Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-05-2017 01 Gestart door Dirk (Beheerder) op DIRK-HP (05-05-2017 18:22:28) Gestart vanaf C:\Users\Dirk\Downloads Geladen Profielen: Dirk (Beschikbare Profielen: Dirk & DefaultAppPool) Platform: Windows 10 Home Versie 1703 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (AMD) C:\Windows\System32\atiesrxx.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\ksm.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardNetworkScanner.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (AMD) C:\Windows\System32\atieclxx.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\smui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe Kon geen toegng krijgen tot proces -> sttray64.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe Kon geen toegng krijgen tot proces -> devmonsrv.exe (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSetup.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe Kon geen toegng krijgen tot proces -> obexsrv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe Kon geen toegng krijgen tot proces -> mediasrv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Microsoft Corporation) C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-24] (IDT, Inc.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1735448 2017-04-05] (BullGuard Ltd.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-24] (Renesas Electronics Corporation) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2862320180-643262072-4090738047-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-11-22] (AMD) HKU\S-1-5-21-2862320180-643262072-4090738047-1000\...\Run: [Dropbox Update] => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-2862320180-643262072-4090738047-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-02] (EasyBits Software Corp.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\amd64\FileSyncShell64.dll [2017-03-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\amd64\FileSyncShell64.dll [2017-03-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\amd64\FileSyncShell64.dll [2017-03-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-04-03] (BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-04-03] (BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-04-03] (BullGuard Ltd.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\FileSyncShell.dll [2017-03-31] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\FileSyncShell.dll [2017-03-31] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dirk\AppData\Local\Microsoft\OneDrive\17.3.6798.0207_1\FileSyncShell.dll [2017-03-31] (Microsoft Corporation) Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-14] ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{77b7e7b3-a8d1-41b2-9adb-e7d69394104b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ba4ac20c-7e5b-4e31-abbf-c6c9494309ea}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2862320180-643262072-4090738047-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/ HKU\S-1-5-21-2862320180-643262072-4090738047-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/2 URLSearchHook: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 - (Geen Naam) - {6d010537-9e99-400b-b652-b0d5a5757e5d} - Geen bestand SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {8C230407-C2F1-4E43-A28B-07CDADE0BD16} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {8C230407-C2F1-4E43-A28B-07CDADE0BD16} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> DefaultScope {9F80E9F2-E522-4590-91E4-7F527F59EC7A} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {8C230407-C2F1-4E43-A28B-07CDADE0BD16} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {9F80E9F2-E522-4590-91E4-7F527F59EC7A} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} BHO: Virtual Keyboard Plugin -> {6E11DD15-E054-4F89-840D-CD04499407A3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17] (HP) BHO: Safe Money Plugin -> {CE5452FA-F4B3-4422-BE64-D4B1093F6DFF} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Content Blocker Plugin -> {D48EC204-5CFE-43FD-8CC9-B4BC8645CD46} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Geen Naam -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Geen bestand BHO-x32: Virtual Keyboard Plugin -> {6E11DD15-E054-4F89-840D-CD04499407A3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle Corporation) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17] (HP) BHO-x32: Safe Money Plugin -> {CE5452FA-F4B3-4422-BE64-D4B1093F6DFF} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {D48EC204-5CFE-43FD-8CC9-B4BC8645CD46} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2862320180-643262072-4090738047-1000 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ccff02.minfin.fgov.be/CCFF_Authentication/static/app-layout/signature/html/capicom.cab FireFox: ======== FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-08-30] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be FF HKLM-x32\...\Firefox\Extensions: [content_blocker_sm_AB71B8@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\content_blocker_sm@kaspersky.com FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\content_blocker_sm@kaspersky.com [2016-05-24] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_sm_94FB0D@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\virtual_keyboard_sm@kaspersky.com FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\virtual_keyboard_sm@kaspersky.com [2016-05-24] FF HKLM-x32\...\Firefox\Extensions: [online_banking_sm_D08480D@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\online_banking_sm@kaspersky.com FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\online_banking_sm@kaspersky.com [2016-05-24] FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard => niet gevonden FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand] FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_sm_AB71B8 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\content_blocker_sm@kaspersky.com [2016-05-24] () FF Plugin-x32: @kaspersky.com/online_banking_sm_D08480D -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\online_banking_sm@kaspersky.com [2016-05-24] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_sm_94FB0D -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\virtual_keyboard_sm@kaspersky.com [2016-05-24] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Geen bestand] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2862320180-643262072-4090738047-1000: vasco.com/VascoCardReaderPlugin -> C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (VASCO Data Security) FF Plugin HKU\S-1-5-21-2862320180-643262072-4090738047-1000: vasco.com/VascoCardReaderPlugin64 -> C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll [2014-10-27] (VASCO Data Security) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default [2017-05-04] CHR Extension: (Website Logon) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2014-02-25] CHR Extension: (Belfius Smart Card Reader Chrome Extensie) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi [2015-11-02] CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Weer) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2015-01-12] CHR Extension: (Offline Documenten) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (AdBlock) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-14] CHR Extension: (Kaspersky Bescherming) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\midldhlejplpmkldmickhkkhahkdnbgm [2015-07-23] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06] CHR Extension: (Chrome Media Router) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07] CHR HKLM\...\Chrome\Extension: [midldhlejplpmkldmickhkkhahkdnbgm] - hxxps://chrome.google.com/webstore/detail/midldhlejplpmkldmickhkkhahkdnbgm CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11] CHR HKLM-x32\...\Chrome\Extension: [midldhlejplpmkldmickhkkhahkdnbgm] - hxxps://chrome.google.com/webstore/detail/midldhlejplpmkldmickhkkhahkdnbgm ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S2 Advantage; C:\Program Files (x86)\Advantage 9.10\Server\ADS.EXE [2932736 2008-11-14] (iAnywhere Solutions, Inc.) [Bestand niet getekend] R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-05-24] (Andrea Electronics Corporation) [Bestand niet getekend] S2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [Bestand niet getekend] S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [Bestand niet getekend] S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [Bestand niet getekend] R3 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [1551128 2017-04-03] (BullGuard Ltd.) R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [707864 2017-04-03] (BullGuard Ltd.) R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [185112 2017-04-03] (BullGuard Ltd.) R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [487704 2017-04-03] (BullGuard Ltd.) R2 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [822040 2017-04-03] (BullGuard Ltd.) R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll [5710616 2017-04-03] (BullGuard Ltd.) R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [661784 2017-04-03] (BullGuard Ltd.) R2 BsNetworkScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardNetworkScanner.exe [447256 2017-04-03] (BullGuard Ltd.) R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [317720 2017-04-03] (BullGuard Ltd.) R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [416024 2017-04-05] (BullGuard Ltd.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [Bestand niet getekend] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-05-24] (Realsil Microelectronics Inc.) [Bestand niet getekend] R2 KSM3.5.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\ksm.exe [194000 2015-07-20] (Kaspersky Lab ZAO) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [311808 2013-05-24] (IDT, Inc.) [Bestand niet getekend] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 afw; C:\WINDOWS\system32\DRIVERS\afw.sys [52912 2015-06-15] (Agnitum Ltd.) R3 afwcore; C:\WINDOWS\System32\DRIVERS\afwcore.sys [465072 2015-06-15] (Agnitum Ltd.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.) S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows (R) Win 7 DDK provider) [Bestand niet getekend] R1 BdAgent; C:\WINDOWS\System32\DRIVERS\BdAgent.sys [174744 2016-08-31] (BullGuard Ltd.) R3 BdNet; C:\WINDOWS\system32\DRIVERS\BdNet.sys [51856 2016-01-13] (BullGuard Ltd.) R1 BdSpy; C:\WINDOWS\System32\DRIVERS\BdSpy.sys [94952 2016-01-13] (BullGuard Ltd.) S3 intelkmd; C:\WINDOWS\System32\DRIVERS\igdpmd64.sys [12228128 2011-04-15] (Intel Corporation) [Bestand niet getekend] R0 kl1sm; C:\WINDOWS\System32\DRIVERS\kl1sm.sys [478392 2016-03-21] (Kaspersky Lab ZAO) R3 klfltsm; C:\WINDOWS\system32\DRIVERS\klfltsm.sys [159960 2015-07-20] (Kaspersky Lab ZAO) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab) R1 KLIFSM; C:\WINDOWS\System32\DRIVERS\klifsm.sys [809384 2016-05-24] (Kaspersky Lab ZAO) R3 klkbdfltsm; C:\WINDOWS\system32\DRIVERS\klkbdfltsm.sys [40304 2015-07-20] (Kaspersky Lab ZAO) R1 Klwtpsm; C:\WINDOWS\System32\DRIVERS\klwtpsm.sys [99720 2016-03-21] (Kaspersky Lab ZAO) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-04] (Malwarebytes) R1 NovaShieldFilterDriver; C:\WINDOWS\System32\DRIVERS\NSKernel.sys [276144 2016-07-11] (BullGuard Ltd.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated) R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-12] (BitDefender S.R.L.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP) U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-05-05 18:22 - 2017-05-05 18:24 - 00031090 _____ C:\Users\Dirk\Downloads\FRST.txt 2017-05-05 18:22 - 2017-05-05 18:22 - 00000000 ____D C:\Users\Dirk\Downloads\FRST-OlderVersion 2017-05-05 18:20 - 2017-05-05 18:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-05-05 00:12 - 2017-05-05 00:12 - 00000000 ____D C:\Users\Dirk\AppData\Local\DBG 2017-05-05 00:08 - 2017-05-05 00:08 - 00000020 ___SH C:\Users\Dirk\ntuser.ini 2017-05-05 00:08 - 2017-05-05 00:08 - 00000000 ____D C:\Users\Dirk\AppData\Local\ConnectedDevicesPlatform 2017-05-05 00:07 - 2017-05-05 00:07 - 00000000 ____D C:\Windows.old 2017-05-05 00:06 - 2017-05-05 00:06 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 20506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 08321440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 08246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 06761048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-05 00:06 - 2017-05-05 00:06 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-05-05 00:06 - 2017-05-05 00:06 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-05-05 00:06 - 2017-05-05 00:06 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-05-05 00:06 - 2017-05-05 00:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-05-05 00:06 - 2017-05-05 00:06 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00206232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-05-05 00:06 - 2017-05-05 00:06 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-05-05 00:06 - 2017-05-05 00:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-05-05 00:06 - 2017-05-05 00:06 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-05-05 00:05 - 2017-05-05 00:13 - 00000136 _____ C:\WINDOWS\system32\config\afw_hm.conf 2017-05-05 00:05 - 2017-05-05 00:13 - 00000004 _____ C:\WINDOWS\system32\config\afw_db.conf 2017-05-05 00:02 - 2017-05-05 00:02 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-05-05 00:02 - 2017-05-05 00:02 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-05-05 00:02 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2017-05-05 00:02 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2017-05-05 00:02 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2017-05-05 00:02 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2017-05-05 00:02 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2017-05-05 00:01 - 2017-05-05 00:01 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\WINDOWS\system32\msmq 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\Program Files\MSBuild 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-05-04 23:58 - 2017-05-04 23:58 - 00000000 ____D C:\inetpub 2017-05-04 23:57 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-05-04 23:57 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-05-04 23:57 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-05-04 23:57 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-05-04 23:57 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-05-04 23:57 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-05-04 23:56 - 2017-05-04 23:58 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2017-05-04 23:56 - 2017-05-04 23:58 - 00011433 _____ C:\WINDOWS\diagerr.xml 2017-05-04 23:54 - 2017-05-04 23:55 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-05-04 23:54 - 2017-05-04 23:55 - 00003428 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2862320180-643262072-4090738047-1000Core 2017-05-04 23:54 - 2017-05-04 23:55 - 00003220 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-05-04 23:54 - 2017-05-04 23:55 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-05-04 23:54 - 2017-05-04 23:55 - 00002536 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask 2017-05-04 23:54 - 2017-05-04 23:55 - 00002422 _____ C:\WINDOWS\System32\Tasks\{35C4A475-195C-4ACE-B119-B4B7699A8714} 2017-05-04 23:54 - 2017-05-04 23:55 - 00002266 _____ C:\WINDOWS\System32\Tasks\{BA5CF717-49EE-4729-9D3D-DB7A267DBB73} 2017-05-04 23:54 - 2017-05-04 23:55 - 00002110 _____ C:\WINDOWS\System32\Tasks\{62229C33-1E13-431D-A70E-F77FCB719481} 2017-05-04 23:54 - 2017-05-04 23:54 - 00003696 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2862320180-643262072-4090738047-1000UA 2017-05-04 23:54 - 2017-05-04 23:54 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-05-04 23:54 - 2017-05-04 23:54 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-05-04 23:54 - 2017-05-04 23:54 - 00002798 _____ C:\WINDOWS\System32\Tasks\ServicePlan 2017-05-04 23:54 - 2017-05-04 23:54 - 00002762 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDirk 2017-05-04 23:54 - 2017-05-04 23:54 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-05-04 23:54 - 2017-05-04 23:54 - 00002110 _____ C:\WINDOWS\System32\Tasks\{A3A1D41A-F855-473B-B967-E1C1930568C9} 2017-05-04 23:54 - 2017-05-04 23:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-04 23:54 - 2017-05-04 23:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-05-04 23:54 - 2017-05-04 23:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2017-05-04 23:54 - 2017-05-04 23:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\BullGuard 2017-05-04 23:54 - 2011-10-28 12:49 - 00003148 _____ C:\WINDOWS\System32\Tasks\MirageAgent 2017-05-04 23:48 - 2017-05-04 23:48 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2017-05-04 23:34 - 2017-05-04 23:34 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-05-04 23:28 - 2017-05-04 23:28 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2017-05-04 23:27 - 2017-05-04 23:37 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-05-04 23:24 - 2017-05-04 23:24 - 00000000 ____D C:\ProgramData\USOShared 2017-05-04 23:23 - 2017-05-05 18:19 - 00000000 ____D C:\Users\Dirk 2017-05-04 23:23 - 2017-05-04 23:43 - 00000000 ____D C:\Users\DefaultAppPool 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Sjablonen 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Netwerkprinteromgeving 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Mijn documenten 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Menu Start 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Documents\Mijn video's 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Documents\Mijn muziek 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\Documents\Mijn afbeeldingen 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\Dirk\AppData\Local\Geschiedenis 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Sjablonen 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Netwerkprinteromgeving 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Mijn documenten 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mijn video's 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mijn muziek 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mijn afbeeldingen 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2017-05-04 23:23 - 2017-05-04 23:23 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Geschiedenis 2017-05-04 23:22 - 2017-05-05 00:08 - 02184074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-04 23:22 - 2017-05-04 23:22 - 02060664 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-05-04 23:18 - 2017-05-04 23:37 - 00000000 ____D C:\Program Files\ATI Technologies 2017-05-04 23:18 - 2017-05-04 23:28 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-04 23:18 - 2017-05-04 23:28 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2017-05-04 23:18 - 2017-05-04 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2017-05-04 23:17 - 2017-05-04 23:17 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-05-04 23:17 - 2017-05-04 23:17 - 00000000 ____D C:\Program Files\AMD 2017-05-04 23:16 - 2017-05-04 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2017-05-04 23:16 - 2017-05-04 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2017-05-04 23:16 - 2017-05-04 23:16 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-05-04 23:16 - 2017-05-04 23:16 - 00000000 ____D C:\Program Files\Synaptics 2017-05-04 23:16 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-05-04 23:14 - 2017-05-05 00:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-04 23:14 - 2017-05-04 23:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-05-04 23:13 - 2017-05-04 23:39 - 00217184 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-04 21:29 - 2017-05-05 00:08 - 00000000 ___DC C:\WINDOWS\Panther 2017-05-04 21:29 - 2017-05-04 22:10 - 00000000 ___HD C:\$WINDOWS.~BT 2017-05-04 21:03 - 2017-05-04 21:03 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\65EB7254.sys 2017-05-04 20:57 - 2017-05-04 21:03 - 00000000 ____D C:\AdwCleaner 2017-05-04 20:57 - 2017-05-04 20:57 - 04102600 _____ C:\Users\Dirk\Downloads\adwcleaner_6.046.exe 2017-05-04 20:41 - 2017-05-04 20:43 - 00003995 _____ C:\Users\Dirk\Downloads\Fixlog.txt 2017-05-04 20:41 - 2017-05-04 20:43 - 00000000 ____D C:\FRST 2017-05-04 20:40 - 2017-05-05 18:22 - 02429440 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64.exe 2017-05-04 20:40 - 2017-05-04 20:41 - 00002952 _____ C:\Users\Dirk\Downloads\fixlist.txt 2017-05-04 20:34 - 2017-05-04 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-05-04 20:34 - 2017-05-04 20:34 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-05-04 20:33 - 2017-05-04 20:34 - 00000000 ____D C:\Program Files\CCleaner 2017-05-04 20:33 - 2017-05-04 20:33 - 09390672 _____ (Piriform Ltd) C:\Users\Dirk\Downloads\ccsetup529.exe 2017-05-03 21:22 - 2017-05-03 21:22 - 03481600 _____ C:\Users\Dirk\Downloads\steekproef_afvalproducenten_PJ2016.xls 2017-05-03 21:18 - 2017-05-03 21:18 - 01519104 _____ C:\Users\Dirk\Downloads\1lijstverwerkerscampagne2016versie2.xls 2017-05-03 14:01 - 2017-05-04 23:37 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-04-28 19:47 - 2017-04-28 19:47 - 128538396 _____ C:\Users\Dirk\Downloads\wetransfer-5c604f.zip 2017-04-26 13:31 - 2017-04-26 13:31 - 00004994 _____ C:\Users\Dirk\Downloads\Afspraakbevestiging.pdf 2017-04-26 13:31 - 2017-04-26 13:31 - 00004994 _____ C:\Users\Dirk\Downloads\Afspraakbevestiging (1).pdf 2017-04-11 12:54 - 2017-05-04 21:29 - 00000036 _____ C:\WINDOWS\progress.ini 2017-04-11 12:37 - 2017-05-05 00:09 - 00000000 ____D C:\Windows10Upgrade 2017-04-11 12:37 - 2017-05-05 00:06 - 00000000 ___HD C:\$GetCurrent 2017-04-11 12:37 - 2017-04-11 12:37 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-upgradeassistent.lnk 2017-04-11 12:37 - 2017-04-11 12:37 - 00000719 _____ C:\Users\Dirk\Desktop\Windows 10-upgradeassistent.lnk 2017-04-11 12:36 - 2017-04-11 12:36 - 06581904 _____ (Microsoft Corporation) C:\Users\Dirk\Downloads\Windows10Upgrade9252.exe ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-05-05 18:26 - 2012-03-15 10:02 - 00000000 ____D C:\ProgramData\BullGuard 2017-05-05 18:25 - 2015-08-07 15:22 - 00000000 ____D C:\Users\Dirk\AppData\Local\Packages 2017-05-05 18:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-05 18:21 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-05-05 18:19 - 2015-07-20 20:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-05-05 18:19 - 2012-03-14 08:43 - 00000000 ____D C:\Users\Dirk\AppData\LocalLow\AuthenTec 2017-05-05 00:13 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-05-05 00:10 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-05 00:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-05 00:09 - 2015-08-07 15:22 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-05-05 00:08 - 2017-03-20 05:54 - 00952800 _____ C:\WINDOWS\system32\perfh013.dat 2017-05-05 00:08 - 2017-03-20 05:54 - 00210938 _____ C:\WINDOWS\system32\perfc013.dat 2017-05-05 00:07 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-05-05 00:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-05-05 00:07 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-05 00:07 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-05-05 00:02 - 2017-03-20 05:55 - 00000000 ____D C:\WINDOWS\OCR 2017-05-05 00:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache 2017-05-04 23:59 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-05-04 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-05-04 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-05-04 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-05-04 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2017-05-04 23:58 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2017-05-04 23:58 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2017-05-04 23:58 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2017-05-04 23:58 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2017-05-04 23:58 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2017-05-04 23:58 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2017-05-04 23:58 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2017-05-04 23:58 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2017-05-04 23:58 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2017-05-04 23:58 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2017-05-04 23:58 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2017-05-04 23:58 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2017-05-04 23:58 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2017-05-04 23:58 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2017-05-04 23:58 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2017-05-04 23:58 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2017-05-04 23:58 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2017-05-04 23:58 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-05-04 23:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-05-04 23:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-05-04 23:48 - 2015-08-07 15:17 - 00023076 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-05-04 23:47 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media 2017-05-04 23:46 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-05-04 23:42 - 2013-05-29 14:08 - 00002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-04 23:40 - 2015-10-17 18:36 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-05-04 23:39 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated 2017-05-04 23:37 - 2017-04-03 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard 2017-05-04 23:37 - 2017-03-28 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-05-04 23:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2017-05-04 23:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-05-04 23:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2017-05-04 23:37 - 2017-03-18 13:40 - 00262144 _____ C:\WINDOWS\system32\config\BBI 2017-05-04 23:37 - 2016-08-30 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-05-04 23:37 - 2015-10-30 20:08 - 00000000 ____D C:\WINDOWS\ShellNew 2017-05-04 23:37 - 2015-09-04 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-05-04 23:37 - 2015-07-20 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Fraud Prevention for Endpoint 2017-05-04 23:37 - 2015-03-04 21:55 - 00000000 ____D C:\WINDOWS\nl 2017-05-04 23:37 - 2014-02-06 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2017-05-04 23:37 - 2014-02-06 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOB 50 2017-05-04 23:37 - 2014-02-06 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advantage Database Server 9.10 2017-05-04 23:37 - 2013-10-09 22:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2017-05-04 23:37 - 2013-03-12 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-05-04 23:37 - 2012-03-19 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOB Software 2017-05-04 23:37 - 2012-03-14 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2017-05-04 23:37 - 2012-03-14 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2017-05-04 23:37 - 2011-10-28 12:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 2017-05-04 23:37 - 2011-10-28 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star 2017-05-04 23:37 - 2011-10-28 12:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-05-04 23:37 - 2011-09-02 19:59 - 00000000 ____D C:\WINDOWS\de 2017-05-04 23:37 - 2011-09-02 19:57 - 00000000 ____D C:\WINDOWS\fr 2017-05-04 23:37 - 2011-09-02 19:57 - 00000000 ____D C:\WINDOWS\en 2017-05-04 23:37 - 2011-09-02 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services 2017-05-04 23:37 - 2011-09-02 19:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-05-04 23:37 - 2011-09-02 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2017-05-04 23:37 - 2010-11-03 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theft Protection 2017-05-04 23:37 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-05-04 23:30 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2017-05-04 23:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2017-05-04 23:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-05-04 23:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-05-04 23:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-05-04 23:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME 2017-05-04 23:30 - 2016-02-12 21:38 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2017-05-04 23:30 - 2015-07-29 09:08 - 00000000 ____D C:\WINDOWS\SysWOW64\%Report% 2017-05-04 23:30 - 2014-07-10 13:41 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2017-05-04 23:30 - 2014-02-06 22:30 - 00000000 ____D C:\WINDOWS\SysWOW64\beidpp 2017-05-04 23:30 - 2014-01-02 21:45 - 00000000 ____D C:\WINDOWS\SysWOW64\20-20 Technologies 2017-05-04 23:30 - 2013-05-29 14:18 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2017-05-04 23:30 - 2011-09-02 19:53 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2017-05-04 23:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas 2017-05-04 23:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-05-04 23:28 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar 2017-05-04 23:28 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2017-05-04 23:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\IME 2017-05-04 23:28 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-05-04 23:28 - 2014-09-11 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-05-04 23:28 - 2013-10-09 22:03 - 00000000 ____D C:\Program Files\Windows Live 2017-05-04 23:28 - 2012-03-14 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music and Media 2017-05-04 23:28 - 2011-10-28 22:22 - 00000000 ___RD C:\Users\Public\Recorded TV 2017-05-04 23:28 - 2011-09-02 19:55 - 00000000 ____D C:\Program Files (x86)\Windows Live 2017-05-04 23:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games 2017-05-04 23:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2017-05-04 23:27 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-05-04 23:24 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-05-04 23:22 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-05-04 23:18 - 2017-03-20 05:56 - 00000000 ____D C:\WINDOWS\HoloShell 2017-05-04 23:18 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog 2017-05-04 23:18 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView 2017-05-04 23:18 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-05-04 23:17 - 2013-12-02 16:37 - 00000000 ____D C:\AMD 2017-05-04 23:17 - 2011-10-28 12:31 - 00000000 ____D C:\Intel 2017-05-04 22:39 - 2012-04-22 12:47 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-05-04 21:58 - 2015-06-18 20:30 - 00001020 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2862320180-643262072-4090738047-1000UA.job 2017-05-04 21:16 - 2016-08-30 21:51 - 00000000 ____D C:\ProgramData\Oracle 2017-05-04 21:14 - 2012-03-14 11:05 - 00000000 ____D C:\Program Files (x86)\Java 2017-05-04 21:13 - 2016-08-30 21:52 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-05-04 21:05 - 2015-08-07 15:20 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-05-03 14:01 - 2014-09-06 10:26 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox 2017-05-01 16:58 - 2015-06-18 20:30 - 00000968 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2862320180-643262072-4090738047-1000Core.job 2017-05-01 15:32 - 2012-03-14 14:58 - 00000328 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDirk.job 2017-04-27 19:52 - 2012-03-15 10:38 - 00000000 ____D C:\Users\Dirk\Documents\Marijke 2017-04-13 14:18 - 2017-03-28 22:27 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-11 22:22 - 2017-03-28 22:28 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-04-11 18:08 - 2017-03-28 22:28 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-04-11 18:08 - 2017-03-28 22:28 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-04-06 21:02 - 2013-05-29 14:08 - 00002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-05 16:06 - 2017-03-28 22:28 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys ==================== Bestanden in de root van sommige mappen ======= 2013-04-28 12:56 - 2013-04-28 12:56 - 0003584 _____ () C:\Users\Dirk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-17 18:21 - 2015-10-17 18:21 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-06-25 13:29 - 2014-06-25 13:36 - 0006931 _____ () C:\ProgramData\Install_vcredist64.log 2014-06-25 13:31 - 2014-06-25 13:36 - 0169004 _____ () C:\ProgramData\Install_vcredist64_0_vcRuntimeMinimum_x64.log 2014-06-25 13:32 - 2014-06-25 13:36 - 0210300 _____ () C:\ProgramData\Install_vcredist64_1_vcRuntimeAdditional_x64.log 2014-06-25 13:33 - 2014-06-25 13:37 - 0006856 _____ () C:\ProgramData\Install_vcredist86.log 2014-06-25 13:34 - 2014-06-25 13:37 - 0173876 _____ () C:\ProgramData\Install_vcredist86_0_vcRuntimeMinimum_x86.log 2014-06-25 13:34 - 2014-06-25 13:37 - 0230898 _____ () C:\ProgramData\Install_vcredist86_1_vcRuntimeAdditional_x86.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-05-04 23:13 ==================== Eind van FRST.txt ============================