悪代官の伏魔殿掲示板別館

初めまして、宜しくお願い致します。

ブラウザに、特に英字で、ポップの広告が出ます。
Google 検索などの簡素なページでは出ないのですが、ポップの広告が出るサイトでは、
正規の広告と連動して出てきます
その上、タブが新規に複数出てきて、怪しい 「windowsの修正」ページが表示されます。
対処として、adwcleaner_7.0.6.0 で削除を行ったのですが、

PUP.Optional.Lagacy
File C:￥Windows￥System32￥drivers￥TS888x64.sys
Foleder C:￥ProgramData￥IObit￥ASCDownloader
Foleder C:￥ProgramData￥Application Data￥IObit￥ASCDownloader
Foleder C:￥Users￥All Users￥IObit￥ASCDownloader

と出て、削除できません。

対処法、宜しくお願い致します。



HijackThis ログ


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:47:20, on 2018/01/18
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)


Boot mode: Normal

Running processes:
C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\yumi\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7216BF69-1FB3-438C-9A51-9DA82B676BC0} (ArarioGameStarter6 Class) - http://userimg.arario.jp/activeX/AraGameStarterW6.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2c2b8259-59a7-4c1b-a02c-26c660f7fadd}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{77445fc4-f2a1-4b48-b32f-fae6a988853c}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{a9355d27-7bf0-4998-a9f4-7fb6194bcf02}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{fd2db047-ab79-4a38-b9ee-7c62c606524a}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CS1\Services\Tcpip\..\{2c2b8259-59a7-4c1b-a02c-26c660f7fadd}: NameServer = 82.163.143.176 82.163.142.178
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12541 bytes






CCleaner ログ


3D Builder Microsoft Corporation 2018/01/03 15.1.3342.0
4K Video Downloader 3.8 Open Media LLC 2016/02/23 98.2 MB 3.8.1.1870
7-Zip 7-Zip 2018/01/09 1.64 MB 9.2.0
7-Zip 9.20 (x64 edition) Igor Pavlov 2014/06/03 9.06 MB 9.20.00.0
Adobe AIR Adobe Systems Incorporated 2018/01/09 13.5 MB 22.0.0.153
Adobe Community Help Adobe Systems Incorporated. 2018/01/09 166 MB 3.5.23
Adobe Flash Player 28 NPAPI Adobe Systems Incorporated 2018/01/14 5.57 MB 28.0.0.137
Adobe Photoshop Elements 10 Adobe Systems Incorporated 2018/01/09 166 MB 10.0
Alliance of Valiant Arms 株式会社ゲームオン 2018/01/09 49513496
Apple Mobile Device Support Apple Inc. 2015/05/18 42.6 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/22 2.21 MB 2.1.3.127
Bonjour Apple Inc. 2015/11/01 6.55 MB 1.0.106
CCleaner Piriform 2018/01/18 5.39
CLaunch Pyonkichi 2018/01/09 1.49 MB 3.24
Common GameOn 2018/01/09 37363056
Counter-Strike: Global Offensive Valve 2018/01/09 10.8 GB
Groove ミュージック Microsoft Corporation 2018/01/03 10.17086.24711.0
IE Tab Helper Blackfish Software 2014/06/17 2.28 MB 1.5.5.1
Inkscape 0.91 inkscape.org 2015/11/25 581 MB 0.91
Intel(R) Management Engine Components Intel Corporation 2012/11/30 8.1.0.1252
Intel(R) Processor Graphics Intel Corporation 2013/11/20 10.18.10.3316
Intel(R) Rapid Storage Technology Intel Corporation 2012/11/30 11.5.3.1004
iTunes Apple Inc. 2015/05/18 86.3 MB 12.1.2.27
Java 8 Update 77 Oracle Corporation 2016/03/27 178 MB 8.0.770.3
Java SE Development Kit 7 Update 45 (64-bit) Oracle 2013/12/04 411 MB 1.7.0.450
JWord(日本語キーワード) 2018/01/09
Lame ACM MP3 Codec 2018/01/09
Left 4 Dead 2 Valve 2018/01/09 13.6 GB
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2014/07/15 26.6 MB 2.0.673.0
Microsoft Office 2010 Microsoft Corporation 2018/01/09 32.9 MB 14.0.7015.1000
Microsoft Office Outlook Connector Microsoft Corporation 2013/12/11 6.06 MB 14.0.5118.5000
Microsoft OneDrive Microsoft Corporation 2018/01/09 100 MB 17.3.7131.1115
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Corporation 2013/12/11 2.76 MB 14.0.5120.5000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2013/12/11 3.85 MB 3.1.0000
Microsoft Sticky Notes Microsoft Corporation 2018/01/10 2.0.5.0
Microsoft Store Microsoft Corporation 2018/01/10 11712.1001.11.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/02/02 580 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/03/16 3.07 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2014/11/10 3.39 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/11/11 10.1 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/12/15 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/11/30 1.32 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/02/02 16.0 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/02/02 1.15 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/10/30 14.4 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/10/30 15.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2018/01/09 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2018/01/09 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2018/01/09 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2018/01/09 19.5 MB 14.0.24215.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2018/01/09 9.87 MB 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2018/01/09 9.87 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 2016/12/11 1.1604.4.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/06/29 18.8 MB 4.0.20823.0
Minecraft Mojang 2015/02/05 2.45 MB 1.0.3.0
Mixed Reality ビューアー Microsoft Corporation 2018/01/10 2.1801.4012.0
Moo0 ボイス録音器 1.43 2018/01/09 4.24 MB
MSN トラベル Microsoft Corporation 2016/12/11 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2016/12/11 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2016/12/11 3.0.4.336
My Office Microsoft Corporation 2018/01/02 17.8830.7600.0
Neffy 1,2,5,0 CDNetworks 2018/01/09 1,2,5,0
NNDD UNKNOWN 2018/01/09 933 KB 2.4.3
OneNote Microsoft Corporation 2018/01/03 17.8827.20991.0
Oracle VM VirtualBox 4.3.18 Oracle Corporation 2014/11/10 204 MB 4.3.18
osu! ppy Pty Ltd 2014/12/16 123 MB latest
People Microsoft Corporation 2018/01/10 10.3.3472.0
PhotoWizard Microsoft 2012/11/30 755 MB 1.0.0
PlayMemories Home Sony Corporation 2012/11/30 423 MB 6.3.02.07270
PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 2013/02/02 1.61 MB 2.07.00849
PlayStation(R)Store Sony Computer Entertainment Inc. 2014/03/12 11.4 MB 4.18.0.15698
Pmangインストールマネージャー GameOn,Pmang 2018/01/09 1.0.1.1
Print 3D Microsoft Corporation 2018/01/14 2.0.3621.0
Qualcomm Atheros Bluetooth Suite (64) 会社名 2012/11/30 179 MB 8.0.0.206
Razer Surround Razer Inc. 2018/01/09 175 MB 1.05.14
Razer Synapse Razer Inc. 2015/03/30 40.0 MB 1.18.19.24735
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2018/01/09 42.9 MB 6.0.1.7564
Realtek PCIE Card Reader Realtek Semiconductor Corp. 2012/11/30 14.1 MB 6.1.8400.28121
Skype Skype 2018/01/18 12.13.274.0
Skype(TM) 7.33 Skype Technologies S.A. 2017/07/21 128 MB 7.33.105
SnapCrab for Windows 1.1.1 Fenrir Inc. 2014/09/21 7.14 MB
Steam Valve Corporation 2018/01/09
SteelSeries Engine 3.8.3 SteelSeries ApS 2018/01/09 3.8.3
Sway Microsoft Corporation 2018/01/02 18.1711.50601.0
Synaptics Pointing Device Driver Synaptics Incorporated 2018/01/09 46.4 MB 19.0.5.0
Terraria Re-Logic 2018/01/09 100 MB
Twitter Twitter Inc. 2017/08/13 5.8.1.0
Undertale tobyfox 2018/01/09 153 MB
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/07/03 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/07/03 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/07/03 18.0 KB 16.0.1515.1
Update for Windows 10 for x64-based Systems (KB4023057) Microsoft Corporation 2018/01/03 1.19 MB 2.8.0.0
UpdateAdmin DownloadAdmin 2017/03/31 438 KB 2.0.2103
VAIO - Xperia Link Sony Corporation 2015/02/10 1.44 MB 1.3.3.11280
VAIO Care Sony Corporation 2014/09/05 203 MB 8.4.1.07026
VAIO Care Sony Corporation 2016/12/11 1.4.1.14090
VAIO CPU Fan診断ツール Sony Corporation 2012/11/30 719 KB 1.1.0.09200
VAIO Gate Sony Corporation 2012/11/30 5.66 MB 3.0.0.08140
VAIO Gate Default Sony Corporation 2012/11/30 3.0.0.08060
VAIO Gesture Control Sony Corporation 2012/11/30 2.15 MB 2.0.0.08240
VAIO Image Optimizer Sony Corporation 2012/11/30 29.1 MB 3.0.00.08170
VAIO Improvement Sony Corporation 2012/11/30 1.56 MB 2.0.0.08090
VAIO Media Server Settings Sony Corporation 2012/11/30 152 MB 1.0.0.08240
VAIO Movie Creator Template Data Sony Corporation 2012/11/30 367 MB 4.0.00.08170
VAIO Update Sony Corporation 2016/07/22 21.4 MB 7.2.0.16270
VAIO お引越サポート Sony Corporation 2012/11/30 36.8 MB 1.8.0.08212
VAIO のリカバリー機能 Sony Corporation 2014/04/11 50.2 MB 1.1.2.13230
VAIO の製品登録 (無料) Sony Corporation 2012/11/30 1.27 MB 7.0.0.07200
VAIO の設定 Sony Corporation 2012/11/30 37.5 MB 6.0.0.08200
VAIO データリストアツール Sony Corporation 2012/11/30 13.0 MB 1.10.0.07270
VAIO マニュアル Sony Corporation 2012/11/30 723 KB 3.0.0.08100
Vegas Pro 13.0 (64-bit) Sony 2015/12/05 309 MB 13.0.453
Visual Studio 2012 x64 Redistributables AVG Technologies 2014/06/15 3.79 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 2014/06/15 40.0 KB 14.0.0.1
Vuze Azureus Software, Inc. 2018/01/09 138 MB 5.7.0.0
Wallet Microsoft Corporation 2018/01/09 1.0.16328.0
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) GoPro 2018/01/09 03/07/2012
Windows Live Essentials Microsoft Corporation 2015/06/14 16.4.3528.0331
Windows スキャン Microsoft Corporation 2016/12/11 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/12/11 6.3.9654.21234
WinRAR 5.01 (64-bit) win.rar GmbH 2018/01/09 5.49 MB 5.01.0
Xbox Microsoft Corporation 2018/01/03 36.36.12003.0
Xbox Game bar Microsoft Corporation 2018/01/10 1.24.5001.0
Xbox Game Speech Window Microsoft Corporation 2018/01/10 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 2018/01/09 12.30.5001.0
Xbox Live Microsoft Corporation 2018/01/10 1.11.29001.0
アプリ インストーラー Microsoft Corporation 2018/01/03 1.0.12894.0
アプリ コネクター Microsoft Corporation 2016/12/11 1.3.3.0
アラーム & クロック Microsoft Corporation 2018/01/10 10.1712.3352.0
カメラ Microsoft Corporation 2018/01/10 2017.921.10.0
クロスファイア ARARIO Corp. 2018/01/09 20140528
サドンアタック 2018/01/09 5.56 GB
ストア エクスペリエンス ホスト Microsoft Corporation 2018/01/17 11712.1801.10002.0
スポーツ Microsoft Corporation 2018/01/02 4.22.3254.0
ニュース Microsoft Corporation 2018/01/03 4.22.3254.0
ヒント Microsoft Corporation 2018/01/10 6.5.2851.0
ヒーローズインザスカイ・パトリオット ARARIO Corp. 2018/01/09 20140530
フィードバック Hub Microsoft Corporation 2018/01/03 1.1711.3412.0
フォト Microsoft Corporation 2018/01/10 2017.39101.16720.0
ペイント 3D Microsoft Corporation 2018/01/10 3.1712.7027.0
ボイス レコーダー Microsoft Corporation 2018/01/10 10.1712.3351.0
マップ Microsoft Corporation 2018/01/10 5.1708.2764.0
マネー Microsoft Corporation 2018/01/10 4.22.3254.0
メッセージング Microsoft Corporation 2018/01/02 3.34.25004.0
メール/カレンダー Microsoft Corporation 2018/01/07 17.8730.21725.0
モバイル コンパニオン Microsoft Corporation 2016/12/11 10.1609.2561.0
モバイル プラン Microsoft Corporation 2018/01/10 3.1710.3044.0
リーダー Microsoft Corporation 2018/01/17 6.4.9926.18907
問い合わせ Microsoft Corporation 2018/01/17 10.1706.3471.0
天気 Microsoft Corporation 2018/01/03 4.22.3254.0
映画 & テレビ Microsoft Corporation 2018/01/03 10.17112.13411.0
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2017/08/20 3.1.3.0
筆ぐるめ Ver.19 富士ソフト株式会社 2012/11/30 16.8 MB 19.00.0000
電卓 Microsoft Corporation 2018/01/10 10.1712.3351.0
電話 Microsoft Corporation 2018/01/03 3.34.12002.0

こんにちは、IVNOと申します。
イスラエル産マルウェアによる感染被害のようですね。
それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。

GeekUninstaller（通称:GU）
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」（通称:CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGUなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

準備できたら作業を開始しましょう。

まずは以下URLの「Javaアンインストール・ツール」と言う文字をクリックし、
最新バージョンの確認と旧バージョンの削除を行われてください。
https://java.com/ja/download/faq/remove_olderversions.xml
条項に同意しますのボタンを押して数十秒程度お待ちいただくとJavaが起動します。
Javaが旧バージョンである場合はそのまま最新バージョンのダウンロードページに移動します。
Javaが最新バージョンの場合は旧バージョンの削除画面が出現しますので、指示に従って旧バージョンを削除してください。
続いて以下のソフトウェアが旧式となっているため、更新を行うか削除を行ってください。

Oracle VM VirtualBox 4.3.18 Oracle Corporation 2014/11/10 204 MB 4.3.18

更新を行う場合は以下URLからダウンロードを行われてください。
http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html?ssSourceSiteId=otnjp

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動させます。
Windows 7の方は以下URLをご覧ください。
http://www.pc-master.jp/sousa/s-safemode.html
Windows 8/8.1の方は以下URLをご覧ください。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
Windows 10の方は8/8.1の説明と以下の説明をご覧ください。
スタートボタンを押し、すべてのアプリ⇒設定⇒更新とセキュリティをクリックすると、8/8.1の手順4と同じ状態となります。
以降は8/8.1の手順4以降を参考にセーフモードで起動させてください。
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O17 - HKLM\System\CCS\Services\Tcpip\..\{2c2b8259-59a7-4c1b-a02c-26c660f7fadd}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{77445fc4-f2a1-4b48-b32f-fae6a988853c}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{a9355d27-7bf0-4998-a9f4-7fb6194bcf02}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CCS\Services\Tcpip\..\{fd2db047-ab79-4a38-b9ee-7c62c606524a}: NameServer = 82.163.143.176 82.163.142.178
O17 - HKLM\System\CS1\Services\Tcpip\..\{2c2b8259-59a7-4c1b-a02c-26c660f7fadd}: NameServer = 82.163.143.176 82.163.142.178

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、GUを起動させ、以下を削除してください。

Java SE Development Kit 7 Update 45 (64-bit) Oracle 2013/12/04 411 MB 1.7.0.450
JWord(日本語キーワード) 2018/01/09

GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
GUでのアンインストールが完了しましたらGUを終了させてください。
Windowsインストーラーがどうとかの表示が出た場合はPCを通常モードで再起動し、
その状態で改めて該当ソフトウェアのみをアンインストールしてください。
通常モードとセーフモードを使い分けながらご案内しているすべてのソフトウェアの削除が完了するまで続けてください。
ご案内していたすべてのソフトウェアの削除が完了しましたら、PCがセーフモードで起動していることを確認してください。
通常モードで起動中の場合はセーフモードで再起動をお願いいたします。
キーボードの左Ctrlと左Altの間にあるスタートボタンを押しながらRボタンを押します。
ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

cleanmgr

入力が完了しましたらエンターキーを押してください。
C:ドライブを選択してOKを押します。
スキャンが開始されますので完了するまでお待ちください。
スキャンが完了すると一覧が表示されますので、すべてにチェックを入れてOKを押してください。
ただし、OKを押すとごみ箱の中身を含めてすべて削除されますので、
ごみ箱の中に必要なファイルが入っている場合はご注意ください。

処置が完了しましたらPCを通常モードで再起動させてください。
導入されているセキュリティソフトのウイルス定義ファイルを更新し、
すべてのドライブを対象としてフルスキャンを行ってください。
フルスキャンが完了しましたらCCを起動させてください。
「ツール」→「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
続いて「InternetExplorer」タブのログ、導入されておられるのであれば「Firefox」タブ、
同じく導入されておられるのであれば「Google Chrome」タブ、そして「スケジュールされたタスク」タブのログを取得してください。
ただし、「コンテキストメニュー」のログは取得していただく必要がございません。
CCの各ログを取得されましたら、CCは終了させて問題ありません。
取得したCCの各ログとフルスキャンの結果を返信欄に貼り付けていただき、ご報告をお願いいたします。
上記ログとフルスキャンの結果を確認後、次の作業内容をご案内いたします。

早い回答、ありがとうございます。

最初に、

>相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
>ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。

わざわざ、時間を作ってもらうだけで、幸いです…

回答を拝見させてもらい、熟読し、幸いなことに、もう一台、パソコンがあるので、
そちらで、作業のイメージを作って、いざ、ウイルスに感染しているパソコンを起動すると、
CPUが60%くらい、メモリが100% ハードディスクが100%です。
もちろん、この数値を見るタスクマネージャを開くのも、５分ほどかかります…
今まで、ここまで遅くなることはなかったのですがね…

確かに、パソコンは立ち上げた時点で、少しはハードディスクがゴロゴロしますよね？
ですが、１時間、この状態で‥
シャットダウンでも、５分くらいかかっちゃいます…

やはり、ウイルスの影響ですかね…

明日、また起動してみます…

今まで、これほどまでの症状はなかったのですが…

明日、また起動して、結果を報告したいと思ってます…。

お世話になります。
途中まで、作業が進みました…

しかし‥


>Java SE Development Kit 7 Update 45 (64-bit) Oracle 2013/12/04 411 MB 1.7.0.450
>JWord(日本語キーワード) 2018/01/09

>GU上に表示されているソフトウェアをダブルクリックで削除できます。

この作業で、Java SE の方は、削除できました。(通常モードで)
ですが、JWord の方が、削除出来ません‥
順番通り、最初は、セーフモードでGUを使って削除すると、ウィンドウが出てきて、

RunDLL
C;WINDOWS￥DOWNLO～1￥CnsMin.dllを開始中にエラーが発生しました。
指定されたモジュールがみつかりません。

と出ます。

その時の画面をデジカメで撮りましたので、一応、見ていただければ‥

https://yahoo.jp/box/nvyazi

やはり、削除しないままで、作業を続けては、ダメですよね？
なので、ここで作業を中止しています。

またの、ご意見、宜しくお願いします。

JWordが削除できないと言うことですね。
それではPCをセーフモードで起動させ、GUを起動してください。
JWordを右クリックすると強制削除と言う項目がありますので、そちらをクリックします。
検出が開始されますので、検出が完了したら検出されたすべてにチェックが入っているのを確認して削除します。
その後続きの作業をやってみてください。

回答ありがとうございます。

JWord、強制削除できました。

そして、作業を進めました。

>ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

>cleanmgr

>入力が完了しましたらエンターキーを押してください。

40分くらいかかりました。


>導入されているセキュリティソフトのウイルス定義ファイルを更新し、
>すべてのドライブを対象としてフルスキャンを行ってください。

セキュリティソフトを入れていません(※1


>フルスキャンが完了しましたらCCを起動させてください。

CCを起動して、タブを見たのですが、windows と スケジュールされたタスク と コンテキストメニュー
の３つしかありません。
まず、FireFox は、過去に入れてましたが、このウイルスを発見してから、アンインストールしました。
Google Chrome は、最初から入れてません。
InternetExplorer は、Edge(win10) を使ってます。
(今回の Java でのインストールでは、InternetExplorer を起動してインストールを
しないといけないみたいだったので、その時に、InternetExplorer を使いました)

CCの画面です(ちょっと荒くなってしまいましたが)

https://yahoo.jp/box/y9AkkG

startup (windows)

Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
No HKLM:Run Razer Synapse Razer Inc. "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
Yes HKLM:Run RtHDVBg Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
Yes HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
No HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
No Startup Common SteelSeries Engine 3.lnk SteelSeries ApS C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe


startup (スケジュールされたタスク)

Yes Task 55bb3565-b1d7-4a6f-9574-e5b0df03743f-3 C:\Program Files (x86)\iWebar\55bb3565-b1d7-4a6f-9574-e5b0df03743f-3.exe /bindBsrEt=nTlyjIRy609LyZcLvEHIjWjkGKwBgQ/x7zJjEdfoO/SV5dgS6ZzZXK0XoM27cXYosRe7OD8mQop/f/HwEqTh/P7fpjQVPxpwalJ4QbH0RUf5NLsujuLQ1cntOx9K73dJ3TyUmrIzby5R0ZEhx4aCPrgoPtoFJXuaRgAXHjkJweGv59NxvruJbKhYRvG0DyFDmv7OKYFOl2rOkPYCkVOIbjQp2m6W318qpGx4pZaFoB4Gp/DP0eLRnT5xtf/56NCA4Uss1sE2Uxf0nk1IQytbLqsZH7+RBGXvT2KMLvflRjDRZr6RUdpF11nKpTwkgiRDRjcDtuMZNSzcbUuqkcoGNIKzBVFWvvg82IxrlXbCtYls+f/dJLIwz7I+ekpJxM1dFp+pcpEhjHXlMEBleIAfp88mUErl0uStU/MgsMhAUf+J12iiqXBfnyEUZXzL9hlOcnb2YEIpqoPcUT6Lg+yM/bMsPb2DEd1Tmm8iYTA1JaUM+2dYjk4QzKpS3JP8j87yhGMiRV9lfdrkDRAMSmw8ITUTqjOTkpthKX8psXWgWPHopNiXaMTcIlUenQhn2hAlB8BvO4x3NK12Roi7pKQSLFOjGWRoe++INsKDSM/NgSj5rMK5immx67eIXH1nXUQbN7MsGujd6SC6In43L43BUOsD+x6pUdL+XqZQ6rF+ov8X9uL+vWJNVmyU+4iPLfQHJA4USnJCYx9hOoGWe8LCsfrrpwJgrIXslQlwho5EwK/nwW6bxCXcwh4F66HQ3X9Tvkpv79VAY6IZcxTsRA/ViuOVQUmLibW3MzFJrGsUPTKt7K/09bivDAg48QVI4PO+ZB3udIRLMAUUNcX/u9VV4Ip7SK/mwQGaRHUoKkjZEeacQHwE01UPx4konOREYIk5zwOmaKjLgNiZCXt7OQ1pFK57NDH1MDLLcO3NPVjCU21SOUE2+6WhhJ1bowZhVmW5IEZ5PU5ubuqJysHo3D3G4I52DggWG73LnzYxBJFoJcUeblaaj7SC4TerGygsij+3UyuRaIwV1Hr8mRZ9/rQISbUEYoR+DDUmAH7IXltvf+Nz8fiA6Awn8jX9rOt3luUkX5eL6iZOH7kFQBOWmmsmKhl1r6GhloAwnFkczkRiXuUQKZ38gAVWIjkq+dwxuTO/y5AqDhAmd4hHvCpKSAo41a6tD9IwF8fsATc3aL2q5wyoxPOrKtSfnrHSvqLHT6KvCHzBzhKitFfhdwYuBrKkkuV3Wf45WXxZ/rVMpS66NHHoCxH/KBgA1uhD06SKrzzYgnNHuNZbUoPFHLT5u/66e2ntZ9yOiCAVMh0ex009Sj7wdn6s/bn7Kf4JCGSaTUuukXAa25ItFjnK8Pi4t4APDAyxIW/e63BqXAuANcUIbkKQ6AWoSbPqWg/a1oyQVZ7rF9lqvvdH5QIjgDTtP/XeMzliqjeT3SByq8mRIFJN/Hdnw05qRb1+qGKjBDYwKzoe/zdlDCESHL2K2sgvzy9vW0/4Ga+Oc8oakgfhbCLxvbqmIU3XRaDJp0knqw5ZYeG5
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task bvyvdvyxc C:\Users\taiga\AppData\Local\bvyvdvyxc\bvyvdvyxc.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task OneDrive Standalone Update Task C:\Users\yumi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Yes Task OneDrive Standalone Update Task-S-1-5-21-218680132-2310203875-1446431275-1004 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task Opera scheduled Autoupdate 1407718823 C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate
Yes Task Optimize Start Menu Cache Files-S-1-5-21-218680132-2310203875-1446431275-1004
Yes Task Optimize Start Menu Cache Files-S-1-5-21-218680132-2310203875-1446431275-1005
Yes Task SwiftSearch Auto Updater 1.10.0.25 Core C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe checkupdate
Yes Task SwiftSearch Auto Updater 1.10.0.25 Pending Update C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe update
Yes Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
Yes Task {00CA0D43-DD45-4DEC-8AB9-E6936C69749F} Microsoft Corporation "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.2.60.106/ja/abandoninstall?page=tsProgressBar



※1
そして、ちょっと気になってるのが、セキュリティソフトなのですが、
スタートメニュに、アプリを表示させると、Trend Micro Install とアプリ名が表示されます。

画像です

https://yahoo.jp/box/MPm6mT

でも、コントロールパネル -> プログラム -> プログラムの機能
で、アプリケーションを表示させると、表示されません。
過去に、インストールして、削除の仕方が悪かったのか？
と、今回、いろいろな作業の上で、思いました…



また、お時間が許す時で、構いませんので、回答宜しくお願いします。

Windows10にはWindows Defenderと言うのが標準搭載されています。
スタートボタンを押してWのところに、Windowes Defender セキュリティセンターがあります。
こちらからフルスキャンを行ってください。
以降の処置に関してはフルスキャンの結果を待ってから行いたいと思います。

回答、ありがとうございます。

フルスキャンしました。
1回目は、６時間くらいかかり、最後は、フリーズ。
2回目は、２時間くらいで、フリーズしました。
3回目、２時間半くらいで、通常の終了をしたと思います。

脅威のウイルスは、２個です。
(画像貼りました)

またの回答、宜しくお願いします。

フルスキャンお疲れさまでした。
その画面から操作の開始をクリックしてください。
詳細を撮影した後、検出された脅威の隔離を行ってください。
今後の処置に影響してきますので、撮影した画像を貼り付けてご連絡ください。

回答、ありがとうございます。

昨日のスキャン後、一度、パソコンの電源を落として、今日、昨日の続きで、
「操作の開始」をクリックすると、５分くらいで、この画面になりました…
昨日のスキャン後は、見つかった脅威は２つでしたが、「操作の開始」を
した後は、０です…

フルスキャン(一度もパソコンの電源を落とさないで) → 操作の開始
をしないといけないのでしょうか？

何か、腑に落ちないカンジがしています…

また、お時間、許しましたら、回答、宜しくお願いします。

セキュリティソフトは基本的に2度の手順を踏みます。
1度目でPC内のファイルを検査、脅威が発見された場合は2度目で脅威に対しどのような処置を講じるかを決めます。
この2つのプロセスをすべて含めての駆除作業ですね。
悪代官の伏魔殿でも上記と同じプロセスを経ています。
まずログを提示していただき、そのログを精査して駆除すべきもの、誤検出のものを選別して駆除対象のみの駆除を行います。
ログを提示いただく部分がセキュリティソフトで言うフルスキャンに該当しますね。
それと以前書かれていたトレンドマイクロのインストール表記についてです。
メーカーPCはプリインストールソフトとして他社の宣伝広告をPC内に組み込んでいます。
そうすることで、実際にPCを購入したエンドユーザーからだけではなく、広告主からもお金がもらえるからです。
メーカーからしてみれば、お金を払って広告を載せてくれる広告主(この場合はトレンドマイクロ社)も、PCを購入するエンドユーザーも、等しく神様です。
でエンドユーザーのうち何割かは最初から入っているから安心と勝手に思い込んでお金を払って広告を使っちゃうわけですね。
ということでそちらはプリインストールされた広告です。

さてセキュリティソフトによるフルスキャンは次回にとっておくとして、今回はできる範囲で駆除をしていきましょう。

以下のソフトウェアをご用意ください。

「AdwCleaner」（通称:AC）
https://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンクです。アクセスしてファイルを分かりやすい場所に保存しておいてください。
ソフトウェアを一度起動させることにより自動的にアップデートが始まります。
アップデートが完了しましたら今は何もせずに終了させてください。
本ソフトウェアの削除指示があった際は起動後に「アンインストール」ボタンを押せば自動で削除されます。

準備できたら作業を開始しましょう。

CCを起動させ、ツール→スタートアップの各項目を開き、
該当するものを無効→エントリの削除の順番でクリックしてください。

スケジュールされたタスク
Yes Task 55bb3565-b1d7-4a6f-9574-e5b0df03743f-3 C:\Program Files (x86)\iWebar\55bb3565-b1d7-4a6f-9574-e5b0df03743f-3.exe /bindBsrEt=nTlyjIRy609LyZcLvEHIjWjkGKwBgQ/x7zJjEdfoO/SV5dgS6ZzZXK0XoM27cXYosRe7OD8mQop/f/HwEqTh/P7fpjQVPxpwalJ4QbH0RUf5NLsujuLQ1cntOx9K73dJ3TyUmrIzby5R0ZEhx4aCPrgoPtoFJXuaRgAXHjkJweGv59NxvruJbKhYRvG0DyFDmv7OKYFOl2rOkPYCkVOIbjQp2m6W318qpGx4pZaFoB4Gp/DP0eLRnT5xtf/56NCA4Uss1sE2Uxf0nk1IQytbLqsZH7+RBGXvT2KMLvflRjDRZr6RUdpF11nKpTwkgiRDRjcDtuMZNSzcbUuqkcoGNIKzBVFWvvg82IxrlXbCtYls+f/dJLIwz7I+ekpJxM1dFp+pcpEhjHXlMEBleIAfp88mUErl0uStU/MgsMhAUf+J12iiqXBfnyEUZXzL9hlOcnb2YEIpqoPcUT6Lg+yM/bMsPb2DEd1Tmm8iYTA1JaUM+2dYjk4QzKpS3JP8j87yhGMiRV9lfdrkDRAMSmw8ITUTqjOTkpthKX8psXWgWPHopNiXaMTcIlUenQhn2hAlB8BvO4x3NK12Roi7pKQSLFOjGWRoe++INsKDSM/NgSj5rMK5immx67eIXH1nXUQbN7MsGujd6SC6In43L43BUOsD+x6pUdL+XqZQ6rF+ov8X9uL+vWJNVmyU+4iPLfQHJA4USnJCYx9hOoGWe8LCsfrrpwJgrIXslQlwho5EwK/nwW6bxCXcwh4F66HQ3X9Tvkpv79VAY6IZcxTsRA/ViuOVQUmLibW3MzFJrGsUPTKt7K/09bivDAg48QVI4PO+ZB3udIRLMAUUNcX/u9VV4Ip7SK/mwQGaRHUoKkjZEeacQHwE01UPx4konOREYIk5zwOmaKjLgNiZCXt7OQ1pFK57NDH1MDLLcO3NPVjCU21SOUE2+6WhhJ1bowZhVmW5IEZ5PU5ubuqJysHo3D3G4I52DggWG73LnzYxBJFoJcUeblaaj7SC4TerGygsij+3UyuRaIwV1Hr8mRZ9/rQISbUEYoR+DDUmAH7IXltvf+Nz8fiA6Awn8jX9rOt3luUkX5eL6iZOH7kFQBOWmmsmKhl1r6GhloAwnFkczkRiXuUQKZ38gAVWIjkq+dwxuTO/y5AqDhAmd4hHvCpKSAo41a6tD9IwF8fsATc3aL2q5wyoxPOrKtSfnrHSvqLHT6KvCHzBzhKitFfhdwYuBrKkkuV3Wf45WXxZ/rVMpS66NHHoCxH/KBgA1uhD06SKrzzYgnNHuNZbUoPFHLT5u/66e2ntZ9yOiCAVMh0ex009Sj7wdn6s/bn7Kf4JCGSaTUuukXAa25ItFjnK8Pi4t4APDAyxIW/e63BqXAuANcUIbkKQ6AWoSbPqWg/a1oyQVZ7rF9lqvvdH5QIjgDTtP/XeMzliqjeT3SByq8mRIFJN/Hdnw05qRb1+qGKjBDYwKzoe/zdlDCESHL2K2sgvzy9vW0/4Ga+Oc8oakgfhbCLxvbqmIU3XRaDJp0knqw5ZYeG5

Yes Task bvyvdvyxc C:\Users\taiga\AppData\Local\bvyvdvyxc\bvyvdvyxc.exe

1つ目が非常に長いですが、処置を行うものは合計で2つですね。
無効にできないもの、既に無効になっているものはそのままエントリの削除を、
エントリが存在しない場合は放置で先に進みましょう。
またGoogle Chrome等で削除ができない場合も放置で先に進みましょう。
CCでの作業が完了しましたら、PCをセーフモードで起動させてください。
ACを起動させ、Scanまたはスキャンをクリックします。
スキャンが終了しましたら、Cleaningまたは削除をクリックして掃除を行います。
掃除が完了すると再起動を求められますので、指示に従って通常モードで再起動を行ってください。
これでセーフモードから通常モードに移行します。
再起動前後いずれかにACのログが表示さますので、そちらを貼り付けてご連絡をお願いいたします。

回答、ありがとうございます。


>1度目でPC内のファイルを検査、脅威が発見された場合は2度目で脅威に対しどのような処置を講じるかを決めます。
>この2つのプロセスをすべて含めての駆除作業ですね。
>悪代官の伏魔殿でも上記と同じプロセスを経ています。

なるほどです…。
凄く勉強になります。


>ということでそちらはプリインストールされた広告です。

こちらも、なるほどです…
過去に、インストールしたかな？
なんて思ってました…。


最初は、セーフモードでの起動、恐る恐るでしたが、慣れてきました…(笑

では、ACのログを張ります



# AdwCleaner 7.0.7.0 - Logfile created on Thu Jan 25 12:16:49 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader


***** [ Files ] *****

Deleted: C:\Windows\System32\drivers\TS888x64.sys


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [29677 B] - [2018/1/14 6:45:22]
C:/AdwCleaner/AdwCleaner[C1].txt - [2169 B] - [2018/1/14 7:2:46]
C:/AdwCleaner/AdwCleaner[C2].txt - [1686 B] - [2018/1/14 7:20:14]
C:/AdwCleaner/AdwCleaner[C3].txt - [1820 B] - [2018/1/14 8:44:30]
C:/AdwCleaner/AdwCleaner[C4].txt - [1954 B] - [2018/1/14 8:52:11]
C:/AdwCleaner/AdwCleaner[C5].txt - [2221 B] - [2018/1/15 7:4:12]
C:/AdwCleaner/AdwCleaner[C6].txt - [2799 B] - [2018/1/16 8:4:40]
C:/AdwCleaner/AdwCleaner[C7].txt - [2623 B] - [2018/1/17 8:46:24]
C:/AdwCleaner/AdwCleaner[C8].txt - [2894 B] - [2018/1/18 6:54:18]
C:/AdwCleaner/AdwCleaner[C9].txt - [3156 B] - [2018/1/25 12:6:26]
C:/AdwCleaner/AdwCleaner[S0].txt - [154411 B] - [2014/6/15 3:3:23]
C:/AdwCleaner/AdwCleaner[S10].txt - [2221 B] - [2018/1/15 7:15:10]
C:/AdwCleaner/AdwCleaner[S11].txt - [2692 B] - [2018/1/16 8:2:53]
C:/AdwCleaner/AdwCleaner[S12].txt - [2422 B] - [2018/1/16 8:13:53]
C:/AdwCleaner/AdwCleaner[S13].txt - [2490 B] - [2018/1/17 8:3:12]
C:/AdwCleaner/AdwCleaner[S14].txt - [2624 B] - [2018/1/17 8:54:40]
C:/AdwCleaner/AdwCleaner[S15].txt - [2692 B] - [2018/1/17 9:54:23]
C:/AdwCleaner/AdwCleaner[S16].txt - [2760 B] - [2018/1/18 6:53:57]
C:/AdwCleaner/AdwCleaner[S17].txt - [2895 B] - [2018/1/18 7:1:45]
C:/AdwCleaner/AdwCleaner[S18].txt - [3038 B] - [2018/1/25 12:5:32]
C:/AdwCleaner/AdwCleaner[S19].txt - [3097 B] - [2018/1/25 12:14:28]
C:/AdwCleaner/AdwCleaner[S1].txt - [22322 B] - [2014/6/15 3:19:20]
C:/AdwCleaner/AdwCleaner[S2].txt - [34124 B] - [2018/1/14 6:30:46]
C:/AdwCleaner/AdwCleaner[S3].txt - [2139 B] - [2018/1/14 7:2:20]
C:/AdwCleaner/AdwCleaner[S4].txt - [1552 B] - [2018/1/14 7:19:59]
C:/AdwCleaner/AdwCleaner[S5].txt - [1686 B] - [2018/1/14 7:27:18]
C:/AdwCleaner/AdwCleaner[S6].txt - [1820 B] - [2018/1/14 8:51:17]
C:/AdwCleaner/AdwCleaner[S7].txt - [1954 B] - [2018/1/14 8:58:20]
C:/AdwCleaner/AdwCleaner[S8].txt - [2021 B] - [2018/1/15 5:46:22]
C:/AdwCleaner/AdwCleaner[S9].txt - [2088 B] - [2018/1/15 7:3:56]


########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt ##########





また、お時間、許しましたら、回答、宜しくお願いします。

ログを拝見しました。
今回が述べ20回目のACによるスキャン、10回目のACによる駆除ですね。
それでなお検出されていると言うことですので、正直リカバリするほうが良さそうな状況ではありそうですね。
一気に片付けておかないとまた増殖しそうですので、ちょっとPCの大掃除をしましょうか。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。
ただし、Windows 10の方に限り「Cleanup」ボタンを押さずにファイルのみ削除してください。
このOTLでのスキャンは再度ご案内する場合がありますが、
その際はこちらの手順をそのまま繰り返していただくこととなります。
OTLで再度スキャンをと言われた場合、こちらの作業のやり直しをお願いいたします。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
大抵は2分割すれば事足りると思います。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html

回答、ありがとうございます。

>今回が述べ20回目のACによるスキャン、10回目のACによる駆除ですね。
>それでなお検出されていると言うことですので、正直リカバリするほうが良さそうな状況ではありそうですね。
>一気に片付けておかないとまた増殖しそうですので、ちょっとPCの大掃除をしましょうか。

そうなんですね…
やはり、重症なんですね…


OTL スキャンしました。
ですが、凄く文字数が多いです。

OTL.txt が 192.364文字
Extras.txt が 89.930文字
です。
数え間違いと思って、秀丸でカウントしてみました。
その、画像を張ります。
上段が、OTL.txt で、下段が、Extras.txtです。

多すぎと思いまして、今回は、張り付けてません。


また、お時間の良い時、回答、宜しくお願いします。

文字数が多いのはOTLの仕様となります。
もっとも、重症であればあるほど文字数は増える傾向にあります。
しかしそのログを分割して貼り付けていただかないと解析ができません。
レスそのものを何度かに分けていただく必要がありますが、よろしくお願いいたします。

回答、ありがとうございます。
分割しましたので、貼っていきます。

OTL 1/4



OTL logfile created on: 2018/01/26 16:21:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yumi\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.88 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.30% Memory free
6.63 Gb Paging File | 4.88 Gb Available in Paging File | 73.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 898.85 Gb Total Space | 737.75 Gb Free Space | 82.08% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: yumi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2018/01/26 16:06:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\yumi\Desktop\OTL.exe
PRC - [2018/01/02 21:35:43 | 001,551,048 | ---- | M] (Microsoft Corporation) -- C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2018/01/01 21:03:39 | 000,650,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2015/07/30 22:29:42 | 002,909,472 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2015/02/05 09:25:00 | 000,187,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
PRC - [2013/09/04 19:57:56 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2012/08/18 05:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/08/18 05:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012/08/13 16:27:08 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/07/27 15:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2018/01/02 21:36:05 | 000,102,088 | ---- | M] () -- C:\Users\yumi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2018/01/02 02:15:38 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2018/01/01 21:46:23 | 000,898,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2018/01/01 21:38:53 | 000,519,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2018/01/01 20:23:59 | 001,313,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:37 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:02 | 000,795,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2018/01/01 20:18:39 | 000,588,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2018/01/01 20:18:31 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:17:36 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:17:32 | 000,555,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2018/01/01 20:16:04 | 000,812,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2018/01/01 20:15:16 | 001,245,184 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:15:08 | 000,951,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2018/01/01 20:12:30 | 002,633,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2018/01/01 20:12:14 | 001,573,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:11:23 | 001,231,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2018/01/01 20:11:00 | 003,165,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:08:36 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/12/08 07:07:14 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2017/11/26 21:55:54 | 001,289,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2017/11/26 21:29:30 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2017/10/25 12:16:12 | 000,227,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2017/10/25 12:08:50 | 000,654,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,636,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 001,346,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,421,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,889,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:03 | 000,213,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:02 | 000,699,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:58 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,820,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,779,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,194,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 001,345,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,702,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,456,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 004,487,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,082,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,374,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,363,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,208,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,086,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 001,232,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 000,561,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 001,272,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 001,107,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,484,352 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,096,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 002,223,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 001,143,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,824,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,666,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 001,827,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/05/03 23:30:46 | 000,337,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2016/03/31 12:31:24 | 001,656,600 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2012/07/19 18:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011/12/01 10:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2018/01/21 16:04:18 | 000,356,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe -- (WdNisSvc)
SRV - [2018/01/21 16:04:18 | 000,105,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe -- (WinDefend)
SRV - [2018/01/14 11:34:06 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018/01/01 21:03:36 | 000,566,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018/01/01 20:25:41 | 001,008,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018/01/01 20:16:35 | 000,966,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2018/01/01 20:14:10 | 000,917,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2017/09/29 22:42:22 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2017/09/29 22:42:11 | 003,981,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2017/09/29 22:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/09/29 22:42:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017/02/27 12:14:56 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/05/03 23:30:46 | 000,299,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/12/15 05:01:12 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/07/30 22:29:42 | 002,909,472 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/02/05 09:25:00 | 000,187,072 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2015/02/03 18:13:18 | 004,250,624 | ---- | M] (A-Volute) [Auto | Running] -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe -- (RzSurroundVADStreamingService)
SRV - [2013/11/21 08:40:50 | 004,627,736 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/09/28 04:45:04 | 000,625,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/09/04 19:57:56 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2012/08/18 05:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/08/13 16:27:08 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/08/08 10:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/08/08 10:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012/08/08 10:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012/08/08 10:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012/08/07 14:47:51 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/27 15:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018/01/21 16:04:19 | 000,288,848 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2018/01/21 16:04:19 | 000,129,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2018/01/21 16:04:18 | 000,046,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2018/01/15 15:59:36 | 000,211,704 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxNetLwf.sys -- (VBoxNetLwf)
DRV:[b]64bit:[/b] - [2018/01/15 15:59:36 | 000,200,832 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2018/01/01 21:51:59 | 000,059,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2018/01/01 21:42:46 | 000,571,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2018/01/01 21:38:09 | 000,103,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2018/01/01 21:27:26 | 000,163,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2018/01/01 21:25:50 | 000,147,864 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2018/01/01 20:23:25 | 000,385,024 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2018/01/01 20:21:04 | 000,192,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2018/01/01 20:20:36 | 000,225,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2017/12/08 08:24:06 | 000,437,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2017/11/26 22:41:12 | 000,285,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2017/11/26 22:32:45 | 000,373,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2017/11/26 22:28:15 | 000,149,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2017/11/26 21:26:22 | 000,770,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2017/10/25 13:31:54 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2017/10/25 13:30:40 | 000,555,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2017/10/25 12:16:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2017/10/10 15:49:20 | 000,060,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2017/10/10 14:34:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2017/10/10 14:34:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:19 | 000,037,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:17 | 000,056,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:15 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,081,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:51 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,087,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,034,200 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,225,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,055,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 001,849,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,209,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdnsfltr.sys -- (wdnsfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:40 | 000,936,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,266,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,154,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,081,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,076,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,074,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,071,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,169,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,124,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,073,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,056,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:17 | 000,030,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,227,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,127,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,123,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,039,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,281,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,229,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,140,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,107,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,097,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,096,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,050,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,049,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,027,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,018,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,674,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,604,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)

OTL 2/4



OTL logfile created on: 2018/01/26 16:21:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yumi\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.88 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.30% Memory free
6.63 Gb Paging File | 4.88 Gb Available in Paging File | 73.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 898.85 Gb Total Space | 737.75 Gb Free Space | 82.08% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: yumi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2018/01/26 16:06:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\yumi\Desktop\OTL.exe
PRC - [2018/01/02 21:35:43 | 001,551,048 | ---- | M] (Microsoft Corporation) -- C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2018/01/01 21:03:39 | 000,650,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2015/07/30 22:29:42 | 002,909,472 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2015/02/05 09:25:00 | 000,187,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
PRC - [2013/09/04 19:57:56 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2012/08/18 05:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/08/18 05:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012/08/13 16:27:08 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/07/27 15:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2018/01/02 21:36:05 | 000,102,088 | ---- | M] () -- C:\Users\yumi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2018/01/02 02:15:38 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2018/01/01 21:46:23 | 000,898,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2018/01/01 21:38:53 | 000,519,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2018/01/01 20:23:59 | 001,313,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:37 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:19:02 | 000,795,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2018/01/01 20:18:39 | 000,588,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2018/01/01 20:18:31 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:17:36 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:17:32 | 000,555,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2018/01/01 20:16:04 | 000,812,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2018/01/01 20:15:16 | 001,245,184 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:15:08 | 000,951,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2018/01/01 20:12:30 | 002,633,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2018/01/01 20:12:14 | 001,573,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:11:23 | 001,231,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2018/01/01 20:11:00 | 003,165,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2018/01/01 20:08:36 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/12/08 07:07:14 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2017/11/26 21:55:54 | 001,289,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2017/11/26 21:29:30 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2017/10/25 12:16:12 | 000,227,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2017/10/25 12:08:50 | 000,654,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,636,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 001,346,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,421,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,889,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:03 | 000,213,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:02 | 000,699,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:58 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,820,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,779,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_1253f3)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,194,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 001,345,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,702,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,456,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 004,487,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,082,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,374,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,363,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,208,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,086,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 001,232,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 000,561,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 001,272,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 001,107,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,484,352 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,096,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 002,223,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 001,143,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,824,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,666,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 001,827,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/05/03 23:30:46 | 000,337,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2016/03/31 12:31:24 | 001,656,600 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2012/07/19 18:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011/12/01 10:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2018/01/21 16:04:18 | 000,356,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe -- (WdNisSvc)
SRV - [2018/01/21 16:04:18 | 000,105,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe -- (WinDefend)
SRV - [2018/01/14 11:34:06 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018/01/01 21:03:36 | 000,566,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018/01/01 20:25:41 | 001,008,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018/01/01 20:16:35 | 000,966,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2018/01/01 20:14:10 | 000,917,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2017/09/29 22:42:22 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2017/09/29 22:42:11 | 003,981,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2017/09/29 22:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/09/29 22:42:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017/02/27 12:14:56 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/05/03 23:30:46 | 000,299,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/12/15 05:01:12 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/07/30 22:29:42 | 002,909,472 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/02/05 09:25:00 | 000,187,072 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2015/02/03 18:13:18 | 004,250,624 | ---- | M] (A-Volute) [Auto | Running] -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe -- (RzSurroundVADStreamingService)
SRV - [2013/11/21 08:40:50 | 004,627,736 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/09/28 04:45:04 | 000,625,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/09/04 19:57:56 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2012/08/18 05:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/08/13 16:27:08 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/08/08 10:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/08/08 10:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012/08/08 10:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012/08/08 10:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012/08/07 14:47:51 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/27 15:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018/01/21 16:04:19 | 000,288,848 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2018/01/21 16:04:19 | 000,129,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2018/01/21 16:04:18 | 000,046,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2018/01/15 15:59:36 | 000,211,704 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxNetLwf.sys -- (VBoxNetLwf)
DRV:[b]64bit:[/b] - [2018/01/15 15:59:36 | 000,200,832 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2018/01/01 21:51:59 | 000,059,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2018/01/01 21:42:46 | 000,571,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2018/01/01 21:38:09 | 000,103,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2018/01/01 21:27:26 | 000,163,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2018/01/01 21:25:50 | 000,147,864 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2018/01/01 20:23:25 | 000,385,024 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2018/01/01 20:21:04 | 000,192,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2018/01/01 20:20:36 | 000,225,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2017/12/08 08:24:06 | 000,437,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2017/11/26 22:41:12 | 000,285,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2017/11/26 22:32:45 | 000,373,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2017/11/26 22:28:15 | 000,149,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2017/11/26 21:26:22 | 000,770,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2017/10/25 13:31:54 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2017/10/25 13:30:40 | 000,555,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2017/10/25 12:16:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2017/10/10 15:49:20 | 000,060,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2017/10/10 14:34:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2017/10/10 14:34:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:19 | 000,037,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:17 | 000,056,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:15 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,081,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:51 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,087,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,034,200 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,225,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,055,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 001,849,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,209,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdnsfltr.sys -- (wdnsfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:40 | 000,936,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,266,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,154,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,081,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,076,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,074,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,071,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,169,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,124,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,073,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,056,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:17 | 000,030,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,227,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,127,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,123,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,039,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,281,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,229,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,140,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,107,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,097,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,096,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,050,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,049,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,027,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,018,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,674,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,604,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)

OTL 3/4


[2018/01/10 11:23:38 | 000,840,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2018/01/10 11:23:38 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2018/01/10 11:23:36 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2018/01/10 11:23:36 | 001,057,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018/01/10 11:23:36 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9on12.dll
[2018/01/10 11:23:36 | 000,612,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018/01/10 11:23:35 | 000,979,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2018/01/10 11:23:35 | 000,479,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2018/01/10 11:23:35 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2018/01/10 11:23:33 | 002,465,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018/01/10 11:23:33 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018/01/10 11:23:33 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2018/01/10 11:23:33 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2018/01/10 11:23:32 | 003,126,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2018/01/10 11:23:32 | 001,498,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018/01/10 11:23:32 | 001,470,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2018/01/10 11:23:32 | 001,313,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018/01/10 11:23:32 | 000,749,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018/01/10 11:23:32 | 000,721,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2018/01/10 11:23:31 | 002,105,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018/01/10 11:23:31 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2018/01/10 11:23:31 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2018/01/10 11:23:31 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2018/01/10 11:23:31 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018/01/10 11:23:30 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d9on12.dll
[2018/01/10 11:23:30 | 000,506,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2018/01/10 11:23:30 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2018/01/10 11:23:29 | 000,898,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018/01/10 11:23:29 | 000,362,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioIso.exe
[2018/01/10 11:23:28 | 004,839,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2018/01/10 11:23:28 | 001,343,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2018/01/10 11:23:28 | 000,746,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Services.TargetedContent.dll
[2018/01/10 11:23:28 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2018/01/10 11:23:28 | 000,654,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2018/01/10 11:23:28 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018/01/10 11:23:27 | 001,426,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018/01/10 11:23:27 | 001,170,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018/01/10 11:23:26 | 001,776,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018/01/10 11:23:26 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018/01/10 11:23:26 | 000,703,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2018/01/10 11:23:26 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2018/01/10 11:23:26 | 000,436,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2018/01/10 11:23:25 | 002,208,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018/01/10 11:23:25 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2018/01/10 11:23:25 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018/01/10 11:23:25 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2018/01/10 11:23:25 | 000,382,360 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2018/01/10 11:23:25 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WwaApi.dll
[2018/01/10 11:23:25 | 000,354,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2018/01/10 11:23:25 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2018/01/10 11:23:24 | 000,780,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018/01/10 11:23:24 | 000,739,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018/01/10 11:23:24 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2018/01/10 11:23:24 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WwaApi.dll
[2018/01/10 11:23:24 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExecModelClient.dll
[2018/01/10 11:23:23 | 001,954,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018/01/10 11:23:23 | 001,666,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2018/01/10 11:23:23 | 001,558,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2018/01/10 11:23:23 | 001,522,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018/01/10 11:23:23 | 001,377,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018/01/10 11:23:23 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicRuntimes.dll
[2018/01/10 11:23:22 | 001,012,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Services.TargetedContent.dll
[2018/01/10 11:23:22 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018/01/10 11:23:22 | 000,311,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2018/01/10 11:23:21 | 001,970,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018/01/10 11:23:20 | 001,414,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018/01/10 11:23:20 | 001,336,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018/01/10 11:23:20 | 000,603,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018/01/10 11:23:20 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018/01/10 11:23:20 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018/01/10 11:23:20 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018/01/10 11:23:20 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2018/01/10 11:23:20 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2018/01/10 11:23:19 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2018/01/10 11:23:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2018/01/10 11:23:19 | 000,404,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2018/01/10 11:23:19 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExecModelClient.dll
[2018/01/10 11:23:18 | 001,806,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2018/01/10 11:23:17 | 002,117,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2018/01/10 11:23:17 | 001,573,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2018/01/10 11:23:17 | 001,209,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018/01/10 11:23:17 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018/01/10 11:23:17 | 000,610,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018/01/10 11:23:17 | 000,555,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2018/01/10 11:23:17 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2018/01/10 11:23:16 | 000,664,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2018/01/10 11:23:16 | 000,661,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018/01/10 11:23:16 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2018/01/10 11:23:15 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018/01/10 11:23:15 | 001,280,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2018/01/10 11:23:15 | 001,206,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018/01/10 11:23:15 | 001,173,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018/01/10 11:23:15 | 001,090,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018/01/10 11:23:15 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2018/01/10 11:23:15 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DictationManager.dll
[2018/01/10 11:23:15 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2018/01/10 11:23:14 | 000,924,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018/01/10 11:23:14 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2018/01/10 11:23:14 | 000,650,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018/01/10 11:23:14 | 000,519,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018/01/10 11:23:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smartscreenps.dll
[2018/01/10 11:23:13 | 002,349,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2018/01/10 11:23:13 | 001,634,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2018/01/10 11:23:13 | 001,055,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018/01/10 11:23:13 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2018/01/10 11:23:13 | 000,917,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018/01/10 11:23:13 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018/01/10 11:23:13 | 000,615,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2018/01/10 11:23:12 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2018/01/10 11:23:11 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018/01/10 11:23:10 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2018/01/10 11:23:09 | 002,269,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2018/01/10 11:23:09 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2018/01/10 11:23:09 | 000,559,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018/01/10 11:23:09 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018/01/10 11:23:09 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2018/01/10 11:23:08 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DbgModel.dll
[2018/01/10 11:23:08 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2018/01/10 11:23:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2018/01/10 11:23:08 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DictationManager.dll
[2018/01/10 11:23:07 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2018/01/10 11:23:07 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018/01/10 11:23:07 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2018/01/10 11:23:07 | 000,353,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2018/01/10 11:23:07 | 000,319,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018/01/10 11:23:07 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018/01/10 11:23:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SIUF.dll
[2018/01/10 11:23:03 | 001,547,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018/01/10 11:23:03 | 001,054,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018/01/10 11:23:03 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2018/01/10 11:23:03 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2018/01/10 11:23:03 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2018/01/10 11:23:03 | 000,285,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2018/01/10 11:23:03 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2018/01/10 11:23:03 | 000,198,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018/01/10 11:23:03 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_ContentDeliveryManager.dll
[2018/01/10 11:23:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_CapabilityAccess.dll
[2018/01/10 11:23:02 | 000,710,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2018/01/10 11:23:02 | 000,479,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018/01/10 11:23:02 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmsvc.dll
[2018/01/10 11:23:02 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gamingtcui.dll
[2018/01/10 11:23:02 | 000,149,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2018/01/10 11:23:02 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptcatsvc.dll
[2018/01/10 11:23:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmCx.sys
[2018/01/10 11:23:01 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2018/01/10 11:23:01 | 001,058,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2018/01/10 11:23:01 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2018/01/10 11:23:01 | 000,461,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2018/01/10 11:23:01 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2018/01/10 11:23:01 | 000,246,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018/01/10 11:23:00 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018/01/10 11:22:57 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2018/01/10 11:22:57 | 000,374,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vac.exe
[2018/01/10 11:22:52 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpbase.dll
[2018/01/10 11:22:51 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2018/01/10 11:22:51 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018/01/10 11:22:51 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2018/01/10 11:22:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2018/01/10 11:22:51 | 000,437,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2018/01/10 11:22:51 | 000,187,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2018/01/10 11:22:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gamingtcui.dll
[2018/01/10 11:22:51 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2018/01/10 11:22:51 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceUpdateAgent.dll
[2018/01/10 11:22:51 | 000,060,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\urscx01000.sys
[2018/01/10 11:22:50 | 002,890,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2018/01/10 11:22:50 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2018/01/10 11:22:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2018/01/10 11:22:50 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2018/01/10 11:22:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2018/01/10 11:22:49 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpbase.dll
[2018/01/10 11:22:49 | 000,747,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2018/01/10 11:22:49 | 000,599,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018/01/10 11:22:48 | 000,571,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018/01/10 11:22:48 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatializerApo.dll
[2018/01/10 11:22:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadjcsp.dll
[2018/01/10 11:22:47 | 000,413,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018/01/10 11:22:47 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018/01/10 11:22:47 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2018/01/10 11:22:43 | 001,353,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2018/01/10 11:22:42 | 000,471,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2018/01/10 11:22:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2018/01/10 11:22:41 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2018/01/10 11:22:41 | 000,260,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018/01/10 11:22:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2018/01/10 11:22:40 | 000,795,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalAuth.dll
[2018/01/10 11:22:40 | 000,566,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018/01/10 11:22:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2018/01/10 11:22:40 | 000,045,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018/01/10 11:22:36 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2018/01/10 11:22:35 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2018/01/10 11:22:35 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2018/01/10 11:22:34 | 001,657,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2018/01/10 11:22:34 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2018/01/10 11:22:33 | 000,705,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2018/01/10 11:22:33 | 000,087,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2018/01/10 11:22:33 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2018/01/10 11:22:32 | 001,245,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2018/01/10 11:22:32 | 000,649,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2018/01/10 11:22:32 | 000,525,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2018/01/10 11:22:32 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2018/01/10 11:22:32 | 000,191,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2018/01/10 11:22:32 | 000,129,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018/01/10 11:22:32 | 000,103,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2018/01/10 11:22:32 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2018/01/10 11:22:31 | 001,597,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2018/01/10 11:22:31 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2018/01/10 11:22:31 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2018/01/10 11:22:31 | 000,264,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018/01/10 11:22:31 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboutSettingsHandlers.dll
[2018/01/10 11:22:31 | 000,163,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2018/01/10 11:22:30 | 000,654,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018/01/10 11:22:30 | 000,592,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2018/01/10 11:22:30 | 000,074,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2018/01/10 11:22:29 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018/01/10 11:22:29 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018/01/10 11:22:29 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2018/01/10 11:22:29 | 000,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2018/01/10 11:22:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2018/01/10 11:22:26 | 003,478,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2018/01/10 11:22:26 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2018/01/10 11:22:26 | 000,373,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2018/01/10 11:22:26 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018/01/10 11:22:26 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2018/01/10 11:22:26 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2018/01/10 11:22:26 | 000,059,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bam.sys
[2018/01/10 11:22:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2018/01/10 11:22:26 | 000,048,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2018/01/10 11:22:26 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdrleakdiag.exe
[2018/01/10 11:22:24 | 000,831,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018/01/10 11:22:24 | 000,617,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018/01/10 11:22:24 | 000,289,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2018/01/10 11:22:24 | 000,129,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2018/01/10 11:22:24 | 000,077,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018/01/10 11:22:24 | 000,066,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2018/01/10 11:22:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdrleakdiag.exe
[2018/01/10 11:22:23 | 000,464,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2018/01/10 11:22:23 | 000,386,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2018/01/10 11:22:23 | 000,367,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2018/01/10 11:22:22 | 002,082,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018/01/10 11:22:22 | 001,015,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018/01/10 11:22:22 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APHostService.dll
[2018/01/10 11:22:22 | 000,292,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2018/01/10 11:22:22 | 000,258,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2018/01/10 11:22:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshhttp.dll
[2018/01/10 11:22:21 | 001,145,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018/01/10 11:22:21 | 001,029,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2018/01/10 11:22:21 | 001,003,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018/01/10 11:22:21 | 000,676,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2018/01/10 11:22:21 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2018/01/10 11:22:21 | 000,549,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2018/01/10 11:22:21 | 000,450,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2018/01/10 11:22:21 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2018/01/10 11:22:21 | 000,147,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2018/01/10 11:22:21 | 000,113,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2018/01/10 11:22:21 | 000,081,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2018/01/10 11:22:21 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2018/01/10 11:22:20 | 000,137,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2018/01/10 11:22:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2018/01/10 11:22:19 | 000,630,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcrt.dll
[2018/01/10 11:22:16 | 000,891,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2018/01/10 11:22:16 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2018/01/10 11:22:16 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2018/01/10 11:22:16 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2018/01/10 11:22:16 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018/01/10 11:22:16 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2018/01/10 11:22:16 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018/01/10 11:22:16 | 000,075,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018/01/10 11:22:15 | 001,230,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2018/01/10 11:22:15 | 000,791,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2018/01/10 11:22:15 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2018/01/10 11:22:15 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2018/01/10 11:22:15 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018/01/10 11:22:15 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\P2P.dll
[2018/01/10 11:22:15 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2018/01/10 11:22:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2018/01/10 11:22:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2018/01/10 11:22:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2018/01/10 11:22:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CapabilityAccessManagerClient.dll
[2018/01/10 11:22:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshhttp.dll
[2018/01/10 11:22:14 | 002,864,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2018/01/10 11:22:14 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018/01/10 11:22:14 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018/01/10 11:22:14 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2018/01/10 11:22:14 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2018/01/10 11:22:14 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2018/01/10 11:22:13 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2018/01/10 11:22:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2018/01/10 11:22:12 | 002,013,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018/01/10 11:22:12 | 001,485,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2018/01/10 11:22:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll
[2018/01/10 11:22:10 | 001,474,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2018/01/10 11:22:10 | 000,748,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2018/01/10 11:22:10 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\P2P.dll
[2018/01/10 11:22:09 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FSClient.dll
[2018/01/10 11:22:08 | 001,664,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2018/01/10 11:22:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2018/01/10 11:22:06 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PushToInstall.dll
[2018/01/10 11:22:04 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2018/01/10 11:22:04 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll
[2018/01/10 11:22:04 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018/01/10 11:22:04 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018/01/10 11:22:04 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msoert2.dll
[2018/01/10 11:22:04 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2018/01/10 11:22:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2018/01/10 11:22:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slcext.dll
[2018/01/10 11:22:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slcext.dll
[2018/01/10 11:22:03 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018/01/10 11:22:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2018/01/10 11:22:03 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2018/01/10 11:22:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018/01/10 11:22:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2018/01/10 11:22:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hascsp.dll
[2018/01/10 11:22:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2018/01/10 11:22:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2018/01/10 11:22:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscproxystub.dll
[2018/01/10 11:22:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll
[2018/01/10 11:22:02 | 001,425,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018/01/10 11:22:02 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll
[2018/01/10 11:22:02 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SpatializerApo.dll
[2018/01/10 11:22:02 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2018/01/10 11:22:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2018/01/10 11:22:01 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018/01/10 11:22:01 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2018/01/10 11:22:01 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2018/01/10 11:22:01 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2018/01/10 11:22:01 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsi.sys
[2018/01/10 11:22:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[2018/01/10 11:22:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RfxVmt.sys
[2018/01/10 11:21:53 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2018/01/10 11:21:51 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018/01/10 11:21:50 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2018/01/10 11:21:50 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2018/01/10 11:21:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscproxystub.dll
[2018/01/10 11:21:46 | 000,966,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2018/01/10 11:21:46 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018/01/10 11:21:46 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2018/01/10 11:21:45 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2018/01/10 11:21:45 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018/01/10 11:21:45 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2018/01/10 11:21:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2018/01/10 11:21:45 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2018/01/10 11:21:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018/01/10 11:21:45 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManagerClient.dll
[2018/01/10 11:21:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmApplicationHealthMonitorProxy.dll
[2018/01/10 11:21:44 | 001,670,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll
[2018/01/10 11:21:44 | 001,663,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll
[2018/01/10 11:21:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2018/01/10 11:21:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2018/01/10 11:21:44 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2018/01/10 11:21:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2018/01/10 11:21:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2018/01/10 11:21:43 | 002,666,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2018/01/10 11:21:43 | 000,047,104 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2018/01/10 11:21:43 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2018/01/10 11:21:42 | 001,980,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2018/01/10 11:21:41 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2018/01/10 11:21:41 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2018/01/10 11:21:41 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcSpecfc.dll
[2018/01/10 11:21:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcSpecfc.dll
[2018/01/10 11:21:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcVSp1res.dll
[2018/01/10 11:21:36 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcVSp1res.dll
[2018/01/10 10:40:22 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Local\DBG
[2018/01/09 21:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2018/01/09 21:06:26 | 000,000,000 | -H-D | C] -- C:\Users\yumi\MicrosoftEdgeBackups
[2018/01/09 21:04:54 | 000,000,000 | R--D | C] -- C:\Users\yumi\3D Objects
[2018/01/09 21:03:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2018/01/09 21:03:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2018/01/09 21:03:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2018/01/09 20:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2018/01/09 20:29:15 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Local\Packages
[2018/01/09 20:27:11 | 000,000,000 | --SD | C] -- C:\Users\yumi\AppData\Roaming\Microsoft
[2018/01/09 20:27:11 | 000,000,000 | R--D | C] -- C:\Users\yumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2018/01/09 20:27:11 | 000,000,000 | R--D | C] -- C:\Users\yumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2018/01/09 20:27:11 | 000,000,000 | R--D | C] -- C:\Users\yumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2018/01/09 20:27:11 | 000,000,000 | R--D | C] -- C:\Users\yumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\スタート メニュー
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\AppData\Local\Temporary Internet Files
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Templates
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\SendTo
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Recent
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\PrintHood
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\NetHood
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Documents\My Videos
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Documents\My Pictures
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Documents\My Music
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\My Documents
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Local Settings
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\AppData\Local\History
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Cookies
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\Application Data
[2018/01/09 20:27:11 | 000,000,000 | -HSD | C] -- C:\Users\yumi\AppData\Local\Application Data
[2018/01/09 20:27:11 | 000,000,000 | -H-D | C] -- C:\Users\yumi\AppData
[2018/01/09 20:27:11 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Local\Temp
[2018/01/09 20:27:11 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Local\Microsoft
[2018/01/09 20:27:11 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2018/01/09 20:24:57 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2018/01/09 20:24:46 | 000,081,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2018/01/09 20:24:46 | 000,077,832 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2018/01/09 20:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2018/01/09 20:21:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2018/01/09 20:20:53 | 000,000,000 | -HSD | C] -- C:\Recovery
[2018/01/09 19:15:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2018/01/09 19:15:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2018/01/03 22:04:57 | 129,365,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2018/01/02 21:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\rempl
[2013/12/27 08:24:29 | 004,216,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vcredist.exe
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/01/26 16:06:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\yumi\Desktop\OTL.exe
[2018/01/26 16:01:27 | 1667,350,528 | -HS- | M] () -- C:\hiberfil.sys
[2018/01/26 16:01:21 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018/01/25 21:17:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2018/01/25 21:11:06 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018/01/22 00:14:07 | 000,122,632 | ---- | M] () -- C:\Users\yumi\Desktop\ccleaner.jpg
[2018/01/22 00:10:59 | 000,019,232 | ---- | M] () -- C:\Users\yumi\Desktop\tre.jpg
[2018/01/21 16:04:19 | 000,288,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2018/01/21 16:04:19 | 000,129,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2018/01/21 16:04:18 | 000,046,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2018/01/21 15:30:08 | 000,001,173 | ---- | M] () -- C:\Users\yumi\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2018/01/21 15:30:08 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2018/01/21 15:17:38 | 000,097,344 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2018/01/18 16:49:56 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/01/17 18:57:01 | 000,089,010 | ---- | M] () -- C:\Users\yumi\Desktop\ad.jpg
[2018/01/15 16:05:10 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2018/01/15 15:59:36 | 000,211,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\drivers\VBoxNetLwf.sys
[2018/01/15 15:59:36 | 000,200,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\drivers\VBoxNetAdp6.sys
[2018/01/14 14:26:32 | 000,002,103 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2018/01/14 11:33:44 | 005,845,504 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2018/01/10 15:25:52 | 001,529,828 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018/01/10 15:25:52 | 000,717,058 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018/01/10 15:25:52 | 000,521,306 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2018/01/10 15:25:52 | 000,144,984 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018/01/10 15:25:52 | 000,144,954 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2018/01/10 14:27:22 | 000,000,242 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2018/01/10 14:25:48 | 000,434,048 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

OTL 4/4



[2018/01/10 11:58:02 | 129,365,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2018/01/09 21:04:23 | 000,000,451 | ---- | M] () -- C:\WINDOWS\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[2018/01/09 21:04:20 | 000,000,824 | RHS- | M] () -- C:\Users\yumi\ntuser.pol
[2018/01/09 21:01:51 | 000,015,243 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2018/01/09 21:01:51 | 000,015,243 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2018/01/09 20:59:02 | 000,023,304 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2018/01/09 20:25:30 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2018/01/02 02:15:38 | 000,956,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2018/01/01 21:54:36 | 000,924,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018/01/01 21:53:26 | 001,090,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018/01/01 21:52:23 | 000,066,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2018/01/01 21:51:59 | 000,059,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bam.sys
[2018/01/01 21:51:56 | 001,055,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018/01/01 21:51:31 | 000,191,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2018/01/01 21:51:23 | 001,209,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018/01/01 21:51:18 | 001,414,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018/01/01 21:50:58 | 000,479,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018/01/01 21:50:35 | 000,077,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018/01/01 21:50:17 | 000,780,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018/01/01 21:50:07 | 005,905,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2018/01/01 21:49:34 | 008,605,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018/01/01 21:49:34 | 000,292,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2018/01/01 21:49:31 | 000,599,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018/01/01 21:49:10 | 000,319,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018/01/01 21:48:26 | 001,954,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018/01/01 21:48:18 | 007,831,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2018/01/01 21:48:18 | 000,382,360 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2018/01/01 21:47:06 | 000,649,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2018/01/01 21:46:23 | 000,898,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018/01/01 21:46:11 | 000,471,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2018/01/01 21:43:31 | 001,173,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018/01/01 21:43:16 | 000,367,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2018/01/01 21:42:46 | 000,571,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018/01/01 21:42:34 | 000,184,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2018/01/01 21:42:01 | 001,029,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2018/01/01 21:41:32 | 000,549,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2018/01/01 21:41:24 | 000,559,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018/01/01 21:41:18 | 007,676,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018/01/01 21:40:19 | 001,206,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018/01/01 21:39:58 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2018/01/01 21:39:06 | 000,129,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2018/01/01 21:38:53 | 000,519,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018/01/01 21:38:43 | 000,038,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2018/01/01 21:38:24 | 003,904,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018/01/01 21:38:09 | 000,103,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2018/01/01 21:37:57 | 000,461,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2018/01/01 21:37:09 | 001,426,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018/01/01 21:36:57 | 000,113,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2018/01/01 21:36:25 | 000,413,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018/01/01 21:36:20 | 000,374,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vac.exe
[2018/01/01 21:35:34 | 000,075,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018/01/01 21:35:16 | 001,170,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018/01/01 21:34:51 | 001,336,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018/01/01 21:34:45 | 007,385,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018/01/01 21:34:45 | 000,260,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018/01/01 21:34:43 | 000,087,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2018/01/01 21:33:42 | 000,603,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018/01/01 21:32:57 | 004,481,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018/01/01 21:32:30 | 000,617,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018/01/01 21:27:26 | 000,163,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2018/01/01 21:26:45 | 000,081,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2018/01/01 21:25:50 | 000,147,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2018/01/01 21:25:26 | 000,615,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2018/01/01 21:06:49 | 000,311,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2018/01/01 21:03:39 | 000,650,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018/01/01 21:03:36 | 000,566,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018/01/01 20:49:35 | 000,258,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2018/01/01 20:46:57 | 000,289,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2018/01/01 20:46:25 | 003,485,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018/01/01 20:45:34 | 006,092,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018/01/01 20:45:26 | 000,450,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2018/01/01 20:42:47 | 000,386,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2018/01/01 20:42:41 | 004,644,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018/01/01 20:42:40 | 006,479,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018/01/01 20:42:32 | 000,129,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018/01/01 20:42:32 | 000,074,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2018/01/01 20:37:35 | 025,247,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018/01/01 20:25:41 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018/01/01 20:25:29 | 002,905,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018/01/01 20:25:10 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2018/01/01 20:25:01 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018/01/01 20:25:00 | 000,097,792 | ---- | M] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2018/01/01 20:24:59 | 000,038,912 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2018/01/01 20:24:56 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2018/01/01 20:24:55 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2018/01/01 20:24:09 | 003,668,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018/01/01 20:24:01 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboutSettingsHandlers.dll
[2018/01/01 20:23:59 | 001,313,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018/01/01 20:23:36 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018/01/01 20:23:35 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2018/01/01 20:23:27 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2018/01/01 20:23:25 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2018/01/01 20:23:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2018/01/01 20:23:24 | 000,047,104 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2018/01/01 20:23:20 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2018/01/01 20:23:20 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018/01/01 20:22:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2018/01/01 20:22:10 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2018/01/01 20:22:07 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmApplicationHealthMonitorProxy.dll
[2018/01/01 20:21:24 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2018/01/01 20:21:09 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2018/01/01 20:21:04 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2018/01/01 20:21:03 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2018/01/01 20:20:48 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018/01/01 20:20:48 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RfxVmt.sys
[2018/01/01 20:20:47 | 018,917,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018/01/01 20:20:46 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2018/01/01 20:20:44 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2018/01/01 20:20:42 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2018/01/01 20:20:38 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshhttp.dll
[2018/01/01 20:20:36 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018/01/01 20:20:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2018/01/01 20:20:16 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2018/01/01 20:20:14 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018/01/01 20:20:13 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018/01/01 20:20:10 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2018/01/01 20:20:07 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018/01/01 20:19:57 | 000,366,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2018/01/01 20:19:45 | 000,340,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2018/01/01 20:19:45 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshhttp.dll
[2018/01/01 20:19:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll
[2018/01/01 20:19:37 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmsvc.dll
[2018/01/01 20:19:36 | 008,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018/01/01 20:19:36 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2018/01/01 20:19:30 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018/01/01 20:19:25 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018/01/01 20:19:25 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2018/01/01 20:19:20 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2018/01/01 20:19:17 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2018/01/01 20:19:17 | 000,416,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2018/01/01 20:19:17 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2018/01/01 20:19:14 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018/01/01 20:19:13 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2018/01/01 20:19:11 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2018/01/01 20:19:05 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\P2P.dll
[2018/01/01 20:19:02 | 000,795,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalAuth.dll
[2018/01/01 20:18:49 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2018/01/01 20:18:42 | 000,748,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2018/01/01 20:18:42 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2018/01/01 20:18:41 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2018/01/01 20:18:39 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2018/01/01 20:18:37 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018/01/01 20:18:36 | 000,432,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018/01/01 20:18:35 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2018/01/01 20:18:33 | 000,699,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018/01/01 20:18:31 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APHostService.dll
[2018/01/01 20:18:27 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2018/01/01 20:18:23 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\P2P.dll
[2018/01/01 20:18:19 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2018/01/01 20:18:03 | 000,436,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018/01/01 20:17:53 | 000,559,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018/01/01 20:17:50 | 001,485,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2018/01/01 20:17:47 | 000,456,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2018/01/01 20:17:41 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2018/01/01 20:17:36 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018/01/01 20:17:32 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2018/01/01 20:17:29 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2018/01/01 20:17:21 | 006,564,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018/01/01 20:17:20 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2018/01/01 20:17:20 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018/01/01 20:17:15 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msoert2.dll
[2018/01/01 20:17:01 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018/01/01 20:17:00 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018/01/01 20:16:42 | 000,831,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018/01/01 20:16:36 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2018/01/01 20:16:35 | 000,966,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2018/01/01 20:16:33 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2018/01/01 20:16:30 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018/01/01 20:16:27 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2018/01/01 20:16:24 | 000,815,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018/01/01 20:16:13 | 004,839,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2018/01/01 20:16:08 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpbase.dll
[2018/01/01 20:16:04 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018/01/01 20:16:04 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2018/01/01 20:16:03 | 005,833,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2018/01/01 20:16:01 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018/01/01 20:16:00 | 000,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2018/01/01 20:15:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2018/01/01 20:15:54 | 012,687,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018/01/01 20:15:50 | 006,029,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018/01/01 20:15:48 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2018/01/01 20:15:33 | 002,349,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2018/01/01 20:15:16 | 001,245,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2018/01/01 20:15:13 | 001,657,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2018/01/01 20:15:10 | 000,756,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018/01/01 20:15:08 | 000,951,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2018/01/01 20:14:59 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018/01/01 20:14:37 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018/01/01 20:14:36 | 001,003,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018/01/01 20:14:27 | 002,465,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018/01/01 20:14:22 | 001,097,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpbase.dll
[2018/01/01 20:14:10 | 000,917,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018/01/01 20:13:53 | 001,474,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2018/01/01 20:13:34 | 002,013,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018/01/01 20:13:26 | 013,657,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018/01/01 20:13:16 | 003,121,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Profiles.Gatt.dll
[2018/01/01 20:12:37 | 000,464,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2018/01/01 20:12:30 | 002,633,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2018/01/01 20:12:19 | 002,208,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018/01/01 20:12:18 | 001,547,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018/01/01 20:12:14 | 001,573,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2018/01/01 20:11:50 | 000,812,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2018/01/01 20:11:46 | 001,343,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2018/01/01 20:11:45 | 002,082,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018/01/01 20:11:40 | 004,748,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018/01/01 20:11:28 | 000,715,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018/01/01 20:11:23 | 001,231,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018/01/01 20:11:13 | 002,859,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018/01/01 20:11:12 | 001,597,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2018/01/01 20:11:08 | 008,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018/01/01 20:11:00 | 003,165,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018/01/01 20:10:11 | 003,126,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2018/01/01 20:10:01 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscproxystub.dll
[2018/01/01 20:09:56 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DbgModel.dll
[2018/01/01 20:09:00 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2018/01/01 20:08:36 | 000,685,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018/01/01 20:08:27 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2018/01/01 20:06:22 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscproxystub.dll
[2018/01/01 20:05:52 | 002,510,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2018/01/01 20:05:42 | 001,160,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2018/01/01 20:05:24 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/01/22 00:10:59 | 000,019,232 | ---- | C] () -- C:\Users\yumi\Desktop\tre.jpg
[2018/01/21 23:25:12 | 000,122,632 | ---- | C] () -- C:\Users\yumi\Desktop\ccleaner.jpg
[2018/01/21 15:47:33 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018/01/21 15:30:08 | 000,001,173 | ---- | C] () -- C:\Users\yumi\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2018/01/21 15:30:08 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2018/01/18 16:49:56 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/01/17 18:57:01 | 000,089,010 | ---- | C] () -- C:\Users\yumi\Desktop\ad.jpg
[2018/01/10 11:24:16 | 003,331,520 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2018/01/10 11:24:09 | 002,491,112 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018/01/10 11:23:48 | 000,975,872 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2018/01/10 11:22:29 | 000,269,696 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2018/01/10 11:22:15 | 000,097,792 | ---- | C] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2018/01/09 21:04:20 | 000,000,824 | RHS- | C] () -- C:\Users\yumi\ntuser.pol
[2018/01/09 20:59:57 | 000,015,243 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2018/01/09 20:59:57 | 000,015,243 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2018/01/09 20:49:02 | 001,529,828 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018/01/09 20:33:39 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2018/01/09 20:27:11 | 000,000,352 | ---- | C] () -- C:\Users\yumi\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2018/01/09 20:27:11 | 000,000,334 | ---- | C] () -- C:\Users\yumi\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2018/01/09 20:23:12 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018/01/09 20:21:24 | 000,434,048 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018/01/09 19:01:20 | 000,150,810 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2018/01/09 19:01:19 | 000,150,810 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017/09/29 22:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017/09/29 22:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017/09/29 22:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017/09/29 22:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/09/29 22:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017/09/29 22:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017/09/29 22:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017/09/29 22:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017/09/29 22:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017/09/29 22:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017/09/29 22:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017/09/29 22:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017/09/29 22:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017/09/29 22:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017/09/29 22:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/09/29 22:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/11/28 04:41:28 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/05/03 23:30:46 | 000,200,200 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2016/05/03 23:30:44 | 000,161,288 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/05/11 09:25:20 | 000,047,289 | ---- | C] () -- C:\ProgramData\1399767901.bdinstall.bin
[2014/05/07 16:05:54 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018/01/01 21:41:18 | 007,676,296 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018/01/01 20:45:34 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/09/29 22:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017/09/29 22:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017/09/29 22:42:04 | 000,506,880 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2012/11/30 05:39:24 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2018/01/21 14:51:41 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/01/06 12:02:38 | 000,000,000 | -H-D | M] -- C:\Action!\Video\.thumbs
[2015/08/03 12:28:48 | 000,000,000 | -H-D | M] -- C:\dmmgames\config
[2016/07/22 16:14:44 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/30 04:38:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2015/08/03 12:50:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\IObit\LiveUpdate\update
[2012/11/30 05:11:49 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Sony\VAIO Startup Setting Tool
[2018/01/25 20:42:40 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2014/05/11 10:13:36 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2015/11/01 12:16:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2012/11/30 05:23:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\BDNAV
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerDVD\9.0
[2012/11/30 05:26:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Power2Go\8.0
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerDVD\9.0
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2018/01/09 20:42:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2018/01/09 21:03:08 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2014/05/11 10:13:36 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2015/11/01 12:16:58 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2012/11/30 05:23:25 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\BDNAV
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerDVD\9.0
[2012/11/30 05:26:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Power2Go\8.0
[2013/04/03 01:02:28 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerDVD\9.0
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2018/01/09 20:42:14 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2018/01/10 14:28:47 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2018/01/21 15:30:08 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2018/01/09 20:02:12 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2018/01/09 20:28:56 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData
[2016/03/23 14:13:31 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2016/03/23 14:13:21 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Local\Microsoft\Windows\IECompatCache\Low
[2016/03/23 14:13:21 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Local\Microsoft\Windows\IECompatUACache\Low
[2016/07/28 13:04:39 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2016/07/28 13:04:39 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2018/01/09 20:45:34 | 000,000,000 | -H-D | M] -- C:\Users\t.a.k.u.m.i\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2018/01/09 20:31:51 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData
[2014/09/27 20:58:00 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2014/09/27 20:58:00 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2016/07/28 20:03:08 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2016/07/28 20:03:08 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2016/06/19 10:21:32 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\osu!\Data
[2016/06/19 10:12:44 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\osu!\_cleanup
[2015/12/06 14:58:55 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Local\VirtualStore\ProgramData
[2014/07/15 11:58:50 | 000,000,000 | RH-D | M] -- C:\Users\taiga\AppData\Roaming\SecuROM
[2018/01/09 20:53:41 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/12/06 14:38:16 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Roaming\Opera Software\Opera Stable\Extensions\epanfjkfahimkgomnigadpkobaefekcd
[2015/12/06 14:38:16 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Roaming\Opera Software\Opera Stable\Extensions\epanfjkfahimkgomnigadpkobaefekcd\5.3.1901
[2015/12/06 14:38:16 | 000,000,000 | -H-D | M] -- C:\Users\taiga\AppData\Roaming\Opera Software\Opera Stable\Extensions\epanfjkfahimkgomnigadpkobaefekcd\5.3.1901\icons
[2014/07/16 15:57:49 | 000,000,000 | RH-D | M] -- C:\Users\taiga\AppData\Roaming\SecuROM\UserData
[2018/01/09 20:30:05 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData
[2018/01/09 21:06:26 | 000,000,000 | -H-D | M] -- C:\Users\yumi\MicrosoftEdgeBackups
[2018/01/21 15:05:39 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2018/01/21 15:05:39 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2018/01/09 21:07:41 | 000,000,000 | RH-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Windows\Burn\Burn
[2018/01/21 14:56:37 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2016/07/30 11:02:13 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2016/07/30 11:02:13 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2018/01/09 20:50:52 | 000,000,000 | -H-D | M] -- C:\Users\yumi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/08/04 15:58:10 | 000,000,000 | -H-D | M] -- C:\Windows\AxInstSV
[2017/09/29 22:46:39 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2014/11/10 16:31:47 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2018/01/09 19:25:28 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2018/01/09 19:25:28 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2018/01/09 20:16:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicy
[2018/01/09 20:16:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicyUsers
[2016/07/28 12:51:31 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicyUsers\S-1-5-21-218680132-2310203875-1446431275-1001
[2016/07/28 12:51:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicyUsers\S-1-5-21-218680132-2310203875-1446431275-1004
[2016/07/28 12:51:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\SysNative\GroupPolicyUsers\S-1-5-21-218680132-2310203875-1446431275-1006
Invalid Environment Variable: windri

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10JPVT-55A1YT0
Partitions: 5
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.00GB
Starting Offset: 273678336
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1819279360
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 899.00GB
Starting Offset: 2226126848
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 30.00GB
Starting Offset: 967739179008
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2018/01/01 20:18:49 | 000,144,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 001,345,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,841,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2017/09/29 22:42:14 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,450,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2017/09/29 22:42:16 | 000,332,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2017/09/30 23:38:18 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2017/09/29 22:42:16 | 000,314,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,286,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,109,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:50 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2017/09/29 22:42:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2017/12/08 07:01:37 | 000,601,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,460,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2018/01/01 20:15:42 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2018/01/01 20:12:09 | 000,760,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2018/01/01 20:20:09 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,930,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:55 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,057,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,246,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,270,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,613,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2017/09/29 22:42:14 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2018/01/01 20:11:01 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:00 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2017/09/29 22:42:25 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:00 | 000,069,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 001,558,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2018/01/01 20:09:14 | 001,487,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2018/01/01 20:08:36 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:13 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV - [2018/01/21 16:04:18 | 000,105,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2018/01/01 20:11:37 | 001,816,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2018/01/01 20:09:37 | 000,925,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,610,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:52 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2017/09/29 22:42:18 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 000,220,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/11/26 21:03:28 | 002,783,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2018/01/01 20:10:35 | 002,528,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,276,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >


ここまでが、OTLです。

Extras 1/2



OTL Extras logfile created on: 2018/01/26 16:21:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yumi\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.88 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.30% Memory free
6.63 Gb Paging File | 4.88 Gb Available in Paging File | 73.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 898.85 Gb Total Space | 737.75 Gb Free Space | 82.08% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: yumi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = BaiduSparkHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = BaiduSparkHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = F5 47 4B B2 41 89 D3 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F90C9AD-8D8C-4579-AB0F-BCB25AE5B39F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{227E5D86-E088-41DF-9E2A-A7C53F4B3812}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{25E83154-F596-49C0-9F2E-7E725B76F4B2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{267EACDE-19D0-4DF7-A2B7-431F62203A71}" = rport=2869 | protocol=6 | dir=out | app=system |
"{27B39688-50F8-4D82-8849-36056369572A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{679F8DF2-FA51-42D3-A53C-7481C474B81F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D955F4F2-4E56-4929-93B1-B2EF22AFBFAA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E4B5A0C7-AFE9-43A9-9630-9B79250533F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB62B75A-FFDC-4077-8A03-9AECF33A31C5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F61F1C71-7555-4F6D-A6C1-96AE2EE4C781}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FC094C75-2533-4E53-9A47-85E067501E8B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C554EE-1F77-4F74-925A-AA2C5A491DCC}" = dir=out | name=@{microsoft.commsphone_3.34.12002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{011493AB-B44B-4563-B00B-C9C62FDE0780}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{0236ED16-18D6-4E16-A715-F64DF5AF5076}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{0331A99B-C930-4E67-983A-B29554E1CFF0}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{036BD3EA-64E6-40C1-A99E-B4D69435F18D}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1704.1603.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{03A30303-FDD5-4A66-BAB2-6B07C28DCD5F}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{043C1F01-FA66-4D32-BD4B-962976B189BD}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8400.40795.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{04684C7F-3701-4AEA-8338-D38607438F0F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{050329E9-F241-44BB-B6BC-5CBC942704A7}" = dir=in | name=@{microsoft.bingnews_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{050A87F8-D051-4E80-B033-80BE6185E542}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{06364FA0-15C5-4AFA-A03B-361655AE467F}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{063E655F-6BA4-4D2F-88B3-01E186B8D680}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0647784B-FD46-405C-BEC0-096E3BA08A42}" = dir=in | name=microsoft sticky notes |
"{09EBF1DD-68D9-4A35-BA14-6BB2672C6972}" = dir=out | name=sway |
"{0AAC2BC9-3A0C-4D39-A18B-F7DC5FFDC422}" = dir=in | name=microsoft sticky notes |
"{0ACD3DA3-5572-4D05-9DCE-FF23ABD5BA03}" = dir=in | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{0AD51F79-9EE6-4F25-8D65-67D0F07647B6}" = dir=in | name=taptiles |
"{0BE1A706-7D0B-49BB-B654-7AD37EC8E717}" = dir=out | name=microsoft solitaire collection |
"{0C5CC93A-DE83-4313-B8A8-A3B0E833DF73}" = dir=in | name=@{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0CCCA349-35DA-4ECD-B81F-87DE401F323C}" = dir=in | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{0CE6E6B2-9FCA-4A9B-8BAD-D71500527B21}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{0D1BEC6F-C6C8-4430-ABD3-D61517B6AE67}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{0D98E15C-DAB6-4202-8C19-550A6BD41767}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{0DB84408-8508-4876-97CF-EC1A4451D582}" = dir=out | name=wordament |
"{0F14ED48-DFA5-4E8B-8C26-0D66015C0723}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{107F0D92-1F49-45F8-AB91-B00CCEA5A913}" = dir=out | name=@{microsoft.storepurchaseapp_11712.1801.10002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{111C5E33-CDC2-4AC4-B9D7-71EAE7B069C9}" = dir=in | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{1163A151-F989-4918-B781-D2BEFDA3A63C}" = dir=out | name=@{microsoft.windows.photos_17.313.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{116D5145-51F9-4B4E-82CC-DE09958CF338}" = dir=in | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{11A829DC-19AD-46C7-BF59-E794759A141A}" = dir=in | name=@{microsoft.bingnews_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{11DDC5AD-89AE-4994-8B32-39C9C538984B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1222D22E-8E1F-45AD-98F7-A6D2FB0CD933}" = dir=out | name=twitter |
"{123F9428-D900-414F-8A4A-FAA0721320FB}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{12F28CE2-1F35-475F-B6C5-57A170E11409}" = dir=in | name=@{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{1486FF4E-107C-4DFB-AEBC-015166D3D64B}" = dir=in | name=vaio care |
"{14E6C12D-5A28-40DE-B898-CA56CFE7D913}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1507D5CB-4318-452B-8AE6-4CFFC9748F11}" = dir=in | name=@{microsoft.bingfinance_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{1780CDFF-DCDD-46FC-94E5-4250916479AE}" = protocol=6 | dir=in | app=c:\program files (x86)\hangame\his\hs.exe |
"{18791753-6D2E-49F6-9306-1A903ADC92B8}" = dir=in | name=microsoft sticky notes |
"{1AB02D2B-5B87-40D2-AE62-D5B3E82C03B1}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{1C0C6705-9A99-4575-B7D1-F9426302D4C5}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{1C21305D-443A-499F-9636-881FC5A6E25F}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{1C4670D3-DDFD-429B-B8D3-0957F715A919}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1C7B6A45-636F-4372-93F9-6D168A52B7CB}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{1CC2B6CD-2F8D-4512-96C0-E35068776734}" = dir=out | name=microsoft sticky notes |
"{1CFDE3D0-3582-4001-89D4-7482A2A47518}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{1D461926-C3EE-464D-9E01-CB4880CEAA99}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{1D4850F3-56CE-407A-B845-05DC31771DFB}" = dir=out | name=@{microsoft.bingnews_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{1DC256B8-5C7D-49F9-96C0-ED31F5A38509}" = dir=out | name=@{microsoft.zunemusic_10.17086.24711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{1DE7C194-226C-4B7B-AE8A-F8B58B74E15F}" = dir=out | name=@{microsoft.microsoft3dviewer_2.1801.4012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{1F790E7F-5D14-4FAA-8F1C-F9681927E81D}" = dir=out | name=sway |
"{1FFCE683-550D-45EA-890D-04DAFA7E7721}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{2009F69A-3898-4D70-9EA8-CFC526DB79BB}" = dir=in | name=@{microsoft.zunevideo_10.17022.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{20847359-692A-4490-95AB-050C6EF4A799}" = dir=in | name=@{microsoft.windowsstore_11712.1001.13.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{2200F42C-98CB-47DC-98D7-CFABBE072074}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{22A9D102-FA0A-45CA-89E3-848686423F1E}" = protocol=17 | dir=in | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{22F23E26-2DCA-4B92-84EC-B6504F437A97}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{232D9FD9-83C3-41D8-9740-05D9FCC59646}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{232F95C9-416A-4CE0-91AB-9442C10AB149}" = dir=out | name=wordament |
"{24551E99-FAC2-4915-9F5F-C04E780D5675}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2455C798-C499-40F1-B539-1A9A866C5C44}" = dir=out | name=microsoft sticky notes |
"{2577B424-5477-4E71-B437-A54F2AA122C2}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{25CA0AAC-BAD4-4FAB-ACD8-C5C309FBFBC8}" = dir=out | name=vaio care |
"{2611CF03-63CF-4E5C-8DF7-ECC9B4A3A4EC}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{26305E25-57C5-47CE-9EAD-FCC889FCE8B0}" = dir=in | name=@{microsoft.zunevideo_10.17112.13411.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{265CDDE5-AEE6-4D7A-9BF5-F9F7938925B9}" = dir=out | name=@{microsoft.skypeapp_11.14.675.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{27357CD6-6260-4314-8B32-48B5FC4AE118}" = dir=in | name=microsoft solitaire collection |
"{27EB0BA4-610C-4C8C-BC5D-46A9D7F741C3}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{297223E7-2426-4DC6-9022-C7F85EA4307B}" = dir=out | name=microsoft minesweeper |
"{2A1B97E5-29D1-45B9-B65E-7B9CCE552CCE}" = dir=out | name=microsoft minesweeper |
"{2A711371-354B-4ADC-B2C0-0352ED134CD7}" = protocol=17 | dir=in | app=c:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe |
"{2AE82F80-E354-4342-BFCF-63DE526D7ED0}" = protocol=17 | dir=in | app=c:\program files (x86)\hangame\his\hs.exe |
"{2C01DBDF-945C-4AB0-9094-418C4F502D61}" = dir=out | name=@{microsoft.microsoftofficehub_17.8107.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{2D60223C-0525-42C9-88E8-685C4A3A9203}" = dir=out | name=@{microsoft.windowsmaps_5.1708.2764.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{2E5DA13B-BBE7-49AC-85BD-F91023D3BEDA}" = dir=in | name=@{microsoft.commsphone_3.34.12002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{2F2DE7B8-3CCC-42A4-B081-8BECD7E4405A}" = dir=out | name=candy crush soda saga |
"{2F475651-2559-4FCC-BE8A-9727C35F2081}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2F557CE5-6B60-4C25-8348-5C40BCDACE7D}" = dir=out | name=@{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{3063C98C-8388-44BD-8752-4D5B72076385}" = dir=in | name=@{microsoft.windows.photos_17.425.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{31F76F52-63EA-4F5F-B083-BDBC8F3A62BF}" = dir=in | name=vaio care |
"{325FC851-2BAE-469B-ACBB-74798EB28747}" = dir=out | name=candy crush soda saga |
"{335355AD-751B-496E-84F4-2405E60E6B75}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{34109517-58BE-4EC2-B32A-B40C86AE0A5D}" = dir=out | name=乗換navitime |
"{34734FF4-5662-4688-B07F-959199D6AB0A}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{34E2B4CD-214A-46ED-BE79-61903638B3EC}" = dir=out | name=@{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{3530C9AB-5FA1-452C-B6C7-032ACC2CC885}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{3545D00D-5921-423F-9532-BCDB1ED17E39}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{35AA6BB7-C804-44EF-836F-022EED969238}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\undertale\undertale.exe |
"{377A46DA-498C-44FF-A293-4BB17B38769A}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{37D38F06-482D-497A-AF92-30584F34760E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{37F8F5DB-3ABD-4BF3-A4D7-98E0CC2BB120}" = dir=in | name=xbox |
"{3836172E-9B5F-44A3-AE9A-5255512486CE}" = dir=in | name=@{microsoft.microsoftofficehub_17.8107.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{3868B2E3-9E50-49CF-85DC-89C4BC79187A}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{3883F8DE-9BF6-4854-B4C2-BEF8A0F6570D}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{393A5F75-059F-4E90-9F44-DB01D5F9DA4E}" = dir=out | name=vaio care |
"{39FD135A-F15F-4AE1-B4AB-213AD5FEAAF8}" = dir=out | name=@{microsoft.bingnews_4.22.3254.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{3AEC0E61-51AC-4AEF-80C0-CD0746EE3E7F}" = protocol=17 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"{3AF6A23A-214D-4930-A8A9-07C00D851673}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{3B1DD37D-AE5C-4E85-880F-7A2736A65AA9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3C9EEB9D-7975-4523-9DA6-81DD7EACEB70}" = dir=out | name=vaio care |
"{3CD81822-70DB-4D62-A6BF-C854215655A8}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{3D8D96F2-DFC4-47E7-B557-403E7E942C70}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3E2E26BD-487D-4781-A17A-CD38DB1B2635}" = dir=in | name=onenote |
"{3E8C2BE0-671F-48D6-ADF2-52A2B153BAFA}" = dir=out | name=sway |
"{3FD5F564-E4FD-4D52-9EFE-59B4CD2F6987}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{3FF10D27-D92A-4DF1-9FD3-E1F86C983CB0}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{400C5BCC-C982-4BDA-BFA7-20A4FB1F0AAA}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{402F553D-DC60-4336-925A-9D54EBEC618E}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{413A0898-F713-4B1F-888E-F76D959363B9}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{413A22F5-A593-478D-B864-A799CB77FA7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{422D501F-FFD1-4840-B84D-89BA4C137117}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{4343C298-1676-4308-A084-A211A0832EBD}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{4375B5E6-CC65-46E6-A2A4-1922B6E46068}" = dir=in | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{45471B83-EA57-42F6-BB12-94CAA860FCBF}" = dir=out | name=onenote |
"{46E2C354-80B9-40D5-BB08-1EF8A4519726}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1711.3412.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{481573F8-3504-4B17-BC70-20AA855A1549}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8827.21595.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{48C608DF-1491-4E00-B8C6-D481F21483AA}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{48E5108D-9D1A-419D-9289-1FABC16A7788}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{4AB689B9-4002-4830-9083-A6C6866365B8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4B8800FA-D4B7-464B-9C37-9637A8162A79}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{4C067ABE-449F-43A8-B1F8-20303BAF5B27}" = dir=out | name=taptiles |
"{4C0E7AA1-6C29-42DF-9E7C-D5BBDED2F183}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4C2339CC-09B5-4074-9768-DC0A4FB9D45A}" = dir=out | name=@{microsoft.getstarted_5.10.1441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{4D431813-67F5-48B9-B848-5A36A09D4F03}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{4D454665-7607-488C-8E83-5640C1B3C4DE}" = dir=out | name=@{microsoft.getstarted_5.10.1441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{4E8E92FB-4427-435C-9BF1-70FD60273FAC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{4F88550F-3566-4891-AA1B-E1444D4884DE}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{514C489C-D9FD-4518-9184-396FAD094232}" = dir=out | name=@{microsoft.xboxidentityprovider_12.30.5001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{51C8EAAB-8613-49EE-9131-BDDFDCFFCD10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{52A27462-52C4-4458-A4C5-B07330819BB7}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{5343FA83-23FD-4CF6-B8E9-C86B7E90D5FB}" = dir=out | name=@{microsoft.3dbuilder_14.1.1302.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{53782428-787F-433A-ACC5-188501647C67}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{547202ED-DB84-47FC-A354-AC3EE49B06ED}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{54E93892-6D24-4FCD-8AEE-320948948FF5}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{55245F66-1F86-4CC5-BBE9-94FA3476BCAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\undertale\undertale.exe |
"{55A7521F-C8C1-40B1-B591-7D6D3D31219E}" = dir=out | name=microsoft solitaire collection |
"{55F1B766-7D8D-400F-B2D9-944E80F2A539}" = dir=in | name=@{microsoft.bingsports_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{563CD9D0-D839-4C3A-BE52-59CA0F7ABB6D}" = dir=in | name=@{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{58F41785-5387-4343-A97E-4A1ED57F9DEE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{59057015-EDF9-47E6-A50F-111AF5F3F8CA}" = dir=in | name=sway |
"{595370B7-5C17-4BE0-B91D-5005FD97FE49}" = dir=in | name=@{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{59A4E555-AF8C-49A5-95B2-AFAC598710AD}" = dir=out | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{59A88E4C-371C-416C-B405-99355F64531E}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1711.3412.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{59C12870-A90D-43C2-9FF3-5D443C3C4C1C}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{5A0774BD-CEFB-4E85-A32A-88E03B76B0A2}" = dir=out | name=@{microsoft.messaging_3.34.25004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{5BF656EE-5833-4980-B548-72EB5A4609E1}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{5C305A18-1B70-4DF4-94B9-4521EFA31DBC}" = dir=out | name=@{microsoft.skypeapp_12.13.274.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{5D1E3EB5-5142-46A7-AA8F-3A388C7E18A0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5DB43702-1CFF-45C7-8BF4-61B1C422BD05}" = dir=in | name=@{microsoft.zunemusic_10.17086.24711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5E0FA075-9D78-4469-B024-0679F434CBCA}" = dir=out | name=@{microsoft.bingnews_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{5E9336CC-ED75-4701-9B78-C5C2252275B1}" = dir=in | name=print 3d |
"{5FD1DA09-C63B-4D9E-AE49-12ABB589379C}" = protocol=17 | dir=in | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{5FF47477-351E-45C9-B30B-E217698507ED}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoftandroiddaemon.exe |
"{600642E4-DCED-43B5-9FD0-1FCD02892E82}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{619F7FCA-7906-4127-B708-F2DB14B77D88}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{61CCC030-A3BD-4F42-8EAE-4B86C3340AA0}" = dir=in | name=@{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{628ED236-CBD9-4E43-9E77-8A9C3E384101}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{62B01104-79E4-4631-9EA7-E3726667F737}" = dir=in | name=@{microsoft.microsoftofficehub_17.8830.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{63AD7E94-2432-4473-83FF-CDAB847A1D15}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6510B77D-AF2D-42B2-8A1C-0474A1B79827}" = dir=out | name=sony select |
"{66AFBFFC-FCA5-4576-B5BC-5435F1786660}" = dir=out | name=twitter |
"{6702DDCE-931F-462B-BCB9-EB7C588DE281}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{672C4312-C354-4924-90E5-94DCDF0EB5ED}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.12894.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{67356A00-8CAB-438D-B090-5DC32E19712D}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\ios recorder.exe |
"{67500F5F-CAE9-4E31-89FE-0E27286AEE3F}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{6762BE76-FC20-411C-9405-A0E28988810B}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{678B6CAC-B04C-4B90-951C-03D06C6F6A50}" = dir=out | name=xbox |
"{68169B77-7E98-49D0-962D-1ACB5EB67F03}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe |
"{69C444A6-BD53-4193-8722-8750F806464A}" = dir=out | name=@{microsoft.accountscontrol_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{6A1A7C7D-16AA-4FED-A023-3B6296358990}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"{6B1C35C8-C57E-459E-B689-53B9475886CC}" = dir=out | name=楽天gateway |
"{6D047638-DD37-4FB0-8E6A-FAD255167EB7}" = dir=out | name=@{microsoft.microsoftofficehub_17.8830.7600.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{6F536E45-D30C-44C6-BAED-ACB8241EE3B5}" = dir=out | name=sony select |
"{6FCD81B2-F7FF-4D67-8E29-28FDF09CCBB7}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{7182DA11-22D0-4D52-B9BD-52356B41DCED}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\java.exe |
"{71DAE5D7-5260-42FC-B3DE-8B866646C1BC}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{727B1ED6-5E19-4A59-B975-AD4977CEFF55}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{72ACC5A3-1152-45FD-85D2-C9EF1B56292D}" = dir=in | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{750A51C4-89B6-4437-B8DA-704A018DA2E7}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{760F21DD-A19F-46A0-AD7B-E45EF1A78FEC}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe |
"{764148BB-EA33-4280-8605-6B8299A5796E}" = dir=out | name=@{microsoft.bingweather_4.22.3254.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{797B9675-3CA2-4EB4-A819-B4B45F33506B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{79BBF2DF-58A2-4E98-B90B-FAE6F36145E1}" = dir=out | name=@{microsoft.xboxidentityprovider_11.29.23003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{7A9198E2-B8A9-49A8-8464-8C9BBC9CF29E}" = dir=in | app=c:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe |
"{7B615025-4004-4950-90E0-48AC37D3E130}" = dir=in | name=onenote |
"{7C5C315C-1D62-458F-AC3D-400DCF8D1CE9}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{7C92BBD7-A08C-48D9-A43D-C33ADDD276A5}" = dir=in | name=microsoft minesweeper |
"{7CB4AB49-A24A-4F3F-8F38-BC7ABF842F4A}" = dir=out | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{7D5E0FE4-7FEC-44B4-A989-E4768CF42D85}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{7D9F986C-F701-48D2-8273-45BB0E9282A8}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoftandroiddaemon.exe |
"{7E8785CB-FD10-4078-B8B9-2A4D5ADD5664}" = dir=out | name=print 3d |
"{8015C12B-A4EF-44D3-8DBB-C0A649D49742}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{81751622-17D7-4F73-969F-8EF83D605732}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{839E9D4D-8BA9-4B58-B362-5856067C6DCC}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{83D1B717-70E5-4DF4-9E48-8B17A3221149}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{8467E936-93FB-4465-996C-CF8C31F6D42F}" = dir=out | name=@{microsoft.mspaint_3.1712.7027.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{8571037A-DB7E-4A63-A9F3-1ECAECC6C333}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{868C310D-BB5D-405F-B9E8-DCBE6744F5FE}" = dir=in | name=microsoft solitaire collection |
"{8728778E-FE58-445A-8EC4-B9D809D79463}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{87711C61-000F-49A1-B37D-F52F8F580D98}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{87A7A778-9C04-4362-B828-C72572432FD8}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{87B05A42-1BC6-4926-9421-6EDA6E385276}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{883401B8-5A09-42FB-BF04-0AD8E7AF4336}" = protocol=17 | dir=out | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{8895F7C8-62B0-4EA5-872F-0A5EB9425A89}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{894E8397-F80E-4840-88AC-B115BCB14ADF}" = dir=out | name=twitter |
"{897902B7-6FA2-46DF-B419-7B3A9671B2FE}" = dir=in | app=c:\users\taiga\appdata\local\microsoft\skydrive\skydrive.exe |
"{89D10465-701C-483D-AAAD-B433585F7BD4}" = dir=out | name=wikipedia |
"{8A07F428-A770-4100-ADC7-7CAFEE8D7A68}" = dir=out | name=@{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{8A3118C7-2972-45A8-BD26-6C6D22C537FD}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8AFE8B46-7C14-455B-962F-69FCCE2A037B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{8CFA3DE8-660A-4344-81E5-663FC46A8854}" = dir=in | name=@{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{8D95F247-6618-4865-AECB-67F19B2AC245}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{8DEA9FC1-8D76-4875-B905-99BCE89349F7}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{8F20A0C3-F6F9-47F8-97A0-A87D4C6B9774}" = dir=in | name=@{microsoft.bingfinance_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{90FAAD26-E875-47AF-921C-176D7E01A75F}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1704.1603.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{921EEAFE-A782-4C8D-A8B1-6E0CCE5A9106}" = dir=out | name=@{microsoft.windows.photos_17.425.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{92BD383D-1AEE-405F-9704-65101D003FF6}" = dir=out | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{934DA8A6-AD4D-47D5-A56A-15DC256762E7}" = dir=out | name=taptiles |
"{937A79B9-4806-4520-A7ED-E75A55909877}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{94D2864A-ABD2-4CCC-8D8F-92FA1399D115}" = dir=out | name=@{microsoft.bingsports_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{9577CB85-6242-44AB-8DE8-A43D7835B495}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\ios recorder.exe |
"{960045F1-A5F5-4105-A5FD-941BA6148DD2}" = dir=out | name=@{microsoft.windowsmaps_5.1703.762.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |

Extras 2/2



"{962B2F24-C0B2-479E-9599-E68F77C3FB2D}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{97214743-B828-4979-931B-C4A74C9BC400}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8400.40795.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{97DD7421-E927-461B-A25D-01DF0BBBB184}" = dir=out | name=@{microsoft.windows.photos_2017.39101.16720.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{98E1B076-9BAC-470E-9A14-9E8E3C836DD0}" = dir=in | name=@{microsoft.zunemusic_10.17032.10331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9908BC99-D729-4051-B6B5-AE3A0D192B04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{996A46D8-6670-421B-88D5-C767C683CC00}" = dir=out | name=@{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{998EE122-8771-4B9B-8780-6F71B481B482}" = dir=out | name=@{microsoft.zunevideo_10.17112.13411.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{9A1E140A-C5FC-4994-96F5-0EDA655172A3}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A26F7F0-B7D6-4D24-A917-A7926A64AF12}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.1358_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{9A549124-B60F-4FB0-97A4-63C65F3643A4}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.1358_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{9AF5E3A1-A71B-49C2-BD6A-F94E8E8D157A}" = dir=out | name=windows_ie_ac_001 |
"{9B678560-18DA-43DC-A9FC-13553744C1D5}" = dir=out | name=楽天gateway |
"{9BDA1311-5C72-4427-A134-CBA49522BAF0}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{9BF3CB85-E206-4F20-83A7-5EC8C5BFB2F9}" = dir=out | name=onenote |
"{9CAFD462-0DE3-442E-8A3A-6EF23AEBA1BC}" = dir=out | name=@{microsoft.zunemusic_10.17032.10331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9CB7A5FD-79CA-4E98-80F5-5F795E73F171}" = dir=out | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9D5039D8-FD03-486A-AB78-6BADC4A9D51E}" = protocol=6 | dir=in | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{9D95EC11-F955-4A33-B968-16FB4FBA460B}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{9E8DCA0B-2A72-455A-9CAF-5AF132EBCE38}" = dir=out | name=@{microsoft.windowsmaps_5.1705.1391.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{A110F965-DF28-44C0-80A3-09FC9A6726A8}" = dir=out | name=taptiles |
"{A15B3406-D239-416E-BF39-B0DE353F7EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A2CA8D98-DE9E-4DD0-B9AE-AECA1D92B8A7}" = dir=in | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{A3439CFD-DD8F-4BE8-B8B9-73ECFAA3D342}" = dir=in | name=@{microsoft.skypeapp_11.17.420.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{A355D1F1-A897-401C-A202-AC7F1461A9C8}" = dir=in | name=taptiles |
"{A47C5D17-0F12-4BBB-B61F-FBE8992C41B1}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{A487A050-B91C-48EA-92F4-90790809C835}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{A50FE10A-D883-467F-ABDB-6D32E0205D46}" = dir=out | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{A52F9346-CB9B-4633-B533-E3FCBEA05C13}" = dir=out | name=@{microsoft.3dbuilder_14.1.1302.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{A5D53E9C-DEA9-43D0-B105-20FC0EEA1074}" = dir=out | name=store purchase app |
"{A68CBFC3-E4CA-459C-9AC3-2AEFD9C3CD9A}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{A6C56EFE-EECA-4B5F-BD74-564172D9E4EE}" = dir=out | name=@{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A72A6B17-690F-44BF-86DF-A53BFF8E9FE4}" = dir=out | name=microsoft sticky notes |
"{A7BEAF1C-ACA6-46F0-8787-AEB26B77D59A}" = dir=out | name=windows_ie_ac_001 |
"{A85916EA-E1C8-4FAC-90F6-27D298F2211B}" = dir=out | name=xbox |
"{A8CD2215-C06F-49EB-A0E8-A1516F903022}" = dir=out | name=@{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A95D7710-9D8E-42DF-B6F7-D4AFB170B12C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{A9D37324-E7B1-4D4C-A71B-2C9E4E46A3C3}" = dir=out | name=楽天gateway |
"{AADEBBB9-A90C-4103-BE94-C9E7F389EF02}" = dir=in | name=vaio care |
"{ABA69869-395D-428E-8403-CC71452CA606}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{AC510945-B5C5-41B2-9042-DD0227A95955}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{AC9C5C43-4A43-49BA-8B9E-6AD5A580E119}" = dir=out | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{AE2B041C-9503-4954-816B-A5D64C86430D}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{AF09A243-B45E-46E4-AFC7-712B2FF5106B}" = dir=out | name=shell input application |
"{B0088545-4DE9-4647-B8DC-F11830419DCE}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{B025DB01-EF31-4F94-AEFF-8AD18B7B7C02}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{B039D1A9-771F-4444-A2EB-ECD494706745}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{B07A9A7C-DD30-4DFD-BA75-88E130EA1DAF}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\java.exe |
"{B1235898-BB74-47BC-BCCC-7B7004B0E098}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B1487B78-F11F-43C4-8AE0-B7DA46B252F9}" = dir=in | name=xbox |
"{B1681FCA-0451-41A0-B466-5245B5F982D4}" = dir=in | name=vaio care |
"{B1CE21C5-6FE1-4E32-A7A7-B981BC059A94}" = dir=out | name=microsoft pay |
"{B1D9D473-86AB-4F42-A685-E3D8F4193CEC}" = dir=out | name=vaio care |
"{B1FDD910-24DD-47B8-9B4B-3483D7FDFE89}" = dir=out | name=skype |
"{B215DF57-69E8-4470-9C69-C4F932C6FA0F}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{B2EB4C31-D31A-4088-A0B5-DB949738C7AD}" = dir=out | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B31FDDAC-45D1-419B-980E-C231B32B22DB}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{B34FF90B-5580-404C-8805-8B7F17C4E7D1}" = protocol=6 | dir=out | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{B37F76C8-BE97-4BAE-8052-5DCAF823457B}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B4391045-0DA5-4621-B3C2-D9D5E64A16BB}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B495F565-D018-446C-AC2A-743C87CEB4B7}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{B4A2E775-0EBB-4123-9312-8D59C61AD311}" = dir=in | name=@{microsoft.messaging_3.34.25004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{B4B56EDF-4AC0-4A6E-BAC3-C83CB69A152A}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{B5C908F0-0A5C-4E2F-AF3B-1290267C37C3}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{B5DFB0B9-E59B-4DFC-BEC8-410FF712AD16}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8827.21595.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{B6493CCF-1BB4-481F-9564-16AECC6071BE}" = dir=out | name=store purchase app |
"{B776D5F4-27D2-425C-8788-5DA1FEA3511D}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{B78C7C9A-C717-4B99-A4CE-9913FC0E4680}" = dir=in | name=@{microsoft.skypeapp_11.14.675.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{BA001D07-F13E-4A7B-8198-9468F86BD527}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{BA0CBD79-01A7-42F6-9FF2-FD022927E5C8}" = dir=out | name=onenote |
"{BA58A59D-CC39-497F-97BC-A7FD0EF6280E}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BA7F7C51-F471-4935-9AC5-F0C3E89A64F1}" = dir=out | name=@{microsoft.people_10.2.1451.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{BC640D06-EBD9-4863-9220-9A3A7656E9CB}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{BD9AC050-E715-4C53-A607-C60B55BB7815}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{BE281E01-E993-4C7B-A28F-26CBFBA42356}" = dir=in | name=skype |
"{BE85B915-E4A3-4CD9-8281-434A5C0834C7}" = dir=out | name=@{microsoft.oneconnect_3.1710.3044.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{BF29D1E6-4F71-42F8-86FA-03B03415FA9A}" = dir=out | name=@{microsoft.getstarted_6.7.3462.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C00A1D1C-899E-4E35-9A3A-56BC19EFC0F2}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C08B541A-EABB-4B2C-A0E1-2B3E4455FC42}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C156442A-8D46-49B7-BDA4-E98F41B240C0}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{C4F528EF-427B-40B9-903B-A71B36E2A154}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C608C25B-DD60-46DB-AA56-21E1DB41AC95}" = dir=out | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C6550583-E7EB-4322-8DF7-19B8F9058E3A}" = dir=out | name=@{microsoft.windowscalculator_10.1712.3351.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{C6F2F639-B758-4F2C-A315-FA18A18A0B2D}" = dir=in | app=%systemroot%\system32\alg.exe |
"{C71AA126-5A5C-4026-B831-EA97D1C81F92}" = dir=out | name=@{microsoft.windowsstore_11712.1001.13.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C76FDCC8-890D-4C81-A5C5-7A2F39EAF335}" = dir=out | name=@{microsoft.bingsports_4.22.3254.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{C7CA75A5-A0ED-49C4-9EFE-1F6AB4C4804C}" = dir=out | name=ヤフオク! (v) |
"{C7E7F8F7-7254-421B-8586-D2652FE49F1E}" = dir=out | name=@{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{C98414BC-87A3-4B8C-A3C9-247B994E0BF2}" = dir=out | name=@{microsoft.bingfinance_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{C9D41AEE-10CA-4E54-9AE3-DD946537F2F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C9FA5810-3321-4158-961B-13A153B4B93A}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{CA2DA6F9-4F35-42D3-B3AF-AA072A267522}" = dir=in | name=@{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{CAA1B0E8-62DD-48EB-BF6A-DC6414B5CFB4}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{CAF202B5-1018-4230-9096-62BD29A78607}" = dir=out | name=@{microsoft.people_10.2.1451.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{CBAEC8AC-BC3C-40E1-A799-12DF07D0E341}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{CE1721F4-980A-4A92-B3E3-1148E0EAC93C}" = dir=in | name=microsoft minesweeper |
"{CE864185-A1F3-4F60-B839-DC826BA50A54}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{CED6E800-D78F-4F6E-8995-090438EB262E}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.16299.125_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{CF96C3F0-8CDD-42D8-B5FC-583FCBB4664D}" = dir=in | name=microsoft solitaire collection |
"{D01E5DA4-9952-42E0-936A-151542C2211E}" = dir=out | name=3d builder |
"{D02383E9-4C5F-493C-97B8-63F2222BEBAB}" = dir=out | name=@{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{D1028D80-3A9E-4A8E-85BD-1E0D265BE9B5}" = dir=out | name=@{microsoft.bingfinance_4.21.1434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{D188DBBE-82A7-48F3-A87F-DE7025B453E5}" = dir=out | name=楽天gateway |
"{D1A84548-6ED6-442A-B44A-82824E177CF6}" = dir=out | name=@{microsoft.zunevideo_10.17022.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D1C43B95-AF8B-4F4C-9254-82F2A4F4D85B}" = dir=in | name=taptiles |
"{D1C69792-6BCA-4794-A94C-EDABD8C00EEB}" = dir=out | name=xbox tcui |
"{D1D76FB6-D36E-407F-A326-37B234924E90}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{D2B12C17-86D6-4FDB-B1CC-E4CC4A703EF1}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{D2EEFFEC-DA7A-4EC8-9AC5-624F2609A2FD}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{D300340C-60A8-4D19-A6BE-2A1A41C9A576}" = dir=in | name=@{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{D37C4896-BBC5-44EC-B518-3607EC5AE138}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D4C98201-61A7-4B0B-B6B0-7AB8B847825D}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{D4F9C849-517D-44BF-8BA1-1C124BE821B7}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{D5A68DE9-616A-4BD6-8986-C4038544DB3F}" = protocol=6 | dir=in | app=c:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe |
"{D5BC7854-28D2-4340-8BC3-C5610055C8A0}" = dir=in | name=xbox |
"{D746C94D-706E-435A-B028-81A00946A472}" = protocol=6 | dir=in | app=c:\users\taiga\appdata\roaming\utorrent\utorrent.exe |
"{D8F848A3-7468-4A81-9D9C-4791CF44B6D8}" = dir=in | name=sway |
"{D9BCE6B7-BFEC-4772-AA5A-AEA95BB09212}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{DB81401B-39D6-49CE-85E0-F3E4723D7154}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{DE09E3AB-E5D7-4117-8C5A-F7928B0DC453}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DF581F34-A645-4B43-AA07-F1F883CE67F0}" = protocol=6 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"{DF761465-27BB-4E89-897D-2CA5F739CEFC}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{E139EC50-3C4A-44C5-BBB7-C522D1A2FBF9}" = dir=in | name=@{microsoft.windows.photos_17.313.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{E1648B48-4926-49FC-B042-2649E0BBA410}" = dir=out | name=ヤフオク! (v) |
"{E2354472-3E41-4CB9-85E8-CFDFEEAC1016}" = dir=out | name=xbox game bar |
"{E3D60A86-5781-4292-887F-F73D44A440C7}" = dir=out | name=wordament |
"{E4824A2A-CD9C-42D9-BBE9-8E2B93F2D832}" = dir=in | name=onenote |
"{E5157D08-EA9F-4D75-88D2-603A280A64ED}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{E53BAACB-AE07-45C0-95E3-F3A01128E8E3}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E63F9060-83E8-4307-A38D-6E00CD549E9C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E676AA91-B1C7-443E-95D1-EE566C1AB95D}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{E6FD2209-03B4-41BB-8EBC-E7252E6055F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{E9478A26-2FC4-4A40-AE9E-4A61FC13DCC1}" = dir=out | name=@{microsoft.skypeapp_11.17.420.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{EB835308-A6C1-4031-97A1-917BA374F6E7}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{EC233940-32BD-4CDA-A6DD-45ED23C0045D}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC879751-F779-4487-834F-56A337286E68}" = dir=in | name=@{microsoft.oneconnect_3.1710.3044.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{ED7E15C8-1D86-450B-B0E3-0AA203800D1D}" = dir=out | name=@{microsoft.gethelp_10.1706.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{EE669D55-AC00-4C4D-8ADB-31AA5F0574BA}" = dir=out | name=sony select |
"{EF3543FE-5DEF-4BB9-BB27-A23E986416F8}" = dir=out | name=microsoft minesweeper |
"{EF5DD158-0BFD-4A4A-AE0A-D272EF31D301}" = dir=out | name=microsoft solitaire collection |
"{EF637613-83BF-411C-877E-8F99B25FD242}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{EF6A865B-A558-44C2-80EE-9F0CE6AA12FC}" = dir=in | name=@{microsoft.windows.photos_2017.39101.16720.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F070F0D4-559E-43B7-93FA-7445AF1476C1}" = dir=out | name=@{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F0726B41-230C-4390-8CF2-E2034610D280}" = dir=out | name=xbox |
"{F3A7B093-90AB-426A-BF87-5B9478D895A3}" = dir=in | name=@{microsoft.ppiprojection_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{F3D62F1A-6DB5-4EE5-B584-9D6A4F194749}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{F3EFB46D-BD8A-4C0D-9DA8-2FC99E97418D}" = dir=out | name=ヤフオク! (v) |
"{F5605009-6ED8-4DA7-A9DB-8072492707CA}" = dir=out | name=@{microsoft.people_10.3.3472.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{F5CD6751-E18C-4107-9FE6-8DF00AB8A359}" = dir=in | name=microsoft minesweeper |
"{F6839632-BEBB-4E80-86D4-C59297FB7B52}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{F7447074-127B-4573-A2FE-600894E64C78}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{FB133AE8-DE6C-4BD5-89B1-AC96459DA633}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{FBBEC721-B4C8-4B5D-9668-EF3FAC7F46CA}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{FC292863-FCCE-4E7B-A950-B2B78E9DB4D9}" = dir=out | name=@{microsoft.bingfinance_4.22.3254.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{FC9E4ABF-E99D-420C-BDE8-C5AA87C0EA40}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"{FD4D17A4-D992-439F-A520-0DC9DA4B706A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{FEBFBE64-1C97-4686-A158-EA09CE6D4EA2}" = dir=in | name=@{microsoft.skypeapp_12.13.274.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"TCP Query User{0C3FC6EC-13B6-4D6B-B75B-ED029CCC0BF8}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe |
"TCP Query User{174AC369-605D-4442-A934-C16471432A89}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{1DD7DECA-A45F-475A-A01F-25DA3B14D3FF}C:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe" = protocol=6 | dir=in | app=c:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe |
"TCP Query User{3CC8F4A8-2830-4DC7-B71B-2F389D6D2FF4}C:\program files (x86)\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"TCP Query User{6681C7F3-17D1-4F7A-8478-13CA5781D66D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{88E7E90B-D662-4735-BDE0-21EFC7EC7014}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe |
"TCP Query User{8E24DE10-0850-40F7-ACB6-F231A84AE4F3}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"TCP Query User{C12470C1-9F8E-4BBF-8E11-763D7F0A4934}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{CDBC39CA-6682-400D-AC61-E426A8A508E2}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\java.exe |
"TCP Query User{F0A001CA-6FAB-415C-90EF-279A8AF09187}C:\program files (x86)\airdroid\airdroid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\airdroid\airdroid.exe |
"UDP Query User{0743A5E4-B9EA-4880-B5DD-78FC4F7C9E28}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe |
"UDP Query User{7DAACCF9-0EB3-4593-8A44-53D16BDE947F}C:\program files (x86)\airdroid\airdroid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\airdroid\airdroid.exe |
"UDP Query User{8218DDF3-6E0B-41E2-B9F5-CBD6814C47F7}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\java.exe |
"UDP Query User{9AEE6832-C86A-4A60-B59B-FFA3307EF87F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{AC21158B-93C0-4AD2-8DA7-BC237835D91A}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{AE4F8801-36E3-4CD3-B9FA-FD47D5900E81}C:\program files (x86)\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"UDP Query User{B45E086A-2ACE-4937-AD58-3FCDCA466499}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe |
"UDP Query User{CB371364-C2AC-483F-A1DD-4A05B9037C4B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"UDP Query User{DE83A760-7D1C-4753-ACA6-E986606D6582}C:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe" = protocol=17 | dir=in | app=c:\users\taiga\desktop\フォルダ\minecraft\upnpcj132\upnpcj.exe |
"UDP Query User{FCEB42D8-9307-4559-B3D4-63E5154C7DFD}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{15B9204E-BA09-485E-8F2C-094AC0077664}" = VAIO のリカバリー機能
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1C22618A-FEFA-4F20-B67D-F1311E6804AC}" = VAIO Care
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FF96170-0BC8-11E5-8968-F04DA23A5C58}" = Vegas Pro 13.0 (64-bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}" = MSVCRT Redists
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}" = VCCx64
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{6CB0C0FC-4F27-43F5-84CC-ABC231F045C4}" = AVG 2014
"{81922150-317E-4BB0-A31D-FF1C14F707C5}" = Inkscape 0.91
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}" = VUx64
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D593042C-8739-488D-93B8-E6B202013E57}" = Blender
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EA9602E3-0184-45B9-9E15-028776CD7A6E}" = Oracle VM VirtualBox 5.2.6
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{F43D5365-6E1C-4A2B-BE51-E16D9554FB1D}" = 7-Zip
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"0B624A43DD66DBF5CF3EDFA9741A364E688062A4" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"8461-7759-5462-8226" = Vuze
"CCleaner" = CCleaner
"CLaunch" = CLaunch
"LameACM" = Lame ACM MP3 Codec
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"SteelSeries Engine 3" = SteelSeries Engine 3.8.3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{024D6C9E-4775-421D-B0D0-D4F123687778}" = Windows Live Essentials
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{06FE7581-2E5E-4B24-9350-535C650F18D0}" = IE Tab Helper
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0A661901-E66D-4329-8B5B-BD4CD55FD430}" = 筆ぐるめ Ver.19
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{191D046B-B257-2FAF-F391-00D88ACBB9E3}" = NNDD
"{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}" = Minecraft
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{26A24AE4-039D-4CA4-87B4-2F32180161F0}" = Java 8 Update 161
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype(TM) 7.33
"{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}" = PhotoWizard
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F1A81BF-154E-40EE-987B-159E81D25BF7}" = VAIO の製品登録 (無料)
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{52D7E962-5F17-4D7E-858F-956EB09A5CB8}" = Windows Live Writer
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO データリストアツール
"{57FC95C5-B741-469C-8607-B39CEC423824}" = UpdateAdmin
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO お引越サポート
"{5E848897-1113-49FE-8FCE-D4BF39EDE254}" = Windows Live UX Platform Language Pack
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6B1BB7E3-CF20-4842-B1FE-42C251B95E98}" = Windows Live Messenger
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO の設定
"{8EA12696-D38C-44DD-96E5-12C8DF6F8230}" = Windows Live Writer Resources
"{90140000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2010
"{90140000-0018-0411-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Japanese) 2010
"{90140000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2010
"{90140000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2010
"{90140000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2010
"{90140000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2010
"{90140000-00A1-0411-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Japanese) 2010
"{91140000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Essentials 2010
"{95140000-007A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}" = Movie Maker
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}" = VCCx86
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO CPU Fan診断ツール
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{c6cd0a9e-8ba8-440c-bfc2-300b5bbad464}" = osu!
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO マニュアル
"{C8FEB019-F2E1-4E8F-886E-AB5C68FE531C}" = Windows Live メール
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}" = VUx86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}" = フォト ギャラリー
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}" = XperiaLinkx86
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E04A40-3EA7-42F8-B7CC-B6E7A39DC150}" = Adobe AIR
"{F3BB7E2D-62E0-4008-8727-588EDC274C25}" = Photo Common
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"4K Video Downloader_is1" = 4K Video Downloader 3.8
"7-Zip 9.2.0" = 7-Zip
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 28 NPAPI
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"Moo0 VoiceRecorder" = Moo0 ボイス録音器 1.43
"Neffy" = Neffy 1,2,5,0
"Office14.EssentialsR" = Microsoft Office 2010
"org.mineap.nndd" = NNDD
"Pmang" = Pmangインストールマネージャー
"Pmang_AVA" = Alliance of Valiant Arms
"Pmang_common" = Common
"Razer Surround" = Razer Surround
"SnapCrab for Windows_is1" = SnapCrab for Windows 1.1.1
"Steam" = Steam
"Steam App 105600" = Terraria
"Steam App 391540" = Undertale
"Steam App 550" = Left 4 Dead 2
"Steam App 730" = Counter-Strike: Global Offensive
"SuddenAttack" = サドンアタック
"WinLiveSuite" = Windows Live Essentials
"クロスファイア" = クロスファイア
"ヒーローズインザスカイ・パトリオット" = ヒーローズインザスカイ・パトリオット

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2018/01/21 1:30:08 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/21 1:31:32 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy+CortanaUI
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/22 8:51:58 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/22 21:37:58 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/22 21:41:20 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy+CortanaUI
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/22 22:45:37 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/23 3:04:12 | Computer Name = VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.SecHealthUI_10.0.16299.15_neutral__cw5n1h2txyewy+SecHealthUI
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2018/01/24 4:28:31 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Explorer.EXE、バージョン: 10.0.16299.192、タイム スタンプ: 0x494a4408
障害が発生しているモジュール名:
twinui.pcshell.dll、バージョン: 10.0.16299.64、タイム スタンプ: 0xb927010b 例外コード: 0xc0000005 障害オフセット:
0x0000000000123494 障害が発生しているプロセス ID: 0x186b8 障害が発生しているアプリケーションの開始時刻: 0x01d394ed12ed6263
障害が発生しているアプリケーション
パス: C:\WINDOWS\Explorer.EXE 障害が発生しているモジュール パス: C:\WINDOWS\system32\twinui.pcshell.dll
レポート
ID: cbdbc719-e008-4770-9492-7e5141c9c81d 障害が発生しているパッケージの完全な名前: ? 障害が発生しているパッケージに関連するアプリケーション
ID: ?

Error - 2018/01/25 7:37:11 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MicrosoftEdgeCP.exe、バージョン: 11.0.16299.15、タイム スタンプ:
0x59cda7cd 障害が発生しているモジュール名: DWrite.dll、バージョン: 10.0.16299.15、タイム スタンプ: 0x6f46a78e
例外コード:
0xcfffffff 障害オフセット: 0x0000000000020955 障害が発生しているプロセス ID: 0x23e74 障害が発生しているアプリケーションの開始時刻:
0x01d395d0b3ceb4a8 障害が発生しているアプリケーション パス: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\DWrite.dll レポート ID: b59fc55d-ecaf-40e3-80b3-736287b92b99
障害が発生しているパッケージの完全な名前:
Microsoft.MicrosoftEdge_41.16299.15.0_neutral__8wekyb3d8bbwe 障害が発生しているパッケージに関連するアプリケーション
ID: ContentProcess

Error - 2018/01/26 3:26:07 | Computer Name = VAIO | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 2018/01/25 8:16:48 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:16:48 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:16:48 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:16:53 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:16:55 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:16:55 | Computer Name = VAIO | Source = DCOM | ID = 10005
Description =

Error - 2018/01/25 8:17:44 | Computer Name = VAIO | Source = Service Control Manager | ID = 7009
Description = Apple Mobile Device Service サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2018/01/25 8:17:44 | Computer Name = VAIO | Source = Service Control Manager | ID = 7000
Description = Apple Mobile Device Service サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2018/01/26 3:04:03 | Computer Name = VAIO | Source = DCOM | ID = 10016
Description =

Error - 2018/01/26 3:16:32 | Computer Name = VAIO | Source = DCOM | ID = 10016
Description =


< End of report >






以上です。


また、お時間が良ければ、回答、宜しくお願いします。

OTLの1/4と2/4がどちらも1/4のようです。
2/4がありませんので、貼り直しをお願いします。

すみません、間違いました。

OTL 2/4




DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,118,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,079,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,055,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vnvdimm.sys -- (vnvdimm)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\invdimm.sys -- (invdimm)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,037,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,015,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 001,723,288 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,357,272 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,258,592 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,123,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,103,320 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,082,840 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,896 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,520 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,130,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,103,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,091,648 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,060,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,036,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2017/01/10 11:56:40 | 000,045,928 | ---- | M] (SteelSeries ApS) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sshid.sys -- (sshid)
DRV:[b]64bit:[/b] - [2016/07/13 17:47:38 | 000,610,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2016/06/15 07:07:32 | 000,040,568 | ---- | M] (SteelSeries ApS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssdevfactory.sys -- (ssdevfactory)
DRV:[b]64bit:[/b] - [2016/05/03 23:30:46 | 003,811,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2015/12/02 04:46:03 | 000,050,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/12/02 04:46:03 | 000,038,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2015/09/04 00:39:22 | 000,384,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2015/08/21 11:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2015/05/27 11:13:24 | 000,626,888 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2015/05/27 11:13:24 | 000,042,696 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2015/05/19 10:08:44 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2015/05/13 09:11:06 | 000,039,104 | ---- | M] (Spotflux, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapSF0901.sys -- (tapSF0901)
DRV:[b]64bit:[/b] - [2015/02/09 16:17:56 | 000,040,640 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys -- (RZSURROUNDVADService)
DRV:[b]64bit:[/b] - [2015/02/05 09:24:36 | 000,037,184 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
DRV:[b]64bit:[/b] - [2014/12/30 18:35:54 | 000,177,832 | ---- | M] (Razer Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:[b]64bit:[/b] - [2014/12/30 18:35:54 | 000,039,592 | ---- | M] (Razer Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:[b]64bit:[/b] - [2014/11/18 06:37:21 | 000,129,600 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk)
DRV:[b]64bit:[/b] - [2014/10/09 00:30:28 | 000,146,944 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:[b]64bit:[/b] - [2014/09/05 20:38:59 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:[b]64bit:[/b] - [2014/09/04 11:44:24 | 000,046,136 | ---- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2014/06/09 18:49:00 | 000,032,768 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys -- (RZMAELSTROMVADService)
DRV:[b]64bit:[/b] - [2012/09/04 23:38:45 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/16 23:23:38 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/07/11 21:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/11 11:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sows.sys -- (SOWS)
DRV:[b]64bit:[/b] - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV - [2018/01/26 16:14:02 | 000,058,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{085A7D50-34B4-42D4-B4D2-01C4CFC64ECD}\MpKsl6ba7f62b.sys -- (MpKsl6ba7f62b)
DRV - [2017/09/29 22:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=106&systemid=473&v=n12521-340&apn_uid=0637170374414335&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
IE - HKLM\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=106&systemid=473&v=n12521-340&apn_uid=0637170374414335&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sony.jp/vaio/myvaio/owner/2012c.html [binary data]
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.sony.jp/vaio/myvaio/owner/2012c.html [binary data]
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 6B 15 54 CE 7C 92 D3 01 [binary data]
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes\{0BB9EB40-EEB2-4521-A2AD-2ADD2D2B4315}: "URL" = http://www.amazon.co.jp/gp/search?ie=UTF8&keywords={searchTerms}&tag=vaiosonycojp-2012q3sb-22&index=blended&linkCode=ure&creative=6339
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes\{4EBF7BF1-706F-44D0-A8DE-E8019D1D5D94}: "URL" = http://pt.afl.rakuten.co.jp/c/0d8850b6.ee703e96/_RTvaio10012203?v=2&s=1&sitem={searchTerms}
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes\{A55C714E-1217-40DC-8925-00BA21669D65}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\..\SearchScopes\{F8990F38-AB01-4397-8BFA-0E2BF142BE9D}: "URL" = http://www.hmv.co.jp/search/searchresultsutf8.asp?keyword={searchTerms}&site=iesonyvaio1
IE - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.defaultenginename: "Ask Web Search"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.search.selectedEngine: "Ask Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..keyword.URL: "http://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=D958C783-1AAD-4007-B1C6-29D38F8154A3&n=782a0750&ind=2016020304&p2=^BBQ^xdm328^LAJAJP^jp&si=COiM4LWL28oCFVWTvQodULoIRQ&searchfor="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\GameOn\Common files\nppmangsupport.dll (gameon)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\deskCutv2@gmail.com: C:\Users\taiga\AppData\Roaming\Mozilla\Firefox\Profiles\1791zhgj.default-1438839664928\extensions\deskCutv2@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\default_newtabff@gmail.com: C:\Users\taiga\AppData\Roaming\Mozilla\Firefox\Profiles\1791zhgj.default-1438839664928\extensions\default_newtabff@gmail.com

[2015/08/06 12:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\Extensions
[2018/01/03 18:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\SystemExtensionsDev
[2018/01/03 18:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\Firefox\Profiles\ojr9hedz.default\browser-extension-data
[2018/01/03 18:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\Firefox\Profiles\ojr9hedz.default\browser-extension-data\screenshots@mozilla.org
[2017/03/11 20:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\Firefox\Profiles\ojr9hedz.default\extensions
[2018/01/07 22:55:15 | 000,005,324 | ---- | M] () (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\firefox\profiles\ojr9hedz.default\features\{d3d307f4-d377-4078-921a-e8e2b35262b0}\disable-js-shared-memory@mozilla.org.xpi
[2018/01/07 22:55:15 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\yumi\AppData\Roaming\mozilla\firefox\profiles\ojr9hedz.default\features\{d3d307f4-d377-4078-921a-e8e2b35262b0}\disable-media-wmf-nv12@mozilla.org.xpi
[2018/01/07 22:40:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.4.0.9058_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab\2.5.5_0\
CHR - Extension: No name found = C:\Users\yumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2018/01/14 14:26:32 | 000,002,103 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
O1 - Hosts: 0.0.0.0 media.opencandy.com
O1 - Hosts: 0.0.0.0 cdn.opencandy.com
O1 - Hosts: 0.0.0.0 tracking.opencandy.com
O1 - Hosts: 0.0.0.0 api.opencandy.com
O1 - Hosts: 0.0.0.0 api.recommendedsw.com
O1 - Hosts: 0.0.0.0 rp.yefeneri2.com
O1 - Hosts: 0.0.0.0 os.yefeneri2.com
O1 - Hosts: 0.0.0.0 os2.yefeneri2.com
O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
O1 - Hosts: 0.0.0.0 installer.filebulldog.com
O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
O1 - Hosts: 0.0.0.0 inno.bisrv.com
O1 - Hosts: 0.0.0.0 nsis.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
O1 - Hosts: 0.0.0.0 cdn.montiera.com
O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
O1 - Hosts: 14 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-218680132-2310203875-1446431275-1004..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-218680132-2310203875-1446431275-1004..\Run: [OneDrive] C:\Users\yumi\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\taiga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CLaunch.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SafeModeBlockNonAdmins = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-218680132-2310203875-1446431275-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton File not found
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7216BF69-1FB3-438C-9A51-9DA82B676BC0} http://userimg.arario.jp/activeX/AraGameStarterW6.cab (ArarioGameStarter6 Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2c2b8259-59a7-4c1b-a02c-26c660f7fadd}: DhcpNameServer = 82.163.143.176
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77445fc4-f2a1-4b48-b32f-fae6a988853c}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{a9355d27-7bf0-4998-a9f4-7fb6194bcf02}: DhcpNameServer = 82.163.143.176
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{fd2db047-ab79-4a38-b9ee-7c62c606524a}: DhcpNameServer = 82.163.143.176
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {54BDBDCB-ED26-30CA-BFFC-5B5E414C3793} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/01/26 16:06:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\yumi\Desktop\OTL.exe
[2018/01/25 21:18:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\wd
[2018/01/21 23:14:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2018/01/21 16:04:21 | 000,288,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2018/01/21 16:04:21 | 000,129,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2018/01/21 16:04:21 | 000,046,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2018/01/21 15:50:52 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Roaming\Geek Uninstaller
[2018/01/21 15:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2018/01/21 15:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2018/01/21 15:18:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2018/01/21 15:18:09 | 000,097,344 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2018/01/21 15:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2018/01/18 16:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2018/01/18 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2018/01/17 19:03:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2018/01/17 16:32:47 | 000,000,000 | ---D | C] -- C:\Users\yumi\AppData\Local\Programs
[2018/01/15 15:59:36 | 000,211,704 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\drivers\VBoxNetLwf.sys
[2018/01/15 15:59:36 | 000,200,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\drivers\VBoxNetAdp6.sys
[2018/01/14 11:33:42 | 005,845,504 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2018/01/10 14:26:54 | 000,835,576 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018/01/10 14:26:54 | 000,177,648 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2018/01/10 11:24:58 | 007,385,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018/01/10 11:24:57 | 006,479,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018/01/10 11:24:54 | 025,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018/01/10 11:24:53 | 017,159,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2018/01/10 11:24:46 | 021,754,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018/01/10 11:24:45 | 013,703,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2018/01/10 11:24:42 | 017,084,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018/01/10 11:24:30 | 004,814,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018/01/10 11:24:29 | 006,791,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018/01/10 11:24:27 | 008,605,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018/01/10 11:24:26 | 007,676,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018/01/10 11:24:26 | 006,015,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018/01/10 11:24:25 | 005,905,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2018/01/10 11:24:25 | 004,249,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018/01/10 11:24:24 | 002,717,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2018/01/10 11:24:23 | 008,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018/01/10 11:24:23 | 008,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018/01/10 11:24:23 | 003,186,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2018/01/10 11:24:17 | 007,831,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2018/01/10 11:24:16 | 003,165,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018/01/10 11:24:15 | 007,545,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018/01/10 11:24:12 | 006,092,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018/01/10 11:24:11 | 002,596,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2018/01/10 11:24:11 | 002,465,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2018/01/10 11:24:11 | 001,694,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018/01/10 11:24:09 | 006,029,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018/01/10 11:24:09 | 001,554,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2018/01/10 11:24:08 | 013,657,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018/01/10 11:24:08 | 002,972,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018/01/10 11:24:07 | 012,687,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018/01/10 11:24:05 | 018,917,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018/01/10 11:24:04 | 003,904,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018/01/10 11:24:04 | 003,010,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018/01/10 11:24:04 | 002,446,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018/01/10 11:24:04 | 002,339,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018/01/10 11:24:01 | 004,748,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018/01/10 11:24:00 | 006,466,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018/01/10 11:24:00 | 003,668,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018/01/10 11:23:59 | 004,385,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2018/01/10 11:23:59 | 003,578,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2018/01/10 11:23:59 | 001,454,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2018/01/10 11:23:56 | 002,859,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2018/01/10 11:23:55 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2018/01/10 11:23:55 | 004,644,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018/01/10 11:23:54 | 004,772,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2018/01/10 11:23:54 | 001,148,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018/01/10 11:23:53 | 003,121,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Profiles.Gatt.dll
[2018/01/10 11:23:52 | 006,564,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018/01/10 11:23:52 | 001,261,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2018/01/10 11:23:51 | 002,633,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2018/01/10 11:23:50 | 004,481,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018/01/10 11:23:50 | 002,393,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018/01/10 11:23:50 | 001,642,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2018/01/10 11:23:50 | 001,289,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018/01/10 11:23:49 | 001,259,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018/01/10 11:23:49 | 001,167,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2018/01/10 11:23:47 | 001,463,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2018/01/10 11:23:45 | 003,485,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018/01/10 11:23:45 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2018/01/10 11:23:44 | 002,859,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018/01/10 11:23:43 | 002,905,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018/01/10 11:23:43 | 001,636,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2018/01/10 11:23:42 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2018/01/10 11:23:42 | 001,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2018/01/10 11:23:42 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2018/01/10 11:23:41 | 001,925,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2018/01/10 11:23:41 | 001,585,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018/01/10 11:23:41 | 001,432,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2018/01/10 11:23:40 | 004,592,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2018/01/10 11:23:40 | 001,488,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2018/01/10 11:23:40 | 000,823,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2018/01/10 11:23:39 | 001,490,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2018/01/10 11:23:38 | 001,507,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018/01/10 11:23:38 | 000,882,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.Internal.dll





本当に、すみませんでした。

ログを確認して色々と見えてきました。
このPCは複数の方、恐らくは旦那さんと一緒にご利用のPCだと思いますが、いかがでしょうか？
ひとまずもう1人の利用者は旦那さんであると仮定し、事実をお伝えしておきます。

旦那さんがμTorrentと言う逮捕者も出ているほどの違法ソフトウェアに手を出している模様です。
詳細は以下の総務省の解説ページをご確認ください。
http://www.soumu.go.jp/main_sosiki/joho_tsusin/security/enduser/security02/17.html
そしてそれがすべてとは言いませんが、その影響もあって旦那さんのアカウントを介して感染している模様です。
感染状況はセキュリティソフト内部にまで及んでいるようなのと、利用規約違反に該当するのもあり、リカバリ一択となります。
データについては違法性と危険性の高いものを所持していることもありますので、何が感染源となるか不明なためバックアップ等は諦めてください。
リカバリの手順としては、Shiftキーを押しながらスタートボタンにある電源から再起動をクリックします。
トラブルシューティング→このPCを初期状態に戻すから復旧が可能です。
途中設定を維持するかと聞かれますが、これは維持しないようになされてください。
そのPC内のすべてのドライブを対象として初期状態に戻す作業を行われてください。
復旧作業が終わりましたら、HJTだけで結構ですので今一度ダウンロードし、ログをご提示ください。

回答、ありがとうございます。

思っていたより、重症ですね…
詳しく調べてもらい感謝しています。
危険性等の説明も、凄く良く分かりました。
説明してもらったことは、こちらの不注意ではなく、自分自身から、危険な行為をして、
感染したと認識しています。

本当に、目が覚めた思いです…



バックアップ等も諦め、リカバリすることにします。
ちょっとリカバリを調べたのですが、結構、時間がかかるみたいですね…

あと、これは、ウイルスとは違う、質問になってしまいますが…
自分でも調べてますが、この感染したパソコンは、初期状態は、windows8 です。
で、無償期間に、windows10 にアップグレードしました。

リカバリをすると、windows8 に戻りますよね？
そこから、無償で、windows10 にアップグレード出来るのですかね？

いろいろ調べたのですが、「これっ！」と言うサイトを探せなくて‥

参考にした、サイトです

https://answers.microsoft.com/ja-jp/windows/forum/windows_10-windows_install/windows/f7a50e83-386e-47eb-ba49-3f4903832b9f?auth=1


まあ、何はともあれ、まずは、リカバリですね！
その後、Microsoft にアップグレードをしてみます。

リカバリ → windows8 → Update → HJT → windows10にアップグレード

ですかね…？


明日、リカバリしてみます。
そして、HJT のログ、掲示します。


本当に、親切で分かりやすく、丁寧な回答、複数回も、ありがとうございます。

それではそのあたりについてご説明します。
まずWindows 10への無償アップグレード期間中に1度でも無償アップグレードをしたPCは、以降何度でも無償でWindows 10へのアップグレードが可能です。
そして今回行っていただくリカバリは、Windows 8には戻らずWindows 10のままのリカバリとなります。
その手順が上記にも記載した通り、Shiftキーを押しながら再起動をクリックするものですね。
それではHJTのログをお待ちしております。

回答、ありがとうございます。

リカバリしました。

回答で、教えてもらった通り、リカバリを行いました。

ウイルスに感染している時は、kakaku.com のサイトに行くと、
怪しいポップの広告が多数出てましたが、今は出ません。

自分の認識では、ウイルスはなくなったと思ってます。

それでは、HJT のログを掲示したいと思います。


HJT


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:54:18, on 2018/01/28
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)


Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\yumi_\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\yumi_\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\yumi_\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 4422 bytes





また、お時間出来ましたら、宜しくお願い致します。

ログを確認いたしました。
マルウェアによってはリカバリ後もしぶとく生き残るものもいますが、今回はそれもなさそうです。
結局リカバリでのご案内となってしまいましたが、高い授業料と思っていただくしかありません。
それでは以下が最後のご案内となります。

まずは今回感染していたのはウイルスとなりますので、有償のセキュリティソフトを導入していればそちらのサポートが受けれたでしょう。
強要はしませんが、再発した際のセキュリティベンダーによる対応が可能になるため、有償セキュリティの導入をお勧めします。

最後の処置を行いましょう。
今回の処置は、今後の再感染を防止するための自衛措置のひとつとなります。
セキュリティソフトを起動させ、設定を開いてください。
PUP(不審なソフトウェア)の検出機能があれば、そちらを有効な状態に設定してください。
PUPの検出機能につきましては、ご利用のセキュリティソフトにより名称や設定方法が異なるため、
有料版のセキュリティソフトをご利用の場合は、セキュリティベンダーにお問い合わせいただくのが手っ取り早いでしょう。
セキュリティソフトでは、スキャンに非常に時間がかかるようになると言う理由により、
初期状態では圧縮フォルダ内はスキャンしない設定になっていることが大半です。
しかしこの機能が標準では無効になっていることを利用して、PC内に潜入するマルウェアも多いです。
セキュリティを向上させるため、スキャン設定の項目で圧縮フォルダ内もスキャンを行う設定を有効にしてください。
ヒューリスティック検知あるいはスキャンを有効にする項目があれば、そちらも有効になされてください。
レピュテーション(評価)機能を有効にする項目があれば、こちらも有効になされてください。
スキャン対象が限定されている場合、全体をスキャンするように設定変更を行ってください。
以上で最後の処置を行いますが、この最後の処置は回答者により異なるため、
ほかの回答者の方の処置案内も確認され、今後の自衛策に役立てると良いでしょう。

問題もないようですので、以下に記載する自衛を遵守しつつ、本件を解決といたしましょう。
再度感染しないように、Windows Updateを怠らない、怪しいサイトには行かない、フリーウェアは極力使わない、
P2Pファイル共有ソフトには一切手を出さないなどの「自衛」はしっかりと行ってください。
こちらの富士通のURLにもいくつか詳しく記述されていますのでご覧ください。
https://azby.fmworld.net/usage/closeup/20110629/?usagefrom=closeup
また上記でも記述いたしましたが、ほかの方の質問や回答を見て、色々なものへの対応策を身につけるのも一つの自衛です。
近年情報流出が激化しておりますが、セキュリティソフトだけではこのようなマルウェアは防げません。
セキュリティソフトは、「常に後手」であるソフトウェアです。
これは、誰かが新種ウイルスに感染し、その感染が報告されない限り、
セキュリティソフトのベンダーとしてもウイルスに対応することができないのです。
ですので、セキュリティソフトは自衛のためのサポートツールであるということを常に念頭に置き、
今回のような他人に頼らざるを得ない状況となった伏魔殿での苦い経験を今後の糧に、
ご自身のPCと真剣に向き合いつつ、有益で安全なPCライフを実現してゆきましょう。
なお自衛は今だけの話ではなく、PCを扱う限り一生行うようにしましょう。
今回使用したツールはすべて導入時の案内に沿って片付けておいてください。
それではご安全に。

回答、ありがとうございました。

何日にもわたり、その都度、適切な回答ありがとうございました。
全ての説明が、分かりやすくて、こちらの立場に立っての回答が凄く理解しやすかったです。

そして、今後のセキュリティソフト大事さ、自分自身から、危険なサイトに近づかない、
怪しいソフトはインストールしない‥
今回の一番は、P2Pは、利用しないことですね。

示された、サイトも拝見しました。
今回の件で、改めてPC の利用に関して、考えさせられ、初心に戻った気持ちで、PCを
利用したいと思いました。


本当に、今回は、丁寧な回答と、今後の対策、ありがとうございました。