,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:27 | 000,161,120 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,857,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,656,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:17 | 000,507,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2022/07/01 13:55:28 | 000,239,544 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2022/06/15 09:23:18 | 000,177,496 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2022/06/09 12:27:46 | 000,343,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ibtusb.inf_amd64_8a55e95054c2f123\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2022/06/06 23:14:34 | 000,166,376 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmumh.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2022/05/25 09:02:00 | 000,540,672 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:59 | 002,295,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 000,206,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:44 | 000,802,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WifiCx.sys -- (WifiCx)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 001,007,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:42 | 000,193,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,345,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,337,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,337,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:40 | 000,180,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2022/05/11 16:30:18 | 000,066,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2022/05/11 16:30:05 | 000,136,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\p9rdr.sys -- (P9Rdr)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,169,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,103,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,079,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPerf.sys -- (NDKPerf)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:49 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:30 | 000,159,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:30 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:23 | 000,132,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:21 | 000,308,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:17 | 001,013,088 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:16 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:14 | 000,054,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,103,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,071,008 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:12 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HidSpiCx.sys -- (HidSpiCx)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:12 | 000,069,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,210,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:58 | 000,090,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:58 | 000,071,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,307,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,083,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,132,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,095,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,091,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,071,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,131,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,087,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,476,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,210,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,210,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,202,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,181,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,143,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,111,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,111,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hsp.sys -- (Hsp)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,099,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,083,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvmedisk.sys -- (nvmedisk)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelPMT.sys -- (IntelPMT)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_6693f32a658a859a\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,380,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,157,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_6657edf28697c405\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,385,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,095,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2022/04/24 00:30:04 | 000,021,480 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,443,664 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,090,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,049,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:44 | 000,352,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:42 | 000,377,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,877,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\usb4devicerouter.inf_amd64_3bffb5f5105936e5\Usb4DeviceRouter.sys -- (Usb4DeviceRouter)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,599,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\usb4hostrouter.inf_amd64_dd61aa4ab70fa4fb\Usb4HostRouter.sys -- (Usb4HostRouter)
DRV:[b]64bit:[/b] - [2022/03/22 09:30:12 | 000,086,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,750,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,696,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,131,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:43 | 000,226,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,676,944 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmeyes.sys -- (tmeyes)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,553,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,152,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,137,128 | ---- | M] (Trend Micro, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,039,872 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2021/08/26 06:10:26 | 000,032,656 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioSwitchHID.sys -- (RadioSwitchHID)
DRV:[b]64bit:[/b] - [2021/06/06 02:47:47 | 000,127,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:05 | 000,143,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,163,840 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,119,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,098,304 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:33 | 000,339,968 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:27 | 000,106,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,061,768 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ExecutionContext.sys -- (ExecutionContext)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:23 | 000,274,744 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,356,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,212,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,200,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,196,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,139,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,119,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,115,024 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,115,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,106,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,700,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,291,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,164,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,086,016 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:54 | 000,094,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:52 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:50 | 000,425,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,115,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,074,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,069,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,057,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,053,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,053,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.sys -- (VirtualRender)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,188,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,135,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_a517b810ee0e44a2\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,065,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_28522251903b4825\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_4bd4df2779fd9e16\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_dc3260bbd08046c4\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,053,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 001,853,752 | ---- | M] (Chelsio Commun

ペソネ
2022/07/19 (Tue) 23:04:30

返信フォームへ

OTLログ2

ログ続き
[2022/07/19 22:35:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2022/07/19 22:25:49 | 001,449,444 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2022/07/19 22:25:49 | 000,707,374 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2022/07/19 22:25:49 | 000,473,422 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2022/07/19 22:25:49 | 000,135,698 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2022/07/19 22:25:49 | 000,132,352 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2022/07/19 22:21:15 | 000,223,176 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2022/07/19 22:21:06 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2022/07/19 22:21:02 | 3399,548,928 | -HS- | M] () -- C:\hiberfil.sys
[2022/07/18 22:22:06 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2022/07/16 08:22:43 | 000,002,275 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2022/07/13 12:19:56 | 000,341,208 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2022/07/13 12:04:22 | 000,933,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSRESM.dll
[2022/07/13 12:04:22 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2022/07/13 12:04:22 | 000,438,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSTIFF.dll
[2022/07/13 12:04:22 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2022/07/13 12:04:22 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXST30.dll
[2022/07/13 12:04:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2022/07/13 12:04:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOM.dll
[2022/07/13 12:04:22 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSROUTE.dll
[2022/07/13 12:04:22 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSMON.dll
[2022/07/13 12:04:22 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinFax.dll
[2022/07/13 12:04:22 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUNATD.exe
[2022/07/13 12:04:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSEVENT.dll
[2022/07/13 12:04:20 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\racpldlg.dll
[2022/07/13 12:04:20 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msra.exe
[2022/07/13 12:04:20 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdchange.exe
[2022/07/13 12:04:20 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsraLegacy.tlb
[2022/07/13 12:04:19 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022/07/13 12:04:19 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022/07/13 12:04:19 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022/07/13 12:04:19 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022/07/13 12:04:19 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022/07/13 12:04:19 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSXP32.dll
[2022/07/13 12:04:19 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022/07/13 12:04:18 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2022/07/13 12:04:18 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2022/07/13 12:04:18 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\racpldlg.dll
[2022/07/13 12:04:18 | 000,129,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2022/07/13 12:04:18 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdchange.exe
[2022/07/13 12:04:18 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2022/07/13 12:04:18 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsraLegacy.tlb
[2022/07/13 12:04:17 | 004,465,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022/07/13 12:04:16 | 005,431,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022/07/13 12:04:16 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2022/07/13 12:04:16 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2022/07/13 12:04:15 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv2.sys.mui
[2022/07/13 12:04:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mrxsmb.sys.mui
[2022/07/13 12:04:15 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ja-JP\srv2.sys.mui
[2022/07/13 12:04:15 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ja-JP\mrxsmb.sys.mui
[2022/07/13 12:00:02 | 011,048,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe
[2022/07/13 11:59:59 | 005,735,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2022/07/13 11:59:59 | 003,685,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2022/07/13 11:59:59 | 002,349,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022/07/13 11:59:59 | 001,260,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2022/07/13 11:59:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2022/07/13 11:59:58 | 008,306,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2022/07/13 11:59:58 | 004,235,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2022/07/13 11:59:58 | 002,637,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022/07/13 11:59:58 | 001,563,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2022/07/13 11:59:58 | 001,162,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022/07/13 11:59:58 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2022/07/13 11:59:58 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll
[2022/07/13 11:59:57 | 007,389,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2022/07/13 11:59:57 | 004,059,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022/07/13 11:59:57 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2022/07/13 11:59:56 | 006,048,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022/07/13 11:59:56 | 001,594,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022/07/13 11:59:56 | 001,392,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022/07/13 11:59:56 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2022/07/13 11:59:56 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2022/07/13 11:59:55 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2022/07/13 11:59:55 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2022/07/13 11:59:54 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2022/07/13 11:59:54 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2022/07/13 11:59:54 | 000,470,528 | ---- | M] (curl, https://curl.se/) -- C:\WINDOWS\SysWow64\curl.exe
[2022/07/13 11:59:54 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scansetting.dll
[2022/07/13 11:59:54 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadefui.dll
[2022/07/13 11:59:54 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2022/07/13 11:59:54 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiascanprofiles.dll
[2022/07/13 11:59:54 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2022/07/13 11:59:54 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2022/07/13 11:59:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcspoffln.dll
[2022/07/13 11:59:52 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022/07/13 11:59:51 | 008,896,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2022/07/13 11:59:51 | 002,032,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022/07/13 11:59:51 | 001,810,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2022/07/13 11:59:51 | 001,787,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022/07/13 11:59:51 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2022/07/13 11:59:51 | 000,439,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022/07/13 11:59:51 | 000,116,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2022/07/13 11:59:51 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2022/07/13 11:59:50 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2022/07/13 11:59:50 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2022/07/13 11:59:50 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFIPP.dll
[2022/07/13 11:59:50 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementService.dll
[2022/07/13 11:59:50 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFMCP.dll
[2022/07/13 11:59:50 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2022/07/13 11:59:50 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2022/07/13 11:59:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2022/07/13 11:59:50 | 000,062,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2022/07/13 11:59:50 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementProxy.dll
[2022/07/13 11:59:48 | 000,966,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2022/07/13 11:59:48 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2022/07/13 11:59:48 | 000,659,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2022/07/13 11:59:48 | 000,581,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2022/07/13 11:59:48 | 000,530,944 | ---- | M] (curl, https://curl.se/) -- C:\WINDOWS\SysNative\curl.exe
[2022/07/13 11:59:48 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scansetting.dll
[2022/07/13 11:59:48 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2022/07/13 11:59:48 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFESCL.dll
[2022/07/13 11:59:48 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadefui.dll
[2022/07/13 11:59:48 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2022/07/13 11:59:48 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2022/07/13 11:59:48 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EsclWiaDriver.dll
[2022/07/13 11:59:48 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiascanprofiles.dll
[2022/07/13 11:59:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2022/07/13 11:59:48 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2022/07/13 11:59:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2022/07/13 11:59:48 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiatrace.dll
[2022/07/13 11:59:48 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcspoffln.dll
[2022/07/13 11:59:47 | 001,368,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagperf.dll
[2022/07/13 11:59:47 | 000,460,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computestorage.dll
[2022/07/13 11:59:47 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2022/07/13 11:59:46 | 009,028,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:46 | 001,783,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022/07/13 11:59:46 | 001,749,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2022/07/13 11:59:46 | 001,549,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022/07/13 11:59:46 | 001,015,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:46 | 000,857,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022/07/13 11:59:46 | 000,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2022/07/13 11:59:46 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:46 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2022/07/13 11:59:46 | 000,311,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022/07/13 11:59:46 | 000,263,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022/07/13 11:59:46 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdprint.dll
[2022/07/13 11:59:46 | 000,152,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022/07/13 11:59:46 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschap.dll
[2022/07/13 11:59:46 | 000,058,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022/07/13 11:59:46 | 000,015,040 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/07/13 11:59:45 | 002,681,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022/07/13 11:59:45 | 001,845,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2022/07/13 11:59:45 | 001,155,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2022/07/13 11:59:45 | 000,959,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022/07/13 11:59:45 | 000,930,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2022/07/13 11:59:45 | 000,907,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022/07/13 11:59:45 | 000,863,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022/07/13 11:59:45 | 000,782,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022/07/13 11:59:45 | 000,559,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022/07/13 11:59:45 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022/07/13 11:59:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2022/07/13 11:59:45 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022/07/13 11:59:45 | 000,199,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logoncli.dll
[2022/07/13 11:59:45 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wutrust.dll
[2022/07/13 11:59:45 | 000,130,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KerbClientShared.dll
[2022/07/13 11:59:45 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022/07/13 11:59:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2022/07/13 11:59:45 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netmsg.dll
[2022/07/13 11:59:44 | 006,991,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022/07/13 11:59:44 | 003,138,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2022/07/13 11:59:44 | 002,665,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2022/07/13 11:59:44 | 002,246,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2022/07/13 11:59:44 | 000,900,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2022/07/13 11:59:43 | 015,020,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022/07/13 11:59:43 | 002,533,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2022/07/13 11:59:43 | 000,310,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022/07/13 11:59:43 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:43 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2022/07/13 11:59:43 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2022/07/13 11:59:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2022/07/13 11:59:43 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2022/07/13 11:59:43 | 000,062,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022/07/13 11:59:42 | 004,653,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022/07/13 11:59:42 | 002,519,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll
[2022/07/13 11:59:42 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2022/07/13 11:59:42 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2022/07/13 11:59:42 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2022/07/13 11:59:42 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2022/07/13 11:59:42 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2022/07/13 11:59:42 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2022/07/13 11:59:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2022/07/13 11:59:42 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2022/07/13 11:59:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2022/07/13 11:59:41 | 004,394,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022/07/13 11:59:41 | 002,225,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll
[2022/07/13 11:59:41 | 000,649,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2022/07/13 11:59:41 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_9.dll
[2022/07/13 11:59:41 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:41 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2022/07/13 11:59:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secproc.dll
[2022/07/13 11:59:41 | 000,173,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LanguageOverlayUtil.dll
[2022/07/13 11:59:41 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2022/07/13 11:59:41 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022/07/13 11:59:40 | 003,559,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022/07/13 11:59:40 | 001,560,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APMon.dll
[2022/07/13 11:59:40 | 001,347,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:40 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2022/07/13 11:59:40 | 000,753,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenValObj.exe
[2022/07/13 11:59:40 | 000,679,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022/07/13 11:59:40 | 000,659,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2022/07/13 11:59:40 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2022/07/13 11:59:40 | 000,385,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022/07/13 11:59:40 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdprint.dll
[2022/07/13 11:59:40 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2022/07/13 11:59:40 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022/07/13 11:59:40 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022/07/13 11:59:39 | 002,211,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022/07/13 11:59:39 | 001,774,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022/07/13 11:59:39 | 001,250,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2022/07/13 11:59:39 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2022/07/13 11:59:39 | 000,823,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:39 | 000,651,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2022/07/13 11:59:39 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022/07/13 11:59:39 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022/07/13 11:59:39 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2022/07/13 11:59:39 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efslsaext.dll
[2022/07/13 11:59:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efssvc.dll
[2022/07/13 11:59:38 | 010,509,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:38 | 003,821,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2022/07/13 11:59:38 | 003,514,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2022/07/13 11:59:38 | 002,891,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2022/07/13 11:59:38 | 001,414,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022/07/13 11:59:38 | 000,670,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022/07/13 11:59:38 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022/07/13 11:59:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022/07/13 11:59:37 | 006,131,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022/07/13 11:59:37 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2022/07/13 11:59:37 | 000,537,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022/07/13 11:59:37 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhdrv.dll
[2022/07/13 11:59:37 | 000,447,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022/07/13 11:59:37 | 000,443,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2022/07/13 11:59:37 | 000,407,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2022/07/13 11:59:37 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022/07/13 11:59:37 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022/07/13 11:59:37 | 000,129,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpr.dll
[2022/07/13 11:59:37 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2022/07/13 11:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2022/07/13 11:59:35 | 011,740,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022/07/13 11:59:35 | 003,670,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022/07/13 11:59:35 | 000,534,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2022/07/13 11:59:34 | 002,129,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2022/07/13 11:59:33 | 003,670,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022/07/13 11:59:33 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2022/07/13 11:59:33 | 001,484,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022/07/13 11:59:33 | 000,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022/07/13 11:59:33 | 000,757,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntfsres.dll
[2022/07/13 11:59:33 | 000,464,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2022/07/13 11:59:33 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022/07/13 11:59:33 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2022/07/13 11:59:33 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2022/07/13 11:59:33 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2022/07/13 11:59:33 | 000,296,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022/07/13 11:59:33 | 000,282,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logoncli.dll
[2022/07/13 11:59:33 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll
[2022/07/13 11:59:33 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022/07/13 11:59:33 | 000,157,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2022/07/13 11:59:33 | 000,144,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2022/07/13 11:59:33 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2022/07/13 11:59:32 | 004,173,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022/07/13 11:59:32 | 002,318,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022/07/13 11:59:32 | 001,862,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2022/07/13 11:59:32 | 001,634,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022/07/13 11:59:32 | 001,245,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2022/07/13 11:59:32 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2022/07/13 11:59:32 | 000,947,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022/07/13 11:59:32 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netmsg.dll
[2022/07/13 11:59:31 | 001,501,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2022/07/13 11:59:31 | 001,075,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe
[2022/07/13 11:59:31 | 000,587,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2022/07/13 11:59:31 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2022/07/13 11:59:31 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2022/07/13 11:59:30 | 008,507,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022/07/13 11:59:29 | 003,400,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll
[2022/07/13 11:59:29 | 000,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2022/07/13 11:59:29 | 000,558,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploy.dll
[2022/07/13 11:59:29 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022/07/13 11:59:29 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wutrust.dll
[2022/07/13 11:59:29 | 000,112,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022/07/13 11:59:29 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022/07/13 11:59:28 | 003,428,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022/07/13 11:59:28 | 003,016,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2022/07/13 11:59:28 | 001,609,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022/07/13 11:59:28 | 001,372,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022/07/13 11:59:28 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022/07/13 11:59:28 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvcimpl.dll
[2022/07/13 11:59:28 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022/07/13 11:59:28 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2022/07/13 11:59:28 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2022/07/13 11:59:28 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2022/07/13 11:59:28 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022/07/13 11:59:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll
[2022/07/13 11:59:28 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2022/07/13 11:59:28 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022/07/13 11:59:28 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2022/07/13 11:59:28 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2022/07/13 11:59:28 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2022/07/13 11:59:28 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2022/07/13 11:59:28 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022/07/13 11:59:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2022/07/13 11:59:27 | 005,902,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022/07/13 11:59:27 | 001,183,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2022/07/13 11:59:27 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2022/07/13 11:59:27 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2022/07/13 11:59:27 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2022/07/13 11:59:27 | 000,238,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2022/07/13 11:59:27 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2022/07/13 11:59:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2022/07/13 11:59:27 | 000,161,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2022/07/13 11:59:27 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2022/07/13 11:59:27 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2022/07/13 11:59:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2022/07/13 11:59:26 | 003,833,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022/07/13 11:59:26 | 001,774,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022/07/13 11:59:26 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2022/07/13 11:59:26 | 001,127,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022/07/13 11:59:26 | 001,070,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022/07/13 11:59:26 | 000,542,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022/07/13 11:59:26 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022/07/13 11:59:26 | 000,166,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022/07/13 11:59:25 | 008,876,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022/07/13 11:59:25 | 002,041,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2022/07/13 11:59:25 | 001,278,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2022/07/13 11:59:25 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2022/07/13 11:59:25 | 000,208,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KerbClientShared.dll
[2022/07/13 11:59:24 | 004,820,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2022/07/13 11:59:24 | 003,960,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2022/07/13 11:59:24 | 003,440,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2022/07/13 11:59:24 | 003,014,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2022/07/13 11:59:24 | 002,523,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022/07/13 11:59:24 | 000,525,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022/07/13 11:59:24 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022/07/13 11:59:24 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022/07/13 11:59:24 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022/07/13 11:59:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022/07/13 11:59:23 | 018,894,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2022/07/13 11:59:23 | 003,362,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022/07/13 11:59:23 | 002,641,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2022/07/13 11:59:23 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2022/07/13 11:59:23 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2022/07/13 11:59:23 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:23 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2022/07/13 11:59:23 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2022/07/13 11:59:23 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2022/07/13 11:59:23 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2022/07/13 11:59:23 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2022/07/13 11:59:23 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2022/07/13 11:59:23 | 000,099,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022/07/13 11:59:20 | 005,025,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022/07/13 11:59:20 | 001,496,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2022/07/13 11:59:20 | 001,323,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022/07/13 11:59:20 | 001,310,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022/07/13 11:59:20 | 001,277,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:20 | 001,200,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Storage.dll
[2022/07/13 11:59:20 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022/07/13 11:59:20 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ptpprov.dll
[2022/07/13 11:59:20 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022/07/13 11:59:20 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecureTimeAggregator.dll
[2022/07/13 11:59:20 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022/07/13 11:59:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022/07/13 11:59:19 | 002,030,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2022/07/13 11:59:19 | 001,646,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022/07/13 11:59:19 | 001,339,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2022/07/13 11:59:19 | 000,927,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022/07/13 11:59:19 | 000,873,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2022/07/13 11:59:19 | 000,843,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2022/07/13 11:59:19 | 000,671,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_9.dll
[2022/07/13 11:59:19 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022/07/13 11:59:19 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HrtfApo.dll
[2022/07/13 11:59:19 | 000,501,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayServer.dll
[2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2022/07/13 11:59:19 | 000,464,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2022/07/13 11:59:19 | 000,335,872 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022/07/13 11:59:19 | 000,232,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayUtil.dll
[2022/07/13 11:59:19 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatialAudioLicenseSrv.exe
[2022/07/13 11:59:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguagePackManagementCSP.dll
[2022/07/13 11:59:19 | 000,117,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2022/07/13 11:59:19 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022/07/13 11:59:19 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2022/07/13 11:59:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audioresourceregistrar.dll
[2022/07/13 11:59:19 | 000,021,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll
[2022/07/13 11:59:18 | 003,101,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2022/07/13 11:59:18 | 000,857,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2022/07/13 11:59:18 | 000,656,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2022/07/13 11:59:18 | 000,263,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2022/07/13 11:59:18 | 000,162,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\UsbXhciCompanion.dll
[2022/07/13 11:59:18 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022/07/13 11:59:17 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthA2dp.sys
[2022/07/01 13:55:28 | 000,239,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2022/06/28 12:24:04 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2022/06/28 11:43:55 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2022/07/18 22:22:06 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2022/07/13 11:59:46 | 000,015,040 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/07/13 11:59:19 | 000,335,872 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022/04/29 09:02:47 | 000,019,456 | ---- | C] () -- C:\WINDOWS\SysWow64\WsdProviderUtil.dll
[2022/04/29 09:02:26 | 000,051,712 | ---- | C] () -- C:\WINDOWS\SysWow64\CredProvCommonCore.dll
[2022/04/29 09:02:19 | 000,460,800 | ---- | C] () -- C:\WINDOWS\SysWow64\SettingSyncDownloadHelper.dll
[2022/03/22 09:40:15 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2022/03/22 09:30:58 | 000,247,808 | ---- | C] () -- C:\WINDOWS\SysWow64\pku2u.dll
[2022/03/22 09:30:58 | 000,013,824 | ---- | C] () -- C:\WINDOWS\SysWow64\prxyqry.dll
[2022/03/22 09:30:56 | 000,267,264 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Dialogs.dll
[2022/03/22 09:30:54 | 000,006,656 | ---- | C] () -- C:\WINDOWS\SysWow64\nrtapi.dll
[2022/03/22 09:30:49 | 000,617,648 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2022/03/22 09:30:49 | 000,425,984 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2022/03/22 09:30:48 | 000,221,184 | ---- | C] () -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll
[2022/03/22 09:30:44 | 000,121,344 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2021/06/05 21:08:55 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2021/06/05 21:08:55 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2021/06/05 21:08:55 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2021/06/05 21:06:26 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2021/06/05 21:06:26 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2021/06/05 21:06:23 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2021/06/05 21:06:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021/06/05 21:05:59 | 000,065,024 | ---- | C] () -- C:\WINDOWS\SysWow64\sstpcfg.dll
[2021/06/05 21:05:55 | 000,292,352 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2021/06/05 21:05:53 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2021/06/05 21:05:51 | 001,308,736 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021/06/05 21:05:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2021/06/05 21:05:48 | 003,635,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2021/06/05 21:05:48 | 000,513,536 | ---- | C] () -- C:\WINDOWS\SysWow64\SearchIndexerCore.dll
[2021/06/05 21:05:48 | 000,262,656 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021/06/05 21:05:48 | 000,118,272 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2021/06/05 21:05:48 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2021/06/05 21:05:45 | 000,264,192 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2021/06/05 21:05:43 | 000,345,088 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2021/06/05 21:05:43 | 000,073,216 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2021/06/05 21:05:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\WwanPrfl.dll
[2021/06/05 21:05:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2021/06/05 21:05:43 | 000,011,776 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2021/06/05 21:05:37 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2021/06/05 21:05:34 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2019/12/17 16:44:37 | 000,000,036 | ---- | C] () -- C:\Users\XXXX\AppData\Local\housecall.guid.cache
[2019/12/17 15:39:44 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[color=#E56717]========== ZeroAccess Check ==========[/color]

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2022/07/13 11:59:25 | 008,876,968 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2022/07/13 11:59:44 | 006,991,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2021/06/05 21:04:58 | 001,019,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2021/06/05 21:05:46 | 000,815,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2021/06/05 21:05:14 | 000,491,520 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2022/04/24 00:29:54 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk
[2019/12/17 16:17:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2018/05/11 12:31:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2022/07/19 22:33:17 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Settings
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2019/12/07 18:31:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\RetailDemo
[2022/03/22 10:00:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\2022-04-22-23-50-25
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR\2022-04-22-23-50-25
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44\2022-04-22-23-50-25
[2022/03/22 09:55:02 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Settings
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2019/12/07 18:31:03 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\RetailDemo
[2022/03/22 10:00:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2022/03/22 09:49:59 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData
[2021/04/02 09:25:15 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\SEC
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatCache
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatUaCache
[2022/07/17 22:54:06 | 000,000,000 | RH-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\Burn\Burn
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2022/07/19 19:33:27 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\Content.MSO
[2021/04/02 09:25:15 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\SEC\Explore
[2022/04/23 08:43:02 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2022/03/22 09:49:59 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2019/12/17 15:51:14 | 000,000,000 | -H-D | M] -- C:\Users\Default\Pictures\NEC
[2022/03/22 09:55:55 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2022/07/18 22:22:06 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2022/03/22 09:44:39 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2022/04/24 00:30:16 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2021/06/05 21:10:49 | 000,000,000 | -H-D | M] -- C:\Windows\LanguageOverlayCache
[2022/03/22 09:49:58 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2022/03/22 09:50:09 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\Pictures\NEC
[2022/03/22 09:49:58 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2022/03/22 09:50:08 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\Pictures\NEC

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2021/01/16 18:11:30 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG MZ7LN256HAJQ-000L7
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 237.00GB
Starting Offset: 290455552
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,000.00MB
Starting Offset: 255011586048
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2022/05/11 16:29:05 | 000,294,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2022/03/30 09:13:36 | 001,662,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 000,925,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2021/06/05 21:05:53 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,442,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2022/03/22 09:30:53 | 000,336,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
No service found with a name of Browser
SRV:[b]64bit:[/b] - [2021/06/05 21:05:23 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:33 | 001,421,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,426,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2022/03/22 09:30:54 | 000,333,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:00 | 000,451,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:28 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2022/05/11 16:29:44 | 000,030,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:33 | 000,662,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:25 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2022/05/11 16:29:14 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 000,282,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,057,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,159,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2022/05/11 16:29:33 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:40 | 001,114,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:33 | 001,421,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:29 | 000,084,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 000,315,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,327,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:18 | 000,278,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2022/05/25 09:02:24 | 000,212,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2021/06/05 21:05:12 | 000,835,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,335,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2022/05/11 16:30:12 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,114,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:25 | 000,614,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:17 | 001,466,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 002,015,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV - [2022/04/08 08:50:35 | 000,133,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 001,269,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 001,159,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (mpssvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:48 | 000,819,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (StiSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:57 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2022/05/11 16:30:11 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,245,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:29 | 003,567,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:00 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 002,752,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:03 | 000,323,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

ペソネ
2022/07/19 (Tue) 23:10:15

返信フォームへ

OTLのログが不足しているようです

こんばんは、この一時だけ悪代官さんに代わりまして、私からご案内いたします。

OTLのログを確認いたしましたが、最初と最後のログはありますが、真ん中のログがすべて文字数上限に引っかかって削除されているようです。
文字数上限に引っかからないよう、複数ログに分割して再度の貼り付けをお願いします。

IVNO
2022/07/20 (Wed) 02:35:37

返信フォームへ

OTL1

IVNOさん、返信ありがとうございます。ログを貼り直します。
OTL logfile created on: 2022/07/19 22:30:24 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXX\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.22000.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.13 Gb Available Physical Memory | 64.79% Memory free
9.17 Gb Paging File | 6.36 Gb Available in Paging File | 69.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.23 Gb Total Space | 140.86 Gb Free Space | 59.38% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-XXXXXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2022/07/19 22:27:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXX\Downloads\OTL.exe
PRC - [2022/02/21 14:26:56 | 000,386,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) -- c:\Windows\SysWOW64\NTMETER.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2022/03/22 09:30:49 | 000,617,648 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2022/07/17 12:11:17 | 008,683,336 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2022/07/13 12:04:16 | 000,716,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2022/07/13 12:04:16 | 000,532,480 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:50 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\McpManagementService.dll -- (McpManagementService)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:48 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:46 | 000,778,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:39 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 006,131,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,851,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,643,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudkservices.shellcommon.dll -- (UdkUserSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:28 | 000,094,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:24 | 000,462,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 001,339,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 003,932,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:22 | 001,171,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:22 | 000,319,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServerMonitor.dll -- (FrameServerMonitor)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:18 | 000,066,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 001,527,808 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 001,294,336 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:09 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:05 | 001,273,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:04 | 000,141,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:03 | 001,544,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:01 | 004,419,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:59 | 000,679,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:56 | 000,659,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:55 | 000,868,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:53 | 001,224,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:53 | 000,274,104 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:51 | 000,385,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:50 | 000,278,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:46 | 002,109,440 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:46 | 001,785,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:42 | 001,933,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:37 | 000,466,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:05 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\p9rdrservice.dll -- (P9RdrService)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:03 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,349,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcvss.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,316,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:30:02 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:50 | 000,434,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:50 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:49 | 000,212,992 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:48 | 001,093,632 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 001,388,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,430,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PenService.dll -- (PenService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:46 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:28 | 000,212,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:22 | 000,352,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:22 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:18 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:15 | 000,253,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,761,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,163,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,106,496 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:08 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:07 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:06 | 000,233,472 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\NPSM.dll -- (NPSMSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:06 | 000,114,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:03 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,455,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,455,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:01 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:00 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 001,137,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 000,466,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 001,294,336 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 000,414,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,155,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 001,089,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,569,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,512,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2022/04/13 09:04:18 | 002,073,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2022/04/13 09:04:10 | 000,380,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2022/03/23 20:56:00 | 000,378,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:31:09 | 000,757,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2022/03/22 09:31:09 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:58 | 000,618,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 001,268,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PenService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (P9RdrService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (NPSMSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,079,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_77d52)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:11 | 000,946,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:11 | 000,733,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:09 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:08 | 006,776,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:07 | 002,723,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:07 | 000,077,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:03 | 001,622,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:53 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:51 | 001,052,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:29:48 | 001,101,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2022/02/21 16:13:42 | 001,133,224 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\NTTW\SECURITY\SEC\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2022/02/21 16:13:36 | 000,393,984 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\NTTW\SECURITY\SEC\TmWscSvc\TmWscSvc.exe -- (TmWscSvc)
SRV:[b]64bit:[/b] - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV:[b]64bit:[/b] - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV:[b]64bit:[/b] - [2021/06/06 02:47:49 | 000,165,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:16 | 000,331,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:15 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,409,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,086,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:40 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:29 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:27 | 001,187,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,606,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:10 | 000,290,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 001,585,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 001,122,304 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,352,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,253,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:09 | 000,184,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:06 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:06 | 000,086,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:05 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:03 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:02 | 000,561,152 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:04:52 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2021/06/05 04:12:00 | 000,389,120 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2021/06/05 02:53:00 | 000,382,976 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV:[b]64bit:[/b] - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2017/04/06 07:02:26 | 000,115,928 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV - [2022/07/14 15:56:53 | 001,696,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2022/07/13 12:04:18 | 000,367,616 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2022/07/13 11:59:45 | 000,930,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2022/07/13 11:59:18 | 003,932,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2022/07/07 14:04:49 | 000,232,824 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2022/05/25 09:02:23 | 000,046,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2022/05/25 09:02:13 | 001,971,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2022/05/25 09:02:11 | 001,353,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2022/05/25 09:02:10 | 000,821,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2022/05/11 16:29:39 | 000,163,328 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\NPSM.dll -- (NPSMSvc)
SRV - [2022/04/08 08:50:35 | 003,116,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe -- (WdNisSvc)
SRV - [2022/04/08 08:50:35 | 000,133,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe -- (WinDefend)
SRV - [2022/03/30 09:13:53 | 000,199,392 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2022/03/30 09:13:50 | 000,528,896 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2022/03/22 09:30:57 | 000,355,840 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2022/03/22 09:30:53 | 000,824,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2022/03/22 09:30:52 | 000,115,200 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2022/03/22 09:30:51 | 005,679,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2022/03/22 09:30:43 | 000,817,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe -- (Intel(R)
SRV - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe -- (Intel(R)
SRV - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV - [2021/06/06 02:47:49 | 000,119,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2021/06/05 21:05:51 | 000,933,888 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2020/09/29 10:42:19 | 000,036,680 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe -- (igccservice)
SRV - [2020/09/29 10:42:17 | 000,524,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2020/09/29 10:42:17 | 000,519,704 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe -- (cphs)
SRV - [2020/09/29 10:42:16 | 000,399,384 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/03/03 19:12:34 | 000,223,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2017/06/09 16:45:46 | 002,413,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\IAStorAfsService\iaStorAfsService.exe -- (iaStorAfsService)
SRV - [2016/06/23 11:18:56 | 000,099,712 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- c:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

ペソネ
2022/07/20 (Wed) 08:55:04

返信フォームへ

OTL2

ログ2
DRV:[b]64bit:[/b] - [2022/07/19 22:21:15 | 000,223,176 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:50 | 000,062,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,443,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:27 | 000,238,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:27 | 000,161,120 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,857,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,656,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:18 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2022/07/13 11:59:17 | 000,507,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2022/07/01 13:55:28 | 000,239,544 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2022/06/15 09:23:18 | 000,177,496 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2022/06/09 12:27:46 | 000,343,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ibtusb.inf_amd64_8a55e95054c2f123\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2022/06/06 23:14:34 | 000,166,376 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmumh.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2022/05/25 09:02:00 | 000,540,672 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:59 | 002,295,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 000,206,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:44 | 000,802,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WifiCx.sys -- (WifiCx)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 001,007,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:42 | 000,193,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,345,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,337,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:41 | 000,337,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2022/05/25 09:01:40 | 000,180,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2022/05/11 16:30:18 | 000,066,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2022/05/11 16:30:05 | 000,136,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\p9rdr.sys -- (P9Rdr)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,169,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,103,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,079,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPerf.sys -- (NDKPerf)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:49 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:30 | 000,159,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:30 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:23 | 000,132,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:21 | 000,308,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:17 | 001,013,088 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:16 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:14 | 000,054,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,103,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,071,008 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:12 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HidSpiCx.sys -- (HidSpiCx)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:12 | 000,069,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,210,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:58 | 000,090,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:58 | 000,071,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:57 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,307,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:56 | 000,083,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,132,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,095,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,091,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:55 | 000,071,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,131,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,087,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:54 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,476,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,210,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,210,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,202,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,181,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,143,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,111,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,111,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hsp.sys -- (Hsp)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,099,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,083,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvmedisk.sys -- (nvmedisk)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelPMT.sys -- (IntelPMT)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_6693f32a658a859a\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,075,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:53 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,380,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,157,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:52 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_6657edf28697c405\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,385,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,095,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2022/05/11 16:28:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2022/04/24 00:30:04 | 000,021,480 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,443,664 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,090,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2022/04/08 08:50:35 | 000,049,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:44 | 000,352,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:42 | 000,377,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,877,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\usb4devicerouter.inf_amd64_3bffb5f5105936e5\Usb4DeviceRouter.sys -- (Usb4DeviceRouter)
DRV:[b]64bit:[/b] - [2022/03/30 09:13:32 | 000,599,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\usb4hostrouter.inf_amd64_dd61aa4ab70fa4fb\Usb4HostRouter.sys -- (Usb4HostRouter)
DRV:[b]64bit:[/b] - [2022/03/22 09:30:12 | 000,086,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,750,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,696,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:44 | 000,131,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2022/03/22 09:29:43 | 000,226,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,676,944 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmeyes.sys -- (tmeyes)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,553,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,152,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,137,128 | ---- | M] (Trend Micro, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2022/02/21 14:23:38 | 000,039,872 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2021/08/26 06:10:26 | 000,032,656 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioSwitchHID.sys -- (RadioSwitchHID)
DRV:[b]64bit:[/b] - [2021/06/06 02:47:47 | 000,127,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:05 | 000,143,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,163,840 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2021/06/05 21:06:00 | 000,119,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,098,304 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:33 | 000,339,968 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:27 | 000,106,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,061,768 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ExecutionContext.sys -- (ExecutionContext)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:23 | 000,274,744 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,356,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,212,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,200,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,196,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,139,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,119,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,115,024 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,115,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,106,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:16 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,700,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,291,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,164,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,086,016 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:57 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:54 | 000,094,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:52 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:50 | 000,425,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,115,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,074,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,069,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,057,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,053,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,053,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:47 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.sys -- (VirtualRender)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,188,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,135,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_a517b810ee0e44a2\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,065,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_28522251903b4825\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_4bd4df2779fd9e16\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_dc3260bbd08046c4\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:46 | 000,053,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 001,853,752 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 001,131,344 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,884,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,561,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,558,928 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,319,800 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,305,488 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,209,736 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,176,952 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,146,256 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,137,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,124,240 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,100,176 | ---- | M] (Broadcom Inc) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,090,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,090,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_0a89aff902a5c3a9\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,087,352 | ---- | M] (Broadcom Limited) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mpi3drvi.sys -- (mpi3drvi)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,080,696 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,073,016 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,069,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_e1a5502a3a50be4e\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,068,432 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,064,328 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,063,816 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,058,704 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,036,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:45 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 003,440,440 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 003,423,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbd0a.sys -- (ebdrv0)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 001,135,432 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,107,344 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,083,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,065,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\prm.inf_amd64_7fc9bb8ba2b73803\prm.sys -- (PRM)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,057,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_3bf6c0d173eb26c6\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,053,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:44 | 000,026,960 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:43 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,177,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,112,440 | ---- | M] (Apple Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\AppleSSD.sys -- (AppleSSD)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,045,568 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2021/06/05 21:04:42 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2021/03/25 11:57:00 | 008,651,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwtw04.sys -- (Netwtw04)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2020/05/25 19:44:10 | 000,045,256 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necextif.sys -- (necextif)
DRV:[b]64bit:[/b] - [2020/05/20 00:44:26 | 000,029,984 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Ps2LedIF.sys -- (Ps2LedIF)
DRV:[b]64bit:[/b] - [2020/05/20 00:44:24 | 000,036,128 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ps2Led.sys -- (Ps2Led)
DRV:[b]64bit:[/b] - [2020/05/20 00:44:20 | 000,053,536 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfkgtkey.sys -- (MFKGTKEY)
DRV:[b]64bit:[/b] - [2020/01/18 14:51:05 | 000,043,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:[b]64bit:[/b] - [2018/07/31 00:37:46 | 001,138,024 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:46 | 000,070,632 | ---- | M] (Intel Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorAfs.sys -- (iaStorAfs)
DRV:[b]64bit:[/b] - [2017/06/09 16:45:44 | 000,894,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2017/05/15 18:47:04 | 000,782,816 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:[b]64bit:[/b] - [2017/04/21 17:15:30 | 000,045,960 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necbatt.sys -- (necbatt)
DRV:[b]64bit:[/b] - [2017/04/06 07:02:00 | 000,613,448 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV - [2022/06/09 12:27:46 | 000,343,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_8a55e95054c2f123\ibtusb.sys -- (ibtusb)
DRV - [2022/05/11 16:28:53 | 000,075,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_6693f32a658a859a\UEFI.sys -- (UEFI)
DRV - [2022/05/11 16:28:52 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_6657edf28697c405\CompositeBus.sys -- (CompositeBus)
DRV - [2022/03/30 09:13:32 | 000,877,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_3bffb5f5105936e5\Usb4DeviceRouter.sys -- (Usb4DeviceRouter)
DRV - [2022/03/30 09:13:32 | 000,599,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_dd61aa4ab70fa4fb\Usb4HostRouter.sys -- (Usb4HostRouter)
DRV - [2022/03/22 09:30:57 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2021/06/05 21:04:47 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.sys -- (VirtualRender)
DRV - [2021/06/05 21:04:46 | 000,135,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_a517b810ee0e44a2\UfxChipidea.sys -- (UfxChipidea)
DRV - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_28522251903b4825\urssynopsys.sys -- (UrsSynopsys)
DRV - [2021/06/05 21:04:46 | 000,061,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_4bd4df2779fd9e16\urschipidea.sys -- (UrsChipidea)
DRV - [2021/06/05 21:04:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_dc3260bbd08046c4\genericusbfn.sys -- (genericusbfn)
DRV - [2021/06/05 21:04:45 | 000,090,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_0a89aff902a5c3a9\umbus.sys -- (umbus)
DRV - [2021/06/05 21:04:45 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\BasicDisplay.sys -- (BasicDisplay)
DRV - [2021/06/05 21:04:45 | 000,069,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_e1a5502a3a50be4e\BasicRender.sys -- (BasicRender)
DRV - [2021/06/05 21:04:44 | 000,057,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_3bf6c0d173eb26c6\swenum.sys -- (swenum)
DRV - [2020/09/29 10:42:21 | 000,351,048 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_d148a0ef920e06c0\IntcDAud.sys -- (IntcDAud)
DRV - [2020/09/29 10:42:15 | 024,591,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\igdkmd64.sys -- (igfx)
DRV - [2020/09/03 02:48:22 | 000,304,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_3fec17f874687c29\x64\TeeDriverW10x64.sys -- (MEIx64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

ペソネ
2022/07/20 (Wed) 08:57:07

返信フォームへ

OTL3

ログ3
[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0F025142-0828-4C31-89F1-74F68D43D562}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0F025142-0828-4C31-89F1-74F68D43D562}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKU\S-1-5-21-852619868-549112645-581641478-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 102.0.1\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 102.0.1\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 102.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 102.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Extensions
[2019/12/17 16:26:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\SystemExtensionsDev
[2022/02/08 15:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\browser-extension-data
[2022/02/08 15:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\browser-extension-data\abstract-soft-colorway@mozilla.org
[2022/02/08 15:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\browser-extension-data\elemental-soft-colorway@mozilla.org
[2021/01/07 08:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\browser-extension-data\fftmtoolbar@trendmicro.com
[2022/01/06 10:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\browser-extension-data\reset-search-defaults@mozilla.com
[2022/06/15 09:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\extensions
[2020/01/09 15:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295
[2022/07/17 17:36:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++724b1e61-a7ca-4e7e-a55f-533052b79beb^userContextId=4294967295\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1
[2022/07/19 22:30:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1\idb
[2019/12/17 16:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295
[2022/07/19 22:29:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\Firefox\Profiles\gle0pcpf.default-release\storage\default\moz-extension+++df9cf5ae-3beb-4b85-9f3e-6b09fada4fe1^userContextId=4294967295\idb
[2022/06/15 09:08:38 | 003,047,681 | ---- | M] () (No name found) -- C:\Users\XXXX\AppData\Roaming\mozilla\firefox\profiles\gle0pcpf.default-release\extensions\uBlock0@raymondhill.net.xpi

O1 HOSTS File: ([2022/07/17 12:08:04 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O2 - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Trend ツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [NECMFK] C:\Program Files\NECMFK\necmfk.exe (NEC Personal Computers, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [Platinum] C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-852619868-549112645-581641478-1001..\Run: [MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\nlansp_c.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\nlansp_c.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8bd57898-9598-4a71-92ce-2a74e2528dcd}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e5a08c53-337f-4b00-9dde-ee864b923ce0}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\SECURITY\SEC\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {052860C8-3E53-3D0B-9332-48A8B4971352} - .NET Framework
ActiveX:[b]64bit:[/b] {1FC9AB62-9B2E-3666-B314-B16FD09E7C52} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8F5D9E08-71EC-370E-BA96-36E6EF916DF2} - .NET Framework
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {9459C573-B17A-45AE-9F64-1857B5D58CEE} - "C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3853CC31-559E-32A7-B749-89E04145A139} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8E0A742C-D031-348A-954F-AFE3CB92EFB7} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {990CB269-A600-38D0-B7D1-FBD392495F13} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

ペソネ
2022/07/20 (Wed) 09:00:40

返信フォームへ

OTL4

ログ4
[2022/07/19 22:21:15 | 000,223,176 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2022/07/19 22:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2022/07/18 23:07:10 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthA2dp.sys
[2022/07/18 23:07:10 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthHfEnum.sys
[2022/07/18 22:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2022/07/17 14:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2022/07/13 12:04:22 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSRESM.dll
[2022/07/13 12:04:22 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2022/07/13 12:04:22 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSTIFF.dll
[2022/07/13 12:04:22 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2022/07/13 12:04:22 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXST30.dll
[2022/07/13 12:04:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2022/07/13 12:04:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOM.dll
[2022/07/13 12:04:22 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSROUTE.dll
[2022/07/13 12:04:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSMON.dll
[2022/07/13 12:04:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinFax.dll
[2022/07/13 12:04:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUNATD.exe
[2022/07/13 12:04:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSEVENT.dll
[2022/07/13 12:04:20 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\racpldlg.dll
[2022/07/13 12:04:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msra.exe
[2022/07/13 12:04:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdchange.exe
[2022/07/13 12:04:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsraLegacy.tlb
[2022/07/13 12:04:19 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022/07/13 12:04:19 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022/07/13 12:04:19 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022/07/13 12:04:19 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022/07/13 12:04:19 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022/07/13 12:04:19 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSXP32.dll
[2022/07/13 12:04:19 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022/07/13 12:04:18 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2022/07/13 12:04:18 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2022/07/13 12:04:18 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\racpldlg.dll
[2022/07/13 12:04:18 | 000,129,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2022/07/13 12:04:18 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdchange.exe
[2022/07/13 12:04:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2022/07/13 12:04:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsraLegacy.tlb
[2022/07/13 12:04:17 | 004,465,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022/07/13 12:04:16 | 005,431,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022/07/13 12:04:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2022/07/13 12:04:16 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2022/07/13 12:00:01 | 011,048,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe
[2022/07/13 11:59:59 | 003,685,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2022/07/13 11:59:59 | 002,349,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022/07/13 11:59:59 | 001,260,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2022/07/13 11:59:59 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2022/07/13 11:59:58 | 005,735,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2022/07/13 11:59:58 | 004,235,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2022/07/13 11:59:58 | 002,637,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022/07/13 11:59:58 | 001,563,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2022/07/13 11:59:58 | 001,162,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022/07/13 11:59:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2022/07/13 11:59:58 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll
[2022/07/13 11:59:57 | 008,306,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2022/07/13 11:59:57 | 004,059,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022/07/13 11:59:57 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2022/07/13 11:59:56 | 007,389,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2022/07/13 11:59:56 | 001,594,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022/07/13 11:59:56 | 001,392,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022/07/13 11:59:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2022/07/13 11:59:56 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2022/07/13 11:59:55 | 006,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022/07/13 11:59:55 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2022/07/13 11:59:55 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2022/07/13 11:59:54 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2022/07/13 11:59:54 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2022/07/13 11:59:54 | 000,470,528 | ---- | C] (curl, https://curl.se/) -- C:\WINDOWS\SysWow64\curl.exe
[2022/07/13 11:59:54 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scansetting.dll
[2022/07/13 11:59:54 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadefui.dll
[2022/07/13 11:59:54 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2022/07/13 11:59:54 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiascanprofiles.dll
[2022/07/13 11:59:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2022/07/13 11:59:54 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2022/07/13 11:59:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcspoffln.dll
[2022/07/13 11:59:52 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022/07/13 11:59:51 | 008,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2022/07/13 11:59:51 | 002,032,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022/07/13 11:59:51 | 001,787,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022/07/13 11:59:51 | 000,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2022/07/13 11:59:51 | 000,439,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022/07/13 11:59:51 | 000,116,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2022/07/13 11:59:51 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2022/07/13 11:59:50 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2022/07/13 11:59:50 | 000,868,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2022/07/13 11:59:50 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2022/07/13 11:59:50 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFIPP.dll
[2022/07/13 11:59:50 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementService.dll
[2022/07/13 11:59:50 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFMCP.dll
[2022/07/13 11:59:50 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2022/07/13 11:59:50 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2022/07/13 11:59:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2022/07/13 11:59:50 | 000,062,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2022/07/13 11:59:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementProxy.dll
[2022/07/13 11:59:48 | 000,966,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2022/07/13 11:59:48 | 000,815,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2022/07/13 11:59:48 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2022/07/13 11:59:48 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2022/07/13 11:59:48 | 000,530,944 | ---- | C] (curl, https://curl.se/) -- C:\WINDOWS\SysNative\curl.exe
[2022/07/13 11:59:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scansetting.dll
[2022/07/13 11:59:48 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2022/07/13 11:59:48 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFESCL.dll
[2022/07/13 11:59:48 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadefui.dll
[2022/07/13 11:59:48 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2022/07/13 11:59:48 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EsclWiaDriver.dll
[2022/07/13 11:59:48 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiascanprofiles.dll
[2022/07/13 11:59:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2022/07/13 11:59:48 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2022/07/13 11:59:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2022/07/13 11:59:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiatrace.dll
[2022/07/13 11:59:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcspoffln.dll
[2022/07/13 11:59:47 | 000,460,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computestorage.dll
[2022/07/13 11:59:47 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2022/07/13 11:59:47 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2022/07/13 11:59:46 | 009,028,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:46 | 001,783,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022/07/13 11:59:46 | 001,749,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2022/07/13 11:59:46 | 001,549,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022/07/13 11:59:46 | 001,368,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagperf.dll
[2022/07/13 11:59:46 | 001,015,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:46 | 000,857,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022/07/13 11:59:46 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2022/07/13 11:59:46 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:46 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2022/07/13 11:59:46 | 000,311,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022/07/13 11:59:46 | 000,263,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022/07/13 11:59:46 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdprint.dll
[2022/07/13 11:59:46 | 000,152,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022/07/13 11:59:46 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschap.dll
[2022/07/13 11:59:46 | 000,058,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022/07/13 11:59:45 | 002,681,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022/07/13 11:59:45 | 001,155,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2022/07/13 11:59:45 | 000,959,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022/07/13 11:59:45 | 000,930,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2022/07/13 11:59:45 | 000,907,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022/07/13 11:59:45 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022/07/13 11:59:45 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022/07/13 11:59:45 | 000,559,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022/07/13 11:59:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022/07/13 11:59:45 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2022/07/13 11:59:45 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022/07/13 11:59:45 | 000,199,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logoncli.dll
[2022/07/13 11:59:45 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wutrust.dll
[2022/07/13 11:59:45 | 000,130,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KerbClientShared.dll
[2022/07/13 11:59:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022/07/13 11:59:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2022/07/13 11:59:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netmsg.dll
[2022/07/13 11:59:44 | 006,991,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022/07/13 11:59:44 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2022/07/13 11:59:44 | 002,665,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2022/07/13 11:59:44 | 001,845,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2022/07/13 11:59:44 | 000,900,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2022/07/13 11:59:43 | 002,533,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2022/07/13 11:59:43 | 002,246,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2022/07/13 11:59:43 | 000,310,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022/07/13 11:59:43 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:43 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2022/07/13 11:59:43 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2022/07/13 11:59:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2022/07/13 11:59:43 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2022/07/13 11:59:43 | 000,062,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022/07/13 11:59:42 | 015,020,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022/07/13 11:59:42 | 002,519,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll
[2022/07/13 11:59:42 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2022/07/13 11:59:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2022/07/13 11:59:42 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2022/07/13 11:59:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2022/07/13 11:59:42 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2022/07/13 11:59:42 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2022/07/13 11:59:42 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2022/07/13 11:59:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2022/07/13 11:59:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2022/07/13 11:59:41 | 004,653,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022/07/13 11:59:41 | 004,394,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022/07/13 11:59:41 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2022/07/13 11:59:41 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_9.dll
[2022/07/13 11:59:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:41 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2022/07/13 11:59:41 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secproc.dll
[2022/07/13 11:59:41 | 000,173,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LanguageOverlayUtil.dll
[2022/07/13 11:59:41 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2022/07/13 11:59:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022/07/13 11:59:40 | 003,559,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022/07/13 11:59:40 | 002,225,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll
[2022/07/13 11:59:40 | 001,560,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APMon.dll
[2022/07/13 11:59:40 | 001,347,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:40 | 000,892,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2022/07/13 11:59:40 | 000,753,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenValObj.exe
[2022/07/13 11:59:40 | 000,679,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022/07/13 11:59:40 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2022/07/13 11:59:40 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2022/07/13 11:59:40 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdprint.dll
[2022/07/13 11:59:40 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2022/07/13 11:59:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022/07/13 11:59:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022/07/13 11:59:39 | 001,774,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022/07/13 11:59:39 | 001,250,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2022/07/13 11:59:39 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2022/07/13 11:59:39 | 000,823,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:39 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2022/07/13 11:59:39 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022/07/13 11:59:39 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022/07/13 11:59:39 | 000,385,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022/07/13 11:59:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2022/07/13 11:59:39 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efslsaext.dll
[2022/07/13 11:59:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efssvc.dll
[2022/07/13 11:59:38 | 010,509,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:38 | 003,821,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2022/07/13 11:59:38 | 002,891,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2022/07/13 11:59:38 | 002,211,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022/07/13 11:59:38 | 001,414,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022/07/13 11:59:38 | 000,670,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022/07/13 11:59:38 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022/07/13 11:59:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022/07/13 11:59:37 | 006,131,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022/07/13 11:59:37 | 003,514,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2022/07/13 11:59:37 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2022/07/13 11:59:37 | 000,537,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022/07/13 11:59:37 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhdrv.dll
[2022/07/13 11:59:37 | 000,447,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022/07/13 11:59:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2022/07/13 11:59:37 | 000,407,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2022/07/13 11:59:37 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022/07/13 11:59:37 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022/07/13 11:59:37 | 000,129,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpr.dll
[2022/07/13 11:59:37 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2022/07/13 11:59:37 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2022/07/13 11:59:35 | 003,670,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022/07/13 11:59:35 | 000,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2022/07/13 11:59:34 | 011,740,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022/07/13 11:59:33 | 002,129,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2022/07/13 11:59:33 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2022/07/13 11:59:33 | 001,484,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022/07/13 11:59:33 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022/07/13 11:59:33 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntfsres.dll
[2022/07/13 11:59:33 | 000,464,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2022/07/13 11:59:33 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022/07/13 11:59:33 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2022/07/13 11:59:33 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2022/07/13 11:59:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2022/07/13 11:59:33 | 000,296,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022/07/13 11:59:33 | 000,282,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logoncli.dll
[2022/07/13 11:59:33 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll
[2022/07/13 11:59:33 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022/07/13 11:59:33 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2022/07/13 11:59:33 | 000,144,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2022/07/13 11:59:33 | 000,030,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2022/07/13 11:59:32 | 004,173,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022/07/13 11:59:32 | 003,670,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022/07/13 11:59:32 | 002,318,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022/07/13 11:59:32 | 001,862,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2022/07/13 11:59:32 | 001,634,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022/07/13 11:59:32 | 001,245,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2022/07/13 11:59:32 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2022/07/13 11:59:32 | 000,947,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022/07/13 11:59:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netmsg.dll
[2022/07/13 11:59:31 | 001,501,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2022/07/13 11:59:31 | 001,075,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe
[2022/07/13 11:59:31 | 000,587,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2022/07/13 11:59:31 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2022/07/13 11:59:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2022/07/13 11:59:29 | 008,507,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022/07/13 11:59:29 | 003,400,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll
[2022/07/13 11:59:29 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2022/07/13 11:59:29 | 000,558,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploy.dll
[2022/07/13 11:59:29 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022/07/13 11:59:29 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wutrust.dll
[2022/07/13 11:59:29 | 000,112,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022/07/13 11:59:29 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022/07/13 11:59:28 | 003,016,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2022/07/13 11:59:28 | 001,609,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022/07/13 11:59:28 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022/07/13 11:59:28 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022/07/13 11:59:28 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvcimpl.dll
[2022/07/13 11:59:28 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022/07/13 11:59:28 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2022/07/13 11:59:28 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2022/07/13 11:59:28 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2022/07/13 11:59:28 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022/07/13 11:59:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll
[2022/07/13 11:59:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2022/07/13 11:59:28 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022/07/13 11:59:28 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2022/07/13 11:59:28 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2022/07/13 11:59:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2022/07/13 11:59:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2022/07/13 11:59:28 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022/07/13 11:59:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2022/07/13 11:59:27 | 005,902,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022/07/13 11:59:27 | 003,428,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022/07/13 11:59:27 | 001,183,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2022/07/13 11:59:27 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2022/07/13 11:59:27 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2022/07/13 11:59:27 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2022/07/13 11:59:27 | 000,238,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2022/07/13 11:59:27 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2022/07/13 11:59:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2022/07/13 11:59:27 | 000,161,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2022/07/13 11:59:27 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2022/07/13 11:59:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2022/07/13 11:59:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2022/07/13 11:59:26 | 003,833,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022/07/13 11:59:26 | 001,774,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022/07/13 11:59:26 | 001,127,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022/07/13 11:59:26 | 001,070,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022/07/13 11:59:26 | 000,542,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022/07/13 11:59:26 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022/07/13 11:59:26 | 000,166,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022/07/13 11:59:25 | 002,041,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2022/07/13 11:59:25 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2022/07/13 11:59:25 | 001,278,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2022/07/13 11:59:25 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2022/07/13 11:59:25 | 000,208,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KerbClientShared.dll
[2022/07/13 11:59:24 | 008,876,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022/07/13 11:59:24 | 004,820,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2022/07/13 11:59:24 | 003,960,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2022/07/13 11:59:24 | 003,440,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2022/07/13 11:59:24 | 002,523,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022/07/13 11:59:24 | 000,525,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022/07/13 11:59:24 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022/07/13 11:59:24 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022/07/13 11:59:24 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022/07/13 11:59:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022/07/13 11:59:23 | 003,362,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022/07/13 11:59:23 | 003,014,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2022/07/13 11:59:23 | 002,641,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2022/07/13 11:59:23 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2022/07/13 11:59:23 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2022/07/13 11:59:23 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:23 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2022/07/13 11:59:23 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2022/07/13 11:59:23 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2022/07/13 11:59:23 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2022/07/13 11:59:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2022/07/13 11:59:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2022/07/13 11:59:23 | 000,099,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022/07/13 11:59:21 | 018,894,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2022/07/13 11:59:20 | 005,025,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022/07/13 11:59:20 | 001,496,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2022/07/13 11:59:20 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022/07/13 11:59:20 | 001,310,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022/07/13 11:59:20 | 001,277,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:20 | 001,200,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Storage.dll
[2022/07/13 11:59:20 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022/07/13 11:59:20 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ptpprov.dll
[2022/07/13 11:59:20 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022/07/13 11:59:20 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecureTimeAggregator.dll
[2022/07/13 11:59:20 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022/07/13 11:59:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022/07/13 11:59:19 | 002,030,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2022/07/13 11:59:19 | 001,646,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022/07/13 11:59:19 | 001,339,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2022/07/13 11:59:19 | 000,927,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022/07/13 11:59:19 | 000,873,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2022/07/13 11:59:19 | 000,843,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2022/07/13 11:59:19 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_9.dll
[2022/07/13 11:59:19 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022/07/13 11:59:19 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HrtfApo.dll
[2022/07/13 11:59:19 | 000,501,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2022/07/13 11:59:19 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayServer.dll
[2022/07/13 11:59:19 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2022/07/13 11:59:19 | 000,464,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2022/07/13 11:59:19 | 000,232,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayUtil.dll
[2022/07/13 11:59:19 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatialAudioLicenseSrv.exe
[2022/07/13 11:59:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguagePackManagementCSP.dll
[2022/07/13 11:59:19 | 000,117,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2022/07/13 11:59:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022/07/13 11:59:19 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2022/07/13 11:59:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audioresourceregistrar.dll
[2022/07/13 11:59:19 | 000,021,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll
[2022/07/13 11:59:18 | 000,857,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2022/07/13 11:59:18 | 000,656,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2022/07/13 11:59:18 | 000,263,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2022/07/13 11:59:18 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022/07/13 11:54:25 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2022/07/13 11:54:24 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2022/07/13 11:54:08 | 000,000,000 | -H-D | C] -- C:\$WinREAgent
[2022/07/07 14:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

ペソネ
2022/07/20 (Wed) 09:02:01

返信フォームへ

OTL5

ログ5
[2022/07/19 22:35:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2022/07/19 22:25:49 | 001,449,444 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2022/07/19 22:25:49 | 000,707,374 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2022/07/19 22:25:49 | 000,473,422 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2022/07/19 22:25:49 | 000,135,698 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2022/07/19 22:25:49 | 000,132,352 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2022/07/19 22:21:15 | 000,223,176 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2022/07/19 22:21:06 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2022/07/19 22:21:02 | 3399,548,928 | -HS- | M] () -- C:\hiberfil.sys
[2022/07/18 22:22:06 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2022/07/16 08:22:43 | 000,002,275 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2022/07/13 12:19:56 | 000,341,208 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2022/07/13 12:04:22 | 000,933,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSRESM.dll
[2022/07/13 12:04:22 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2022/07/13 12:04:22 | 000,438,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSTIFF.dll
[2022/07/13 12:04:22 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2022/07/13 12:04:22 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXST30.dll
[2022/07/13 12:04:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2022/07/13 12:04:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOM.dll
[2022/07/13 12:04:22 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSROUTE.dll
[2022/07/13 12:04:22 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSMON.dll
[2022/07/13 12:04:22 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinFax.dll
[2022/07/13 12:04:22 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUNATD.exe
[2022/07/13 12:04:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSEVENT.dll
[2022/07/13 12:04:20 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\racpldlg.dll
[2022/07/13 12:04:20 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msra.exe
[2022/07/13 12:04:20 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdchange.exe
[2022/07/13 12:04:20 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsraLegacy.tlb
[2022/07/13 12:04:19 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022/07/13 12:04:19 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022/07/13 12:04:19 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022/07/13 12:04:19 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022/07/13 12:04:19 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022/07/13 12:04:19 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSXP32.dll
[2022/07/13 12:04:19 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022/07/13 12:04:18 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2022/07/13 12:04:18 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2022/07/13 12:04:18 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\racpldlg.dll
[2022/07/13 12:04:18 | 000,129,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2022/07/13 12:04:18 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdchange.exe
[2022/07/13 12:04:18 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2022/07/13 12:04:18 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsraLegacy.tlb
[2022/07/13 12:04:17 | 004,465,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022/07/13 12:04:16 | 005,431,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022/07/13 12:04:16 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2022/07/13 12:04:16 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2022/07/13 12:04:15 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv2.sys.mui
[2022/07/13 12:04:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mrxsmb.sys.mui
[2022/07/13 12:04:15 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ja-JP\srv2.sys.mui
[2022/07/13 12:04:15 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ja-JP\mrxsmb.sys.mui
[2022/07/13 12:00:02 | 011,048,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntkrla57.exe
[2022/07/13 11:59:59 | 005,735,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2022/07/13 11:59:59 | 003,685,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2022/07/13 11:59:59 | 002,349,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022/07/13 11:59:59 | 001,260,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2022/07/13 11:59:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2022/07/13 11:59:58 | 008,306,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2022/07/13 11:59:58 | 004,235,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2022/07/13 11:59:58 | 002,637,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022/07/13 11:59:58 | 001,563,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2022/07/13 11:59:58 | 001,162,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022/07/13 11:59:58 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2022/07/13 11:59:58 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSHExtensions.dll
[2022/07/13 11:59:57 | 007,389,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2022/07/13 11:59:57 | 004,059,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022/07/13 11:59:57 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2022/07/13 11:59:56 | 006,048,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022/07/13 11:59:56 | 001,594,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022/07/13 11:59:56 | 001,392,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022/07/13 11:59:56 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2022/07/13 11:59:56 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2022/07/13 11:59:55 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2022/07/13 11:59:55 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2022/07/13 11:59:54 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2022/07/13 11:59:54 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2022/07/13 11:59:54 | 000,470,528 | ---- | M] (curl, https://curl.se/) -- C:\WINDOWS\SysWow64\curl.exe
[2022/07/13 11:59:54 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scansetting.dll
[2022/07/13 11:59:54 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadefui.dll
[2022/07/13 11:59:54 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2022/07/13 11:59:54 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiascanprofiles.dll
[2022/07/13 11:59:54 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2022/07/13 11:59:54 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2022/07/13 11:59:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcspoffln.dll
[2022/07/13 11:59:52 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022/07/13 11:59:51 | 008,896,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2022/07/13 11:59:51 | 002,032,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022/07/13 11:59:51 | 001,810,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2022/07/13 11:59:51 | 001,787,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022/07/13 11:59:51 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2022/07/13 11:59:51 | 000,439,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022/07/13 11:59:51 | 000,116,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2022/07/13 11:59:51 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2022/07/13 11:59:50 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2022/07/13 11:59:50 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2022/07/13 11:59:50 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFIPP.dll
[2022/07/13 11:59:50 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementService.dll
[2022/07/13 11:59:50 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFMCP.dll
[2022/07/13 11:59:50 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2022/07/13 11:59:50 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2022/07/13 11:59:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2022/07/13 11:59:50 | 000,062,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2022/07/13 11:59:50 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McpManagementProxy.dll
[2022/07/13 11:59:48 | 000,966,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2022/07/13 11:59:48 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2022/07/13 11:59:48 | 000,659,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2022/07/13 11:59:48 | 000,581,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2022/07/13 11:59:48 | 000,530,944 | ---- | M] (curl, https://curl.se/) -- C:\WINDOWS\SysNative\curl.exe
[2022/07/13 11:59:48 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2022/07/13 11:59:48 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scansetting.dll
[2022/07/13 11:59:48 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2022/07/13 11:59:48 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFESCL.dll
[2022/07/13 11:59:48 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadefui.dll
[2022/07/13 11:59:48 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2022/07/13 11:59:48 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2022/07/13 11:59:48 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EsclWiaDriver.dll
[2022/07/13 11:59:48 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiascanprofiles.dll
[2022/07/13 11:59:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2022/07/13 11:59:48 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2022/07/13 11:59:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2022/07/13 11:59:48 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiatrace.dll
[2022/07/13 11:59:48 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcspoffln.dll
[2022/07/13 11:59:47 | 001,368,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagperf.dll
[2022/07/13 11:59:47 | 000,460,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computestorage.dll
[2022/07/13 11:59:47 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2022/07/13 11:59:46 | 009,028,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:46 | 001,783,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022/07/13 11:59:46 | 001,749,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2022/07/13 11:59:46 | 001,549,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022/07/13 11:59:46 | 001,015,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:46 | 000,857,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022/07/13 11:59:46 | 000,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2022/07/13 11:59:46 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:46 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2022/07/13 11:59:46 | 000,311,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022/07/13 11:59:46 | 000,263,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022/07/13 11:59:46 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdprint.dll
[2022/07/13 11:59:46 | 000,152,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022/07/13 11:59:46 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschap.dll
[2022/07/13 11:59:46 | 000,058,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022/07/13 11:59:46 | 000,015,040 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/07/13 11:59:45 | 002,681,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022/07/13 11:59:45 | 001,845,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2022/07/13 11:59:45 | 001,155,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2022/07/13 11:59:45 | 000,959,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022/07/13 11:59:45 | 000,930,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2022/07/13 11:59:45 | 000,907,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022/07/13 11:59:45 | 000,863,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022/07/13 11:59:45 | 000,782,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022/07/13 11:59:45 | 000,559,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022/07/13 11:59:45 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022/07/13 11:59:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2022/07/13 11:59:45 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022/07/13 11:59:45 | 000,199,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logoncli.dll
[2022/07/13 11:59:45 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wutrust.dll
[2022/07/13 11:59:45 | 000,130,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KerbClientShared.dll
[2022/07/13 11:59:45 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022/07/13 11:59:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2022/07/13 11:59:45 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netmsg.dll
[2022/07/13 11:59:44 | 006,991,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022/07/13 11:59:44 | 003,138,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2022/07/13 11:59:44 | 002,665,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2022/07/13 11:59:44 | 002,246,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2022/07/13 11:59:44 | 000,900,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2022/07/13 11:59:43 | 015,020,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022/07/13 11:59:43 | 002,533,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2022/07/13 11:59:43 | 000,310,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022/07/13 11:59:43 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:43 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2022/07/13 11:59:43 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2022/07/13 11:59:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2022/07/13 11:59:43 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2022/07/13 11:59:43 | 000,062,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022/07/13 11:59:42 | 004,653,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022/07/13 11:59:42 | 002,519,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowsudk.shellcommon.dll
[2022/07/13 11:59:42 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2022/07/13 11:59:42 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2022/07/13 11:59:42 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2022/07/13 11:59:42 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2022/07/13 11:59:42 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2022/07/13 11:59:42 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2022/07/13 11:59:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2022/07/13 11:59:42 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2022/07/13 11:59:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2022/07/13 11:59:41 | 004,394,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022/07/13 11:59:41 | 002,225,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ServicingUAPI.dll
[2022/07/13 11:59:41 | 000,649,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2022/07/13 11:59:41 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_9.dll
[2022/07/13 11:59:41 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:41 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2022/07/13 11:59:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secproc.dll
[2022/07/13 11:59:41 | 000,173,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LanguageOverlayUtil.dll
[2022/07/13 11:59:41 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2022/07/13 11:59:41 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022/07/13 11:59:40 | 003,559,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022/07/13 11:59:40 | 001,560,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APMon.dll
[2022/07/13 11:59:40 | 001,347,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.Workflow.dll
[2022/07/13 11:59:40 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2022/07/13 11:59:40 | 000,753,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenValObj.exe
[2022/07/13 11:59:40 | 000,679,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022/07/13 11:59:40 | 000,659,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2022/07/13 11:59:40 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2022/07/13 11:59:40 | 000,385,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022/07/13 11:59:40 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdprint.dll
[2022/07/13 11:59:40 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2022/07/13 11:59:40 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022/07/13 11:59:40 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022/07/13 11:59:39 | 002,211,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022/07/13 11:59:39 | 001,774,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022/07/13 11:59:39 | 001,250,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2022/07/13 11:59:39 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2022/07/13 11:59:39 | 000,823,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2022/07/13 11:59:39 | 000,651,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2022/07/13 11:59:39 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022/07/13 11:59:39 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022/07/13 11:59:39 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2022/07/13 11:59:39 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efslsaext.dll
[2022/07/13 11:59:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efssvc.dll
[2022/07/13 11:59:38 | 010,509,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2022/07/13 11:59:38 | 003,821,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2022/07/13 11:59:38 | 003,514,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2022/07/13 11:59:38 | 002,891,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2022/07/13 11:59:38 | 001,414,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022/07/13 11:59:38 | 000,670,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022/07/13 11:59:38 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022/07/13 11:59:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022/07/13 11:59:37 | 006,131,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022/07/13 11:59:37 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2022/07/13 11:59:37 | 000,537,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022/07/13 11:59:37 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhdrv.dll
[2022/07/13 11:59:37 | 000,447,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022/07/13 11:59:37 | 000,443,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2022/07/13 11:59:37 | 000,407,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2022/07/13 11:59:37 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022/07/13 11:59:37 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022/07/13 11:59:37 | 000,129,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpr.dll
[2022/07/13 11:59:37 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2022/07/13 11:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2022/07/13 11:59:35 | 011,740,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022/07/13 11:59:35 | 003,670,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022/07/13 11:59:35 | 000,534,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2022/07/13 11:59:34 | 002,129,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2022/07/13 11:59:33 | 003,670,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022/07/13 11:59:33 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2022/07/13 11:59:33 | 001,484,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022/07/13 11:59:33 | 000,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022/07/13 11:59:33 | 000,757,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntfsres.dll
[2022/07/13 11:59:33 | 000,464,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2022/07/13 11:59:33 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022/07/13 11:59:33 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2022/07/13 11:59:33 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2022/07/13 11:59:33 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2022/07/13 11:59:33 | 000,296,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022/07/13 11:59:33 | 000,282,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logoncli.dll
[2022/07/13 11:59:33 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsaadt.dll
[2022/07/13 11:59:33 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022/07/13 11:59:33 | 000,157,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2022/07/13 11:59:33 | 000,144,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2022/07/13 11:59:33 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2022/07/13 11:59:32 | 004,173,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022/07/13 11:59:32 | 002,318,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022/07/13 11:59:32 | 001,862,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2022/07/13 11:59:32 | 001,634,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022/07/13 11:59:32 | 001,245,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2022/07/13 11:59:32 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2022/07/13 11:59:32 | 000,947,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022/07/13 11:59:32 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netmsg.dll
[2022/07/13 11:59:31 | 001,501,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2022/07/13 11:59:31 | 001,075,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellAppRuntime.exe
[2022/07/13 11:59:31 | 000,587,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2022/07/13 11:59:31 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2022/07/13 11:59:31 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2022/07/13 11:59:30 | 008,507,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022/07/13 11:59:29 | 003,400,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskbar.dll
[2022/07/13 11:59:29 | 000,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2022/07/13 11:59:29 | 000,558,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploy.dll
[2022/07/13 11:59:29 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022/07/13 11:59:29 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wutrust.dll
[2022/07/13 11:59:29 | 000,112,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022/07/13 11:59:29 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022/07/13 11:59:28 | 003,428,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022/07/13 11:59:28 | 003,016,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2022/07/13 11:59:28 | 001,609,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022/07/13 11:59:28 | 001,372,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022/07/13 11:59:28 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022/07/13 11:59:28 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvcimpl.dll
[2022/07/13 11:59:28 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022/07/13 11:59:28 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2022/07/13 11:59:28 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2022/07/13 11:59:28 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2022/07/13 11:59:28 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022/07/13 11:59:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudkservices.shellcommon.dll
[2022/07/13 11:59:28 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2022/07/13 11:59:28 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022/07/13 11:59:28 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2022/07/13 11:59:28 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2022/07/13 11:59:28 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2022/07/13 11:59:28 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2022/07/13 11:59:28 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022/07/13 11:59:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2022/07/13 11:59:27 | 005,902,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022/07/13 11:59:27 | 001,183,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2022/07/13 11:59:27 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2022/07/13 11:59:27 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2022/07/13 11:59:27 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2022/07/13 11:59:27 | 000,238,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2022/07/13 11:59:27 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2022/07/13 11:59:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2022/07/13 11:59:27 | 000,161,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2022/07/13 11:59:27 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2022/07/13 11:59:27 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2022/07/13 11:59:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2022/07/13 11:59:26 | 003,833,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022/07/13 11:59:26 | 001,774,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022/07/13 11:59:26 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2022/07/13 11:59:26 | 001,127,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022/07/13 11:59:26 | 001,070,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022/07/13 11:59:26 | 000,542,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022/07/13 11:59:26 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022/07/13 11:59:26 | 000,166,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022/07/13 11:59:25 | 008,876,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022/07/13 11:59:25 | 002,041,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2022/07/13 11:59:25 | 001,278,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2022/07/13 11:59:25 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2022/07/13 11:59:25 | 000,208,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KerbClientShared.dll
[2022/07/13 11:59:24 | 004,820,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2022/07/13 11:59:24 | 003,960,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2022/07/13 11:59:24 | 003,440,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2022/07/13 11:59:24 | 003,014,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2022/07/13 11:59:24 | 002,523,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022/07/13 11:59:24 | 000,525,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022/07/13 11:59:24 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022/07/13 11:59:24 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022/07/13 11:59:24 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022/07/13 11:59:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022/07/13 11:59:23 | 018,894,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2022/07/13 11:59:23 | 003,362,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022/07/13 11:59:23 | 002,641,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2022/07/13 11:59:23 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2022/07/13 11:59:23 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2022/07/13 11:59:23 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2022/07/13 11:59:23 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2022/07/13 11:59:23 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2022/07/13 11:59:23 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2022/07/13 11:59:23 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2022/07/13 11:59:23 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2022/07/13 11:59:23 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2022/07/13 11:59:23 | 000,099,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022/07/13 11:59:20 | 005,025,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022/07/13 11:59:20 | 001,496,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2022/07/13 11:59:20 | 001,323,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022/07/13 11:59:20 | 001,310,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022/07/13 11:59:20 | 001,277,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dll
[2022/07/13 11:59:20 | 001,200,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Storage.dll
[2022/07/13 11:59:20 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022/07/13 11:59:20 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ptpprov.dll
[2022/07/13 11:59:20 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022/07/13 11:59:20 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecureTimeAggregator.dll
[2022/07/13 11:59:20 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022/07/13 11:59:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022/07/13 11:59:19 | 002,030,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2022/07/13 11:59:19 | 001,646,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022/07/13 11:59:19 | 001,339,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2022/07/13 11:59:19 | 000,927,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022/07/13 11:59:19 | 000,873,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2022/07/13 11:59:19 | 000,843,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2022/07/13 11:59:19 | 000,671,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_9.dll
[2022/07/13 11:59:19 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022/07/13 11:59:19 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HrtfApo.dll
[2022/07/13 11:59:19 | 000,501,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayServer.dll
[2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2022/07/13 11:59:19 | 000,464,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2022/07/13 11:59:19 | 000,335,872 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022/07/13 11:59:19 | 000,232,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageOverlayUtil.dll
[2022/07/13 11:59:19 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatialAudioLicenseSrv.exe
[2022/07/13 11:59:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguagePackManagementCSP.dll
[2022/07/13 11:59:19 | 000,117,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2022/07/13 11:59:19 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022/07/13 11:59:19 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2022/07/13 11:59:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audioresourceregistrar.dll
[2022/07/13 11:59:19 | 000,021,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hspfw.dll
[2022/07/13 11:59:18 | 003,101,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2022/07/13 11:59:18 | 000,857,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2022/07/13 11:59:18 | 000,656,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2022/07/13 11:59:18 | 000,263,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2022/07/13 11:59:18 | 000,162,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\UsbXhciCompanion.dll
[2022/07/13 11:59:18 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022/07/13 11:59:17 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthA2dp.sys
[2022/07/01 13:55:28 | 000,239,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2022/06/28 12:24:04 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2022/06/28 11:43:55 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

ペソネ
2022/07/20 (Wed) 09:03:11

返信フォームへ

OTL6

ログ6
[2022/07/18 22:22:06 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2022/07/13 11:59:46 | 000,015,040 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/07/13 11:59:19 | 000,335,872 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022/04/29 09:02:47 | 000,019,456 | ---- | C] () -- C:\WINDOWS\SysWow64\WsdProviderUtil.dll
[2022/04/29 09:02:26 | 000,051,712 | ---- | C] () -- C:\WINDOWS\SysWow64\CredProvCommonCore.dll
[2022/04/29 09:02:19 | 000,460,800 | ---- | C] () -- C:\WINDOWS\SysWow64\SettingSyncDownloadHelper.dll
[2022/03/22 09:40:15 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2022/03/22 09:30:58 | 000,247,808 | ---- | C] () -- C:\WINDOWS\SysWow64\pku2u.dll
[2022/03/22 09:30:58 | 000,013,824 | ---- | C] () -- C:\WINDOWS\SysWow64\prxyqry.dll
[2022/03/22 09:30:56 | 000,267,264 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Dialogs.dll
[2022/03/22 09:30:54 | 000,006,656 | ---- | C] () -- C:\WINDOWS\SysWow64\nrtapi.dll
[2022/03/22 09:30:49 | 000,617,648 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2022/03/22 09:30:49 | 000,425,984 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2022/03/22 09:30:48 | 000,221,184 | ---- | C] () -- C:\WINDOWS\SysWow64\Microsoft.Internal.FrameworkUdk.System.dll
[2022/03/22 09:30:44 | 000,121,344 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2021/06/05 21:08:55 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2021/06/05 21:08:55 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2021/06/05 21:08:55 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2021/06/05 21:06:26 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2021/06/05 21:06:26 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2021/06/05 21:06:23 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2021/06/05 21:06:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021/06/05 21:05:59 | 000,065,024 | ---- | C] () -- C:\WINDOWS\SysWow64\sstpcfg.dll
[2021/06/05 21:05:55 | 000,292,352 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2021/06/05 21:05:53 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2021/06/05 21:05:51 | 001,308,736 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021/06/05 21:05:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2021/06/05 21:05:48 | 003,635,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2021/06/05 21:05:48 | 000,513,536 | ---- | C] () -- C:\WINDOWS\SysWow64\SearchIndexerCore.dll
[2021/06/05 21:05:48 | 000,262,656 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021/06/05 21:05:48 | 000,118,272 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2021/06/05 21:05:48 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2021/06/05 21:05:45 | 000,264,192 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2021/06/05 21:05:43 | 000,345,088 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2021/06/05 21:05:43 | 000,073,216 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2021/06/05 21:05:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\WwanPrfl.dll
[2021/06/05 21:05:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2021/06/05 21:05:43 | 000,011,776 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2021/06/05 21:05:37 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2021/06/05 21:05:34 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2019/12/17 16:44:37 | 000,000,036 | ---- | C] () -- C:\Users\XXXX\AppData\Local\housecall.guid.cache
[2019/12/17 15:39:44 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[color=#E56717]========== ZeroAccess Check ==========[/color]

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2022/07/13 11:59:25 | 008,876,968 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2022/07/13 11:59:44 | 006,991,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2021/06/05 21:04:58 | 001,019,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2021/06/05 21:05:46 | 000,815,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2021/06/05 21:05:14 | 000,491,520 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2022/04/24 00:29:54 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk
[2019/12/17 16:17:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2018/05/11 12:31:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2022/07/19 22:33:17 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Settings
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2019/12/07 18:31:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\RetailDemo
[2022/03/22 10:00:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\2022-04-22-23-50-25
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR\2022-04-22-23-50-25
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44
[2022/04/23 08:50:25 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44\2022-04-22-23-50-25
[2022/03/22 09:55:02 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2020/06/18 17:43:16 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2019/12/17 15:51:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2019/12/17 15:41:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD.exe
[2018/05/11 12:35:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Settings
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2019/12/07 18:31:03 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\RetailDemo
[2022/03/22 10:00:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2021/06/05 21:10:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2022/03/22 09:49:59 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData
[2021/04/02 09:25:15 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\SEC
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatCache
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatUaCache
[2022/07/17 22:54:06 | 000,000,000 | RH-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\Burn\Burn
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
[2022/03/22 09:55:51 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2019/12/17 15:50:47 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2022/07/19 19:33:27 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\Content.MSO
[2021/04/02 09:25:15 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Local\SEC\Explore
[2022/04/23 08:43:02 | 000,000,000 | -H-D | M] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2022/03/22 09:49:59 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2019/12/17 15:51:14 | 000,000,000 | -H-D | M] -- C:\Users\Default\Pictures\NEC
[2022/03/22 09:55:55 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2022/07/18 22:22:06 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2022/03/22 09:44:39 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2022/04/24 00:30:16 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2021/06/05 21:10:49 | 000,000,000 | -H-D | M] -- C:\Windows\LanguageOverlayCache
[2022/03/22 09:49:58 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2022/03/22 09:50:09 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\Pictures\NEC
[2022/03/22 09:49:58 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2022/03/22 09:50:08 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\Pictures\NEC

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2021/01/16 18:11:30 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

ペソネ
2022/07/20 (Wed) 09:05:56

返信フォームへ

OTL7

ログ7
Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG MZ7LN256HAJQ-000L7
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 237.00GB
Starting Offset: 290455552
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,000.00MB
Starting Offset: 255011586048
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2022/05/11 16:29:05 | 000,294,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:09 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2022/03/30 09:13:36 | 001,662,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 000,925,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2021/06/05 21:05:53 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,442,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2022/03/22 09:30:53 | 000,336,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
No service found with a name of Browser
SRV:[b]64bit:[/b] - [2021/06/05 21:05:23 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:33 | 001,421,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:24 | 000,426,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2022/03/22 09:30:54 | 000,333,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:00 | 000,451,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2022/05/11 16:28:59 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:28 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2022/05/11 16:29:44 | 000,030,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:33 | 000,662,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:25 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2022/05/11 16:29:14 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 000,282,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:07 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:25 | 000,057,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,159,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2022/05/11 16:29:33 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:40 | 001,114,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:33 | 001,421,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:39 | 000,053,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:29 | 000,084,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 000,315,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:37 | 000,327,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:18 | 000,278,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2022/05/25 09:02:24 | 000,212,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2021/06/05 21:05:12 | 000,835,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:59 | 000,335,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2022/05/11 16:30:12 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,114,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:25 | 000,614,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2022/03/22 09:30:17 | 001,466,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 002,015,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:19 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:16 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV - [2022/04/08 08:50:35 | 000,133,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:13 | 001,269,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:52 | 001,159,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (mpssvc)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:48 | 000,819,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (StiSvc)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:57 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2022/05/11 16:30:11 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2021/06/05 21:05:14 | 000,245,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2022/07/13 11:59:29 | 003,567,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2022/05/11 16:29:00 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2022/05/25 09:01:43 | 002,752,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2022/05/25 09:02:03 | 000,323,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

お手数をおかけしますが、よろしくお願いします。

ペソネ
2022/07/20 (Wed) 09:07:37

返信フォームへ

Localフォルダの確認をお願いします

IVNOさん、またフォローありがとうございます。

ペソネさん、作業と報告、ご苦労様です。
OTLログを見せてもらいました。

一通り見ましたが、dnswalters.exeは動いている形跡も含めてまったくないようですね。
動いていないということは今のところそれによる影響はないかと思われますが、他にも怪しいところは見えないので不安がらなくていいです。

では先のACで検出されたフォルダを調べてもらえますか。

手動目視でCドライブの下記パスを開いてください。

C:\Users\XXXX\AppData\Local\Programs

ACで検出されたdnswalters.exeがあったフォルダです。
そこのフォルダ直下に、dnswalters.exe以外にも妙なファイルがあればそれを教えてください。

Commonフォルダがあるのは普通ですがよほど必要があって特殊な使い方するのでない限り上記フォルダにプログラムをインストールすることはありませんしその場合でもユーザー自身が対処できる知識と自己責任が必須になります。

怪しいファイル等がなければいいですが、、不審なものが見つかったらその旨をレスください。

dnswalters.exeをACから完全削除してなかったらそれを直接解析することで糸口見えた可能性もありますが、素性不明なファイルを残しておくとどんな動きしているかもわからないので隔離は当然ですからペソネさんの判断は間違ってませんので気にしなくていいです。

悪代官
2022/07/20 (Wed) 21:45:48

返信フォームへ

Re: Adwcleanerの誤検出？

悪代官さん、返信ありがとうございます。

>>dnswalters.exe以外にも妙なファイルがあればそれを教えてください。

Localを調べましたが、フォルダはCommonだけでした。

ペソネ
2022/07/20 (Wed) 23:10:28

返信フォームへ

では様子見にかかりましょうか

今日もレスが遅くなってすみません。

>Localを調べましたが、フォルダはCommonだけでした。

はい、それなら普通の状態です。

今のところdnswalters.exeが動いている形跡は見えず、ファイル自体も再度現れてもいないので実害はないと思われますが、それが入り込んだ経緯が不明ですね。
一番考えられる可能性としては、以前にどこかでマルチメディア系のアプリをダウンロード、インストールした際に同梱で入れられた可能性です。
この手の同梱プログラムによるトラブルは当掲示板でも過去に腐るほど前例がありました（←腐ってるのはヲマエの根性

いつ頃どのプログラムにくっついてきたのかはわかりませんが、dnswaltersはファイルだけでインストールされてはいなかったため動くこともなかったんでしょうか。

原因と経緯がはっきりしないのはひっかかりますが各種ログを見た限りでは不審な接続やリダイレクトの形跡は見えないので、あとは様子見しましょうか。

そのまま普通にPCを使いながらでいいので1週間様子見してください。

そして1週間後にまたHJTとCCでの各ログ、それとACのスキャンもしてからそのログも添えて、様子見中の状態報告とともにレスください。

この時点でログと状態にも再発や異常なければ危険もなくなっていると考えてよさそうですが、もし何か異常見えたら1週間待たなくていいのでそこでレスください。

悪質巧妙なマルウェアほど表面上は異常見せないまま水面下で根を張り伸ばしてPCを支配下に置きますから、目に見える症状だけで大丈夫と過信しないでください。
異常なくなったと思ったあとの様子見で再発や別口の異常見つかった事例もありましたから、最後まで油断されませんように

悪代官
2022/07/21 (Thu) 21:54:29

返信フォームへ

Re: Adwcleanerの誤検出？

悪代官さん、ログの検証ありがとうございます。

>>dnswalters.exeが動いている形跡は見えず、ファイル自体も再度現れてもいないので実害はないと思われますが、それが入り込んだ経緯が不明
>>一番考えられる可能性としては、以前にどこかでマルチメディア系のアプリをダウンロード、インストールした際に同梱で入れられた可能性

マルチメディア系のソフトですか。流石にItunesやMusic Centerに混ざっているとは考えにくいし、
フリーソフトの類も一切ダウンロードしないので、何が原因なのか見当が付きません。
そういえば、以前挙げたredditのスレに「ダウンロードしたソフトはAdwcleanerだけ」と書いてありました。
解決の糸口を掴むヒントになり得ますでしょうか。

今のところ、PCに問題は起きていません。
1週間後また報告に参りますので、その際はよろしくお願いします。

ペソネ
2022/07/22 (Fri) 09:15:48

返信フォームへ

Re: Adwcleanerの誤検出？

悪代官さん、お世話になっております。ペソネです。
1週間経ちましたので報告致します。検証の方よろしくお願いします。

ペソネ
2022/07/28 (Thu) 20:31:09

返信フォームへ

HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:27:09, on 2022/07/28
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22000.0120)

Boot mode: Normal

Running processes:
C:\Users\XXXX\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.71\BHO\ie_to_edge_bho.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_6ea8a - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
O23 - Service: @oem35.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem35.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TmWscSvc - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8060 bytes

ペソネ
2022/07/28 (Thu) 20:32:45

返信フォームへ

CCログ

インストール
有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
スタートアップ
有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
スケジュールされたタスク
有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
コンテキストメニュー
有効 HKCU:Run MicrosoftEdgeAutoLaunch_4D7D77F120A72D51F6BD27E97162BD95 Microsoft Corporation "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run SecurityHealth Microsoft Corporation %windir%\system32\SecurityHealthSystray.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
サービス
有効 Service Elan Service ELAN Microelectronics Corp. "C:\Program Files\Elantech\ETDService.exe"
無効 Service Intel(R) Capability Licensing Service TCP IP Interface Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
有効 Service Intel(R) Content Protection HDCP Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHDCPSvc.exe
無効 Service Intel(R) Content Protection HECI Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch1.inf_amd64_484d2c1a08e1f7ed\IntelCpHeciSvc.exe
有効 Service Intel(R) Dynamic Application Loader Host Interface Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
有効 Service Intel(R) Graphics Command Center Service Intel(R) pGFX C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
有効 Service Intel(R) HD Graphics Control Panel Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
有効 Service Intel(R) Management and Security Application Local Management Service Intel Corporation C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
無効 Service Intel(R) Optane(TM) Memory Service Intel Corporation C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
有効 Service Intel(R) TPM Provisioning Service Intel(R) Corporation C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
有効 Service Malwarebytes Service Malwarebytes "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
無効 Service Mozilla Maintenance Service Mozilla Foundation "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
有効 Service NT Meter NEC Personal Computers, Ltd. c:\Windows\SysWOW64\NTMETER.exe
無効 Service OpenSSH Authentication Agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
有効 Service Platinum Host Service Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe"
有効 Service Security Solution Platform Trend Micro Inc. "C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=1 -ad -bt=0
無効 Service TmWscSvc Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\TmWscSvc\TmWscSvc.exe"
IEプラグイン
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.71\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.71\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
FFプラグイン
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.71\BHO\ie_to_edge_bho.dll
有効 Helper IEToEdge BHO Microsoft Corporation C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.71\BHO\ie_to_edge_bho_64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll

ペソネ
2022/07/28 (Thu) 20:38:29

返信フォームへ

ACログ

ログ
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-28-2022
# Duration: 00:00:05
# OS: Windows 10 Home
# Scanned: 32044
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S581].txt ##########

ペソネ
2022/07/28 (Thu) 20:41:25

返信フォームへ

異常なければ解決で

こんばんは。
レスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて騙し討ちするのが悪代官の策略です（←いったい何と戦ってるんだ

様子見後の報告ですね。
現在のログを見せてもらいましたが不審なところは見えないようです。
特におかしな症状は出ていませんか？

異常なければ今回は一応片付いたということでいいでしょう。
作業に使った各ツール類は準備時の説明に沿って片付けてください。

DNSwalters.exeの素性と経緯がはっきりつかめなかったのがひっかかりますが、プロセスにそれらしい動きも見えないので隠れて動いておそれも考えにくいでしょう。

どのセキュリティソフトで検出されたものでも、すぐに削除はせず隔離したうえでそれの詳細を調べてから判断する癖をつけましょう。
誤検出で正規のファイル、エントリを削除してしまうと深刻な不具合につながるのでいつでも戻せる準備は必要です。

以後のトラブルを防ぐための自衛策も見直しておいてください。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

長いこと手間かけて作業してもらいながら結局素性がつかめないまま終わってしまって、不安の種が残ってしまったのではないでしょうか。
肝心な部分でお役に立てずごめんなさい。

セキュリティソフトは不可欠ですがセキュリティソフトだけでセキュリティは成り立ちません。
それを使うユーザーの意識と使い方次第でセキュリティソフトの性能はゼロにも半にも倍にも変化します。
ご自身のPC環境をわかる範囲から少しずつでいいので見直して長所を伸ばし短所を補っていけばそれだけPCスキルも幅広い角度で成長しますよ。

長期間頑張ってくれてお疲れ様でした。
宜雄は安全で快適なPCライフを

悪代官
2022/07/29 (Fri) 21:31:07

返信フォームへ

Re: Adwcleanerの誤検出？

悪代官さん、真摯に対応してくださってありがとうございました。
またお世話になる事もあるかと思いますが、その際はよろしくお願いします。

ペソネ
2022/07/29 (Fri) 23:33:38

返信フォームへ

返信フォーム

Template by マシマロック