Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 25-08-2019 Gestart door Henk (Beheerder) op TOSHIBA (TOSHIBA PORTEGE Z930) (26-08-2019 17:05:47) Gestart vanaf C:\Users\Henk\Desktop Geladen Profielen: Henk & (Beschikbare Profielen: Henk & Gast) Platform: Windows 10 Pro Versie 1803 17134.950 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Ericsson AB -> Ericsson AB) C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe (Hewlett-Packard Company) [Bestand niet getekend] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe (HP) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxTray.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Henk\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\lpksetup.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\userinit.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Sanford, L.P. -> ) C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe (Sanford, L.P.) [Bestand niet getekend] C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION -> ) C:\Program Files\TOSHIBA\Fingerprint Utility\FPDeviceService.exe (TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\WINDOWS\System32\TODDSrv.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-04-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [466224 2015-06-10] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3953344 2017-06-02] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [] => [X] HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [161976 2019-05-10] (Sanford, L.P. -> ) HKU\S-1-5-21-3957663117-963798814-2176115037-1001\Sortware\Policies\...\system: [DisableCMD] 0 HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [] => [X] HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [161976 2019-05-10] (Sanford, L.P. -> ) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\Sortware\Policies\...\system: [DisableCMD] 0 HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-03-13] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [] => [X] HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [161976 2019-05-10] (Sanford, L.P. -> ) HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\Sortware\Policies\...\system: [DisableCMD] 0 HKU\S-1-5-21-3957663117-963798814-2176115037-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453199\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA CORPORATION -> TOSHIBA) HKU\S-1-5-21-3957663117-963798814-2176115037-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453199\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{C18EAFF5-4070-4a7c-A2E3-4ACD9884CDD0}] -> C:\Program Files\TOSHIBA\Fingerprint Utility\TFPULogonProvider.dll [2012-08-02] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\Software\...\Authentication\Credential Provider Filters: [{02C929A2-4B33-47fe-8B77-D59DCD21712C}] -> C:\Program Files\TOSHIBA\Fingerprint Utility\TFPULogonProvider.dll [2012-08-02] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> %SystemRoot%\System32\RdpGroupPolicyExtension.dll Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk [2017-07-09] ShortcutTarget: OneNote 2010 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] Startup: C:\Users\TEMP.Henk-laptop.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-04-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) [Bestand niet getekend] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0199F9DB-5929-4F1B-A51E-ADAFD33F79C4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {06E2B994-4598-4248-AED1-57A07672470D} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {0A9E885F-7103-4A60-8A6D-1727DDA7D0FF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0BB88D95-BE52-448F-9C44-67C27F686B88} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {136B5D9F-610B-4EE0-BDFA-76C7C765AB44} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {1A82DCD2-5A36-4026-A5E6-85FB1A9CD834} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {201C562E-9EBD-4A43-AC06-25D7F5413B32} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-19] (Adobe Inc. -> Adobe) Task: {233C8A72-AEF5-4169-8B03-9F77679EF7D8} - System32\Tasks\{83BA68CD-790B-42E4-97CE-4F12D740931F} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.3.0.101/nl/abandoninstall?page=tsBing Task: {262A7788-A705-4FDA-9DFB-466E21962A5C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {262D54C7-D8E9-456D-B874-93E816C1F4FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {279090AB-04C1-475B-985F-7B3FACB9216B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-03-13] (Apple Inc. -> Apple Inc.) Task: {27CEAB13-4062-4C68-AB9F-C0D4AD5E2E28} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe Task: {2C3B8B8F-758C-4CC2-BE13-2B9AAFAA7104} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {31832230-B0B6-4ABF-800D-DD9F3CF93D1F} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH) Task: {31ADE0BB-E84B-4ABE-9DA9-B7DD58170013} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {31CE1287-739F-48CC-8243-446F0221A416} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {332CDA46-43AC-4DBE-8379-A21E3306D033} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {489884D4-F6BD-4594-BFF4-88FEB9347CFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4D586A46-32C0-40FA-A0A0-38788AF070D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {4E98380F-DC7B-477A-AA4B-05EAD78274BE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {51B1C815-F0E3-4A0F-8556-3BF0AFB9BDFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-15] (Google Inc -> Google Inc.) Task: {55819FEF-C1AF-4D4F-A5EF-9749405E9C02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-15] (Google Inc -> Google Inc.) Task: {55EF57F5-337D-4619-8018-2C778F094D33} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {59CA49DC-4B9D-41A8-9D34-888CD00B8DF5} - System32\Tasks\{71FD2BEE-4096-454D-9D9F-A4231F15BCC3} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/nl/abandoninstall?page=tsBing Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5C9DBB8F-1659-4FA3-9B7A-3A0EE266BC01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6121AAD7-6153-4409-86EE-18D24067CD76} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {67AF6F65-CD4B-4C5E-AE64-DF66919B4E31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6AF0AB05-64F7-49D5-AA49-3E7D5D9123DF} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {726FB1EA-A64C-407D-BBEB-08A2B21A8F5E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-19] (Adobe Inc. -> Adobe) Task: {74BC5F3A-A03B-4E97-BFFB-FA1C6E39B2BD} - System32\Tasks\{27E76538-2877-4044-AF09-C861EAC1E0B7} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://g.msn.com/1ewnlnl70/SettingsTermUse Task: {764A1873-4CE6-47DE-9378-9007BA936C0E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {770B457F-6E92-4289-AE2B-F2B8DC451493} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation) Task: {7AD80AFB-5F7C-4765-8024-711288FB9461} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {7BE61F3C-22E7-4527-A754-CBA0320E14FD} - System32\Tasks\{496167F9-718F-4559-AD6D-03E92A1F6471} => C:\windows\system32\pcalua.exe -a C:\Users\Henk\Downloads\QuickTimeInstaller.exe -d C:\Users\Henk\Downloads Task: {7F397860-9E3E-4567-90F0-D12534A7710F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {824C930E-8F2E-4CDF-AEAE-66BD3CFD16C7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {85B45F89-5925-401A-972B-F9E31B551044} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {8A0C9273-66CC-45B7-85E1-67F77E4E400B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation) Task: {8D5FBDA4-954C-4CEF-A4DF-C6A47FE29A57} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {90EF599F-0B8C-4183-B5F6-32D41F924BCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9366E91D-EDDE-452B-8045-B96726AFC270} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9C863985-7C02-446F-81EF-A58BCDD4B6A9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {9D20C084-549D-42E8-B260-24DF1C12EA6F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9F1601D4-6DA3-444E-B8B5-620949EF5B66} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software) Task: {9F504EB4-4DD6-41BE-8857-1AFEF483CD3A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation) Task: {A14AAE2A-E5C3-4340-85AC-AD5202483B6C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A41C415F-4EA0-43E8-827E-F648F6D5B7DB} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B2166B53-8F2F-48BE-9A4B-1088C1CEAC05} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {B28A1071-42B6-4997-B7F3-ED2925C88CE0} - System32\Tasks\{BAA1A2DF-4BD1-4460-B667-A24280F7D4C2} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/nl/abandoninstall?page=tsBing Task: {B41E0EED-7FAE-42E9-AD79-CDE0827710DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [134272480 2019-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {B9102415-8AC1-44AF-BA49-075D0F413048} - System32\Tasks\{B121DFBE-EC52-4C06-A5B3-F9B9BF4AB6C7} => C:\windows\system32\pcalua.exe -a "C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UKMDXQ6\hitmanpro.exe" -d C:\Users\Henk\Desktop Task: {B9CAF4B7-7DA8-485A-9F74-8633161339BC} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C18646C3-0E50-4544-860C-10B46A2CEC3C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {C557279F-163F-4A56-8614-14018E44C4A8} - System32\Tasks\{4603419C-6508-4528-A179-E1B44D72A6B0} => C:\windows\system32\pcalua.exe -a C:\Users\Henk\Downloads\JRT.exe -d C:\Users\Henk\Downloads Task: {C6ECA47D-2AC9-499C-8EDF-3BBA6D3DFC76} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {C76D808A-C0B8-416E-AB2D-2C03DCDF56FB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {C9BCB66E-9EB5-4C5D-85D7-758768FE73E1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CB2A865C-E4B2-4834-A49A-447C0247B7B2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {D1AB0543-553B-4BBA-9C96-86C8ECBF1162} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D557CFDF-97C6-4669-94C5-04021C68DCC0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D9A87197-99B9-45CB-A79B-EA35E1EE7DAE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DA34244C-D878-4A4C-80BE-25A0B7B6D4CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {DE1E86D8-E132-4B60-86ED-8FFC9FCDAE5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DFB8C052-1792-442D-A50E-F1AB263A09C3} - System32\Tasks\TOSHIBA Wireless Display Monitor => C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe [1716144 2010-12-25] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) Task: {E0C29FB6-A083-45DD-A7BF-0BC37E35CECF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E201AEB9-A7C9-4C46-B876-2551CDC649E7} - System32\Tasks\{C8F9AC27-E0DA-4480-9D2C-307EB129C8BD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.3.60.101/nl/abandoninstall?page=tsBing Task: {EA925DB0-870F-4BC5-A51E-20C97A77AE2A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {ED165A80-0EAF-413D-9EC9-C2393C0B36B3} - System32\Tasks\{BA96C80C-4E80-49BD-8D9B-E47595DA7506} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime Task: {F02E95A0-274A-43B9-AEA7-88C773247D20} - \{2E0363AA-555E-08C9-0A7C-ED1BBE288E70} -> Geen bestand <==== AANDACHT Task: {F08555EA-377A-4E58-A92C-D8AF481744E8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {F0EB72F9-4463-4F03-8FB7-471E3366F9DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F4AA4AFA-DDCC-44B5-81E2-7F09AC5AF8FD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F4BFC9A7-E94C-4B87-8A13-7AA35CF910C7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {F5A8BBE6-34AA-4020-AFF5-9D5A13EB586C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FDDB3856-FE0F-485D-95F2-665EB430245E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{11913494-3ce1-4c84-8772-1247d466fa2e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{26d862cd-d9db-4d43-a61b-e022ce7c6c3a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8d31ee84-1ee8-41e6-8de4-e80b8c08be5b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b4553c8f-acf0-4926-ba67-4f21d94e3016}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b4e14bf9-324b-4618-8f31-bdc5fd7f023f}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3957663117-963798814-2176115037-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP URLSearchHook: [S-1-5-21-3957663117-963798814-2176115037-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170455761] AANDACHT => Standaard URLSearchHook ontbreekt SearchScopes: HKLM -> {08AAFE45-5515-4EC7-AE1D-018144D3A75F} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA; SearchScopes: HKU\S-1-5-21-3957663117-963798814-2176115037-1001 -> {08AAFE45-5515-4EC7-AE1D-018144D3A75F} URL = SearchScopes: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139 -> {08AAFE45-5515-4EC7-AE1D-018144D3A75F} URL = SearchScopes: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527 -> {08AAFE45-5515-4EC7-AE1D-018144D3A75F} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: TOSHIBA Fingerprint Utility Automatic Password Input -> {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} -> C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll [2013-07-27] (TOSHIBA CORPORATION -> TOSHIBA) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-06-04] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-04] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-11-03] (TOSHIBA CORPORATION -> ) Toolbar: HKU\S-1-5-21-3957663117-963798814-2176115037-1001 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand Toolbar: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand Toolbar: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand Edge: ====== DownloadDir: C:\Users\Henk\Downloads FireFox: ======== FF DefaultProfile: gctp15j0.Standaardgebruiker-1542896586202 FF ProfilePath: C:\Users\Henk\AppData\Roaming\TomTom\HOME\Profiles\h2nshyzm.default [2017-09-24] FF ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\gctp15j0.Standaardgebruiker-1542896586202 [2019-08-26] FF Extension: (IBM Security Rapport) - C:\Users\Henk\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2019-01-17] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Avast Online Security) - C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\gctp15j0.Standaardgebruiker-1542896586202\Extensions\wrc@avast.com.xpi [2019-07-19] FF HKLM-x32\...\Firefox\Extensions: [{302BCF7B-E09E-4854-9F2F-8B2DA4EF70F9}] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin FF Extension: (TOSHIBA Fingerprint Utility Automatic Password Input) - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin [2013-04-03] [Verouderd] [niet getekend] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-19] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand] FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-19] (Adobe Inc. -> ) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Geen bestand] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Geen bestand] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Geen bestand] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Geen bestand] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-06-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-06-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-19] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-19] (Google Inc -> Google LLC) FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2013-12-03] (Verimatrix, Inc. -> Verimatrix, Inc.) [Bestand niet getekend] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3957663117-963798814-2176115037-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2013-12-03] (Verimatrix, Inc. -> Verimatrix, Inc.) [Bestand niet getekend] FF Plugin HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2013-12-03] (Verimatrix, Inc. -> Verimatrix, Inc.) [Bestand niet getekend] FF Plugin HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2013-12-03] (Verimatrix, Inc. -> Verimatrix, Inc.) [Bestand niet getekend] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default [2019-08-24] CHR Extension: (Presentaties) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-03] CHR Extension: (Documenten) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-03] CHR Extension: (Google Drive) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-03] CHR Extension: (IBM Security Rapport) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-08-23] CHR Extension: (YouTube) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-03] CHR Extension: (Bing Search Engine) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2019-08-23] CHR Extension: (Spreadsheets) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-03] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-08-23] CHR Extension: (Avira Browser Safety) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-08-23] CHR Extension: (Offline Documenten) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-04] CHR Extension: (Avast Online Security) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-23] CHR Extension: (TOSHIBA Fingerprint Utility Automatic Password Input) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\iniieblifogecdlkejbmonblijmdaiog [2018-03-03] CHR Extension: (Skype) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-03-03] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-04] CHR Extension: (Gmail) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-23] CHR Extension: (Chrome Media Router) - C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-23] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3957663117-963798814-2176115037-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453199\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iniieblifogecdlkejbmonblijmdaiog] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\ChromeAddin\ChromeAddin.crx [2012-08-22] CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.) R2 DYMOConnectPnPService; C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe [26112 2019-05-10] (Sanford, L.P.) [Bestand niet getekend] R2 FPDeviceService; C:\Program Files\TOSHIBA\Fingerprint Utility\FPDeviceService.exe [20832 2013-09-05] (TOSHIBA CORPORATION -> ) R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Bestand niet getekend] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [Bestand niet getekend] R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] (Intel Corporation -> ) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [Bestand niet getekend] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [Bestand niet getekend] R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor) S2 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2017-06-02] (Synaptics Incorporated -> Synaptics Incorporated) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-08-05] (Toshiba Europe Gmbh -> Toshiba Europe GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [655912 2011-11-18] (Ericsson AB -> Ericsson AB) S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 btmhsf; C:\WINDOWS\System32\DRIVERS\btmhsf.sys [1424184 2014-10-17] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [480744 2016-08-01] (Intel(R) INTELNPG1 -> Intel Corporation) R3 ecnssndis; C:\WINDOWS\System32\Drivers\wwuss64.sys [26664 2014-10-17] (Ericsson AB -> Ericsson AB) R3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwussf64.sys [29736 2014-10-17] (Ericsson AB -> Ericsson AB) R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-05-20] (GFI Software Development Ltd. -> GFI Software) R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-11] (Martin Malik - REALiX -> REALiX(tm)) R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2014-07-11] (Intel(R) Software -> Intel Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-26] (Malwarebytes Corporation -> Malwarebytes) R3 Mbm3CBus; C:\WINDOWS\System32\drivers\Mbm3CBus.sys [419400 2011-10-05] (MCCI Corporation -> MCCI Corporation) R3 Mbm3DevMt; C:\WINDOWS\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-10-05] (MCCI Corporation -> MCCI Corporation) R3 Mbm3mdfl; C:\WINDOWS\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-10-05] (MCCI Corporation -> MCCI Corporation) R3 Mbm3Mdm; C:\WINDOWS\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-10-05] (MCCI Corporation -> MCCI Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [125952 2014-10-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-12] (Microsoft Windows -> MediaTek Inc.) R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew01.sys [3363112 2015-07-28] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.) R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-06-05] (IBM -> IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.) R3 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [106496 2013-07-30] (Microsoft Windows Hardware Compatibility Publisher -> REDC) S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 t36wgps; C:\WINDOWS\system32\DRIVERS\t36wgps64.sys [102440 2011-10-05] (Ericsson AB -> Ericsson AB) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-08-07] (TOSHIBA CORPORATION -> Toshiba Corporation) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-27] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-27] (Microsoft Windows -> Microsoft Corporation) R3 WwanUsbServ; C:\WINDOWS\System32\drivers\WwanUsbMp64.sys [279312 2014-10-17] (Ericsson AB -> Ericsson AB) S3 cpuz143; \??\C:\Users\Henk\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== AANDACHT U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-08-26 17:05 - 2019-08-26 17:08 - 000055546 _____ C:\Users\Henk\Desktop\FRST.txt 2019-08-26 17:04 - 2019-08-26 17:04 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-08-26 17:03 - 2019-08-26 17:04 - 000000000 ____D C:\ProgramData\McInstTemp0212411566831787 2019-08-26 16:49 - 2019-08-26 17:05 - 000000000 ____D C:\FRST 2019-08-26 16:47 - 2019-08-26 16:41 - 001613312 _____ (Farbar) C:\Users\Henk\Desktop\FRST64 (2).exe 2019-08-24 09:25 - 2019-08-24 09:25 - 000001960 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-08-24 09:25 - 2019-08-24 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-08-24 09:25 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-08-24 09:25 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-08-24 09:24 - 2019-08-24 09:24 - 065084496 _____ (Malwarebytes ) C:\Users\Henk\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.12151.exe 2019-08-22 09:12 - 2019-08-22 09:13 - 000000000 ____D C:\energie 2019-08-19 16:47 - 2019-03-28 11:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2019-08-19 16:47 - 2019-03-28 11:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2019-08-19 16:47 - 2019-03-28 11:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2019-08-19 16:47 - 2019-03-28 11:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll 2019-08-19 16:47 - 2019-03-28 08:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll 2019-08-16 09:33 - 2019-08-07 14:27 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-08-16 09:33 - 2019-08-07 14:24 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-08-16 09:33 - 2019-08-07 10:09 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-08-16 09:33 - 2019-08-07 10:09 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-08-16 09:33 - 2019-08-07 10:08 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-08-16 09:33 - 2019-08-07 10:07 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2019-08-16 09:33 - 2019-08-07 09:57 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-08-16 09:33 - 2019-08-07 09:32 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-08-16 09:33 - 2019-08-07 09:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-08-16 09:33 - 2019-08-07 09:31 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-08-16 09:33 - 2019-08-07 09:31 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-08-16 09:33 - 2019-07-09 10:07 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-08-16 09:33 - 2019-07-09 09:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-08-16 09:33 - 2019-07-09 09:39 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2019-08-16 09:33 - 2019-07-09 09:37 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-08-16 09:33 - 2019-07-09 08:38 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2019-08-16 09:33 - 2019-07-09 05:29 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2019-08-16 09:33 - 2019-07-09 05:29 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys 2019-08-16 09:33 - 2019-07-09 05:20 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-08-16 09:33 - 2019-07-09 05:19 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-08-16 09:33 - 2019-07-09 05:12 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-08-16 09:33 - 2019-07-09 05:11 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-08-16 09:33 - 2019-07-09 04:53 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-08-16 09:33 - 2019-07-09 04:48 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-08-16 09:33 - 2019-07-09 04:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-08-16 09:33 - 2019-07-09 04:46 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-08-16 09:33 - 2019-07-09 04:46 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-08-16 09:32 - 2019-08-07 15:18 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2019-08-16 09:32 - 2019-08-07 15:18 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2019-08-16 09:32 - 2019-08-07 15:14 - 000303928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2019-08-16 09:32 - 2019-08-07 15:13 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-08-16 09:32 - 2019-08-07 15:13 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-08-16 09:32 - 2019-08-07 15:13 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-08-16 09:32 - 2019-08-07 15:13 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-08-16 09:32 - 2019-08-07 14:58 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-08-16 09:32 - 2019-08-07 14:58 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-08-16 09:32 - 2019-08-07 14:55 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-08-16 09:32 - 2019-08-07 14:55 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll 2019-08-16 09:32 - 2019-08-07 14:55 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2019-08-16 09:32 - 2019-08-07 14:54 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2019-08-16 09:32 - 2019-08-07 14:53 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-08-16 09:32 - 2019-08-07 14:53 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2019-08-16 09:32 - 2019-08-07 14:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll 2019-08-16 09:32 - 2019-08-07 14:52 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-08-16 09:32 - 2019-08-07 14:51 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2019-08-16 09:32 - 2019-08-07 14:43 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-08-16 09:32 - 2019-08-07 14:41 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-08-16 09:32 - 2019-08-07 14:41 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-08-16 09:32 - 2019-08-07 14:40 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-08-16 09:32 - 2019-08-07 14:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-08-16 09:32 - 2019-08-07 14:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-08-16 09:32 - 2019-08-07 14:26 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll 2019-08-16 09:32 - 2019-08-07 14:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2019-08-16 09:32 - 2019-08-07 14:25 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2019-08-16 09:32 - 2019-08-07 14:24 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-08-16 09:32 - 2019-08-07 14:24 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll 2019-08-16 09:32 - 2019-08-07 11:40 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-08-16 09:32 - 2019-08-07 10:09 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-08-16 09:32 - 2019-08-07 10:09 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-08-16 09:32 - 2019-08-07 10:09 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-08-16 09:32 - 2019-08-07 10:09 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-08-16 09:32 - 2019-08-07 10:09 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-08-16 09:32 - 2019-08-07 10:09 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-08-16 09:32 - 2019-08-07 10:09 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-08-16 09:32 - 2019-08-07 10:08 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-08-16 09:32 - 2019-08-07 10:08 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-08-16 09:32 - 2019-08-07 10:08 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-08-16 09:32 - 2019-08-07 10:08 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-08-16 09:32 - 2019-08-07 10:07 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-08-16 09:32 - 2019-08-07 10:07 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-08-16 09:32 - 2019-08-07 10:07 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-08-16 09:32 - 2019-08-07 10:07 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-08-16 09:32 - 2019-08-07 10:07 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-08-16 09:32 - 2019-08-07 10:07 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-08-16 09:32 - 2019-08-07 10:07 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-08-16 09:32 - 2019-08-07 10:07 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll 2019-08-16 09:32 - 2019-08-07 09:56 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-08-16 09:32 - 2019-08-07 09:55 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-08-16 09:32 - 2019-08-07 09:49 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-08-16 09:32 - 2019-08-07 09:47 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-08-16 09:32 - 2019-08-07 09:44 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-08-16 09:32 - 2019-08-07 09:42 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-08-16 09:32 - 2019-08-07 09:39 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-08-16 09:32 - 2019-08-07 09:38 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-08-16 09:32 - 2019-08-07 09:38 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-08-16 09:32 - 2019-08-07 09:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-08-16 09:32 - 2019-08-07 09:38 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll 2019-08-16 09:32 - 2019-08-07 09:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll 2019-08-16 09:32 - 2019-08-07 09:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll 2019-08-16 09:32 - 2019-08-07 09:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-08-16 09:32 - 2019-08-07 09:36 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-08-16 09:32 - 2019-08-07 09:36 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-08-16 09:32 - 2019-08-07 09:35 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2019-08-16 09:32 - 2019-08-07 09:35 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll 2019-08-16 09:32 - 2019-08-07 09:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-08-16 09:32 - 2019-08-07 09:33 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-08-16 09:32 - 2019-08-07 09:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll 2019-08-16 09:32 - 2019-08-07 09:33 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-08-16 09:32 - 2019-08-07 09:32 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-08-16 09:32 - 2019-08-07 09:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-08-16 09:32 - 2019-08-07 09:31 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-08-16 09:32 - 2019-08-07 09:31 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2019-08-16 09:32 - 2019-08-07 08:15 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-08-16 09:32 - 2019-07-11 08:48 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-08-16 09:32 - 2019-07-11 03:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-08-16 09:32 - 2019-07-11 03:30 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-08-16 09:32 - 2019-07-11 03:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 001627664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000827920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2019-08-16 09:32 - 2019-07-09 10:07 - 000825360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2019-08-16 09:32 - 2019-07-09 10:07 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2019-08-16 09:32 - 2019-07-09 10:04 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-08-16 09:32 - 2019-07-09 10:01 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-08-16 09:32 - 2019-07-09 10:00 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-08-16 09:32 - 2019-07-09 09:44 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-08-16 09:32 - 2019-07-09 09:44 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe 2019-08-16 09:32 - 2019-07-09 09:43 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-08-16 09:32 - 2019-07-09 09:43 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-08-16 09:32 - 2019-07-09 09:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll 2019-08-16 09:32 - 2019-07-09 09:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-08-16 09:32 - 2019-07-09 09:39 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe 2019-08-16 09:32 - 2019-07-09 09:39 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll 2019-08-16 09:32 - 2019-07-09 09:38 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-08-16 09:32 - 2019-07-09 09:37 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-08-16 09:32 - 2019-07-09 09:37 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2019-08-16 09:32 - 2019-07-09 09:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2019-08-16 09:32 - 2019-07-09 08:59 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll 2019-08-16 09:32 - 2019-07-09 08:42 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-08-16 09:32 - 2019-07-09 08:37 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2019-08-16 09:32 - 2019-07-09 05:29 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-08-16 09:32 - 2019-07-09 05:23 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-08-16 09:32 - 2019-07-09 05:23 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-08-16 09:32 - 2019-07-09 05:21 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-08-16 09:32 - 2019-07-09 05:21 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2019-08-16 09:32 - 2019-07-09 05:20 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2019-08-16 09:32 - 2019-07-09 05:20 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2019-08-16 09:32 - 2019-07-09 05:19 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2019-08-16 09:32 - 2019-07-09 05:19 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys 2019-08-16 09:32 - 2019-07-09 05:12 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-08-16 09:32 - 2019-07-09 05:12 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2019-08-16 09:32 - 2019-07-09 05:12 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2019-08-16 09:32 - 2019-07-09 05:11 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2019-08-16 09:32 - 2019-07-09 05:11 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2019-08-16 09:32 - 2019-07-09 04:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-08-16 09:32 - 2019-07-09 04:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2019-08-16 09:32 - 2019-07-09 04:55 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-08-16 09:32 - 2019-07-09 04:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll 2019-08-16 09:32 - 2019-07-09 04:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-08-16 09:32 - 2019-07-09 04:53 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-08-16 09:32 - 2019-07-09 04:52 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-08-16 09:32 - 2019-07-09 04:52 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-08-16 09:32 - 2019-07-09 04:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-08-16 09:32 - 2019-07-09 04:50 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-08-16 09:32 - 2019-07-09 04:50 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2019-08-16 09:32 - 2019-07-09 04:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2019-08-16 09:32 - 2019-07-09 04:50 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll 2019-08-16 09:32 - 2019-07-09 04:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-08-16 09:32 - 2019-07-09 04:49 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-08-16 09:32 - 2019-07-09 04:49 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-08-16 09:32 - 2019-07-09 04:49 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-08-16 09:32 - 2019-07-09 04:49 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2019-08-16 09:32 - 2019-07-09 04:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-08-16 09:32 - 2019-07-09 04:49 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-08-16 09:32 - 2019-07-09 04:49 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-08-16 09:32 - 2019-07-09 04:49 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll 2019-08-16 09:32 - 2019-07-09 04:48 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-08-16 09:32 - 2019-07-09 04:48 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2019-08-16 09:32 - 2019-07-09 04:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-08-16 09:32 - 2019-07-09 04:48 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2019-08-16 09:32 - 2019-07-09 04:48 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-08-16 09:32 - 2019-07-09 04:48 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-08-16 09:32 - 2019-07-09 04:47 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-08-16 09:32 - 2019-07-09 04:46 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-08-16 09:32 - 2019-07-09 04:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll 2019-08-16 09:32 - 2019-07-09 04:45 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-08-16 09:32 - 2019-07-09 04:45 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-08-16 09:32 - 2019-07-09 04:45 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-08-16 09:32 - 2019-07-09 04:45 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-08-16 09:32 - 2019-07-09 04:45 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2019-08-16 09:32 - 2019-07-09 04:44 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-08-16 09:32 - 2019-07-09 04:44 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-08-16 09:32 - 2019-07-09 04:44 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-08-16 09:32 - 2019-07-09 04:44 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-08-16 09:32 - 2019-07-09 04:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-08-16 09:32 - 2019-07-09 04:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-08-16 09:32 - 2019-07-09 04:44 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-08-16 09:32 - 2019-07-09 04:43 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-08-16 09:32 - 2019-07-09 04:43 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-08-16 09:32 - 2019-07-09 04:43 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-08-16 09:32 - 2019-07-09 04:43 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2019-08-16 09:32 - 2019-06-20 04:21 - 000058882 _____ C:\WINDOWS\system32\srms.dat 2019-08-16 09:10 - 2019-08-19 11:37 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-07-28 13:54 - 2019-07-28 13:54 - 000006194 _____ C:\Users\Henk\Documents\henk de vries.dymo 2019-07-28 13:51 - 2019-07-28 13:51 - 000005545 _____ C:\Users\Henk\Documents\giorgio.dymo ==================== Een maand (gewijzigd) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-08-26 17:06 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-08-26 17:05 - 2017-12-29 13:32 - 000000000 ___HD C:\Users\Henk\MicrosoftEdgeBackups 2019-08-26 17:05 - 2015-11-25 22:00 - 000000000 ___RD C:\Users\Henk\OneDrive 2019-08-26 17:04 - 2018-10-30 11:33 - 000000000 ____D C:\Program Files\McAfee 2019-08-26 17:04 - 2018-08-12 19:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-08-26 17:04 - 2017-02-19 16:01 - 000000000 ____D C:\Program Files\Common Files\McAfee 2019-08-26 17:04 - 2015-11-25 21:57 - 000000000 __SHD C:\Users\Henk\IntelGraphicsProfiles 2019-08-26 17:04 - 2012-05-08 19:52 - 000000000 ____D C:\ProgramData\McAfee 2019-08-26 17:03 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-08-26 17:03 - 2013-04-03 12:45 - 000000000 ____D C:\Program Files\Common Files\Intel 2019-08-26 16:49 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2019-08-26 11:57 - 2018-08-12 18:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-08-26 11:11 - 2018-11-22 16:23 - 000000000 ____D C:\Users\Henk\AppData\LocalLow\Mozilla 2019-08-26 09:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-08-24 09:25 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-08-24 09:25 - 2013-05-04 10:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-08-24 09:22 - 2018-11-26 15:48 - 000000000 ____D C:\Users\Henk\AppData\Local\CrashDumps 2019-08-24 09:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-08-23 09:50 - 2018-08-12 18:56 - 002006382 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-08-23 09:50 - 2018-04-12 18:02 - 000860792 _____ C:\WINDOWS\system32\perfh013.dat 2019-08-23 09:50 - 2018-04-12 18:02 - 000182132 _____ C:\WINDOWS\system32\perfc013.dat 2019-08-23 09:48 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-08-22 18:24 - 2013-04-11 08:06 - 000000000 ____D C:\Users\Henk\Documents\Outlook-bestanden 2019-08-21 14:55 - 2018-01-21 11:59 - 000000000 ____D C:\Users\Henk\Documents\FeedbackHub 2019-08-21 14:52 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-08-19 11:38 - 2018-08-12 19:10 - 000004748 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-08-19 11:38 - 2018-08-12 18:47 - 000000000 ____D C:\Users\Gast 2019-08-19 11:38 - 2016-05-09 18:34 - 000000000 ___RD C:\Users\Henk\3D Objects 2019-08-19 11:38 - 2015-11-25 21:57 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-08-19 11:37 - 2018-11-22 16:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-08-19 11:37 - 2018-08-12 18:40 - 001534384 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-08-19 11:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-08-19 11:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-08-18 16:30 - 2018-04-12 18:04 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-08-18 16:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-08-18 15:02 - 2018-11-22 16:23 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-08-16 09:31 - 2013-08-15 20:04 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-08-16 09:25 - 2013-04-03 14:57 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-08-10 13:15 - 2017-06-29 09:39 - 000000000 ____D C:\EXCEL-BEST 2019-08-09 09:47 - 2017-11-15 17:40 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-09 09:47 - 2017-11-15 17:40 - 000002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-08-06 13:21 - 2019-07-18 12:26 - 000000000 ____D C:\Users\Henk\AppData\Roaming\DYMOConnect 2019-08-06 13:13 - 2018-08-12 19:10 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3957663117-963798814-2176115037-1001 2019-08-06 13:13 - 2018-08-12 18:47 - 000002411 _____ C:\Users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-08-03 12:45 - 2017-09-11 12:40 - 000000000 ____D C:\Zoek Japan 2019-08-02 12:12 - 2018-07-12 14:44 - 000000000 ____D C:\Program Files\rempl 2019-07-28 13:39 - 2017-12-29 13:33 - 000000000 ____D C:\Users\Henk\AppData\Local\PlaceholderTileLogoFolder 2019-07-28 13:39 - 2017-12-29 13:02 - 000000000 ____D C:\Users\Henk\AppData\Local\Packages 2019-07-27 10:13 - 2018-08-12 19:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Bestanden in de root van sommige mappen ================ 2019-06-05 12:07 - 2019-06-05 12:07 - 000038450 _____ () C:\Users\Henk\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (Windows).ADR 2019-06-05 12:05 - 2019-06-05 12:05 - 000038433 _____ () C:\Users\Henk\AppData\Roaming\Door tabs gescheiden waarden (Windows).ADR 2019-06-05 12:29 - 2019-06-05 12:29 - 000038418 _____ () C:\Users\Henk\AppData\Roaming\Microsoft Excel 97-2003.ADR 2013-10-09 13:37 - 2015-05-31 13:10 - 000004608 _____ () C:\Users\Henk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-06 13:38 - 2016-02-06 13:38 - 000000731 _____ () C:\Users\Henk\AppData\Local\recently-used.xbel 2014-08-13 15:40 - 2014-08-13 15:40 - 000007618 _____ () C:\Users\Henk\AppData\Local\Resmon.ResmonCfg ==================== FCheck ================================ (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) FCheck: C:\WINDOWS\SysWOW64\gm320ain.dll [2018-03-20] <==== AANDACHT (nul byte bestand/map) ==================== SigCheck =============================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ============================