Aellion Posted July 20, 2019 ID:1323902 Share Posted July 20, 2019 Hello, Since i've updated my malewarebytes on 20/07/2019 I keep recieving pop'ups concerning "website blocked due to Trojan (monerohash.com)" I ran scans but it seems it cannot catch the file? Can anyone assist me in this one? Im unsure what to do and the popups are rather annoying.. (every 10 seconds or so..) Thanks in advance! Kind regards, Aellion PS: The Port changes rather frequently.. Link to post Share on other sites More sharing options...
kevinf80 Posted July 20, 2019 ID:1323905 Share Posted July 20, 2019 Hello Aellion and welcome to Malwarebytes, Continue with the following: Open Malwarebytes, select > "settings" > "protection tab" Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Go back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Click on the Report tab > from main interface. Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options:Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your replyText file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.htmlNote: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin.... Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323909 Share Posted July 20, 2019 Hi Kevin, Thank you for your swift reply! I am doing the actions you mentioned above. Sadly im stuck on the FRST part, it cannot get past windows defender smartscreen. Have been on google how to disable this but I cannot find a way that works for me. (my windows is in dutch) Kind regards, Aellion Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323910 Share Posted July 20, 2019 scan_report_20_07_2019.txt scan_report_AdwCleaner_20_07_2019.txt Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323911 Share Posted July 20, 2019 Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-07-2019 01 Gestart door Lordgoofox (Beheerder) op MSI (Micro-Star International Co., Ltd. GS63VR 6RF) (20-07-2019 10:23:27) Gestart vanaf C:\Users\Lordgoofox\Desktop Geladen Profielen: Lordgoofox (Beschikbare Profielen: Lordgoofox) Platform: Windows 10 Home Versie 1903 18362.239 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) () [Bestand niet getekend] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () [Bestand niet getekend] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.28.0_x64__8wekyb3d8bbwe\Calculator.exe () [Bestand niet getekend] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe () [Bestand niet getekend] C:\Windows\appdata\svchost.exe () [Bestand niet getekend] C:\Windows\appdata\winlogon.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) [Bestand niet getekend] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Lordgoofox\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe (Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\Windows\SysWOW64\MSIService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-01-19] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc -> Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [4811048 2016-09-10] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute -> ) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3375064 2017-11-21] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38840 2009-12-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640440 2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk, Inc -> Autodesk Inc.) HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc -> Autodesk, Inc.) HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\Policies\Explorer: [] HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Bestand niet getekend] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-07-13] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {05A9752C-8C81-4C2C-AC21-53A45177BBBC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-15] (Adobe Inc. -> Adobe) Task: {0A13F84E-3979-4F24-BEA4-808B974EECC1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [440544 2016-03-21] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {0A36EEC4-AD39-4C80-9E23-D5DE844B23AC} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2017-07-25] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] Task: {0A85BE1F-175A-41C4-AEBD-DE68EFDD53F6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {196E45F4-E92F-4737-A920-8236F8E52D47} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1897184 2016-03-21] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {1FD1AFD1-B072-4B84-9FD3-1BB0614F042C} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter] Task: {2CA80EC3-7229-4D5A-9D65-E0C29539ECB6} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-eli-janssen@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {2E1D789C-4EEC-44FB-98AB-2A2D53B69B03} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [440544 2016-03-21] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {3100260E-2AAF-4BA2-910B-9E1353488615} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6455064 2017-11-21] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] Task: {422AE167-2525-4822-9EF0-4467E4BB7FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {47AF212D-02FA-404B-9B55-A931B746CAA5} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2054328 2017-01-13] (A-Volute -> ) Task: {50206466-0479-4613-B249-DF20E20864FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {5281D888-D84E-4F1C-AD96-87F930767587} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-30] (Microsoft Corporation -> Microsoft Corporation) Task: {5B070300-2763-4BA4-A69E-6B6C19EA43DF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6D853AA8-F710-4AC4-BCB3-BE73F897425C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7021189C-CD5B-408B-BF54-EBE84851248A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {725787FA-133E-4DC3-8EF0-E17E6E7914E2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation) Task: {7539ED1A-669A-43F8-B67A-CCDA276B22A8} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [274432 2015-12-12] (Application) [Bestand niet getekend] Task: {76988D62-A28C-478A-93E5-0FD2C791D1A5} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [513208 2017-01-13] (A-Volute -> ) Task: {7A6287DF-A242-4AC0-A387-4BC7AD611885} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {7A9AAD5D-BF7D-4F47-8507-F318C0BC1E74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {87DA1C1A-2CC0-486C-83E7-AE5AD96F57BF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9B08BC3F-1185-49B9-8A31-81C0B284A4EF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {A112D21A-C4F5-4DA3-A93A-6B72A56655BF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A7C34F0C-52A4-483E-B213-D09D2DC170FA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B42FA8DF-61D1-4A54-AA5C-2FB937C08BCA} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {BC810C1F-6E67-4146-84C2-6C964A502597} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-30] (Microsoft Corporation -> Microsoft Corporation) Task: {BECE5E6C-78CD-469B-A7EC-DEC6A7E769A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation) Task: {C060D1AE-1899-4490-9B2A-346A65CA091A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D0832D90-41D2-443D-951A-2BF949B40E49} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {DE3169B0-D1AF-4B5E-8D6B-8CDB3DE18FD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-08-31] (Google Inc -> Google Inc.) Task: {DECB1106-A131-44AD-B07E-7101AF24E54F} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E3DEAEA2-CDA1-4404-B2B5-788918017F56} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E556AF84-0889-4E25-99D9-6EE907D745BE} - System32\Tasks\{AFB03345-6CED-4A98-ADEC-94C824F4A2F1} => C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.admin.exe" -d "C:\Riot Games\League of Legends" Task: {E64308EA-3E7C-48E9-98C2-3B4BD264FC4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7E60E7A-9177-495F-9F43-0DD5372EE3F2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {E95DA2B8-681F-4F75-9B68-41C8937751FA} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EA70D806-59BD-4A20-BC0A-9DF1E798F5CC} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute -> ) Task: {EE56950F-684D-4CC3-8980-C78692E1B3A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EF0CFC01-D390-48F5-9194-77AC72D859BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-08-31] (Google Inc -> Google Inc.) Task: {F25A3E2E-FFB5-4156-A10B-F3CC91A2DD30} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2248312 2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {F6F5B3D7-1A7E-4A4C-8B8B-FA276DC53E94} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{70224c7d-a2de-4836-a543-dc99f8787feb}: [DhcpNameServer] 213.46.228.196 62.179.104.196 Tcpip\..\Interfaces\{9aa5ef37-a474-4a29-82fb-abf00f17e738}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem15.msn.com/?pc=NMTE HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002 -> DefaultScope {20725502-9907-4802-AE09-BFB680806C28} URL = SearchScopes: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002 -> {20725502-9907-4802-AE09-BFB680806C28} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO: Geen Naam -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Geen bestand BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Geen Naam -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Geen bestand BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.6.0.142\coIEPlg.dll Geen bestand Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll Geen bestand Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-14] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-18] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default [2019-07-20] CHR Extension: (Presentaties) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Documenten) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18] CHR Extension: (YouTube) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31] CHR Extension: (Spreadsheets) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Offline Documenten) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (AdBlock) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-11] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06] CHR Extension: (Gmail) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\Lordgoofox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk, Inc -> Autodesk Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2019-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-23] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152536 2017-11-21] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2019-04-10] (Macrovision Corporation -> Macrovision Europe Ltd.) [Bestand niet getekend] S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [686664 2018-08-23] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8942664 2018-08-23] (GOG Sp. z o.o. -> GOG.com) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Bestand niet getekend] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Bestand niet getekend] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-04-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-09-29] (Logitech Inc -> Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 Micro Star SCM; C:\WINDOWS\SysWoW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [Bestand niet getekend] R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [180520 2016-09-10] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [61880 2017-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1897184 2016-03-21] (Intel(R) Client Connectivity Division SW -> Intel Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WMS; C:\Windows\appdata\winlogon.exe [331264 2014-08-31] () [Bestand niet getekend] S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.) R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [159712 2019-05-13] (WDKTestCert SYSTEM,130948585914967575 -> Qualcomm Atheros, Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2017-11-21] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-05-13] (Martin Malik - REALiX -> REALiX(tm)) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [906160 2019-05-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc -> Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc -> Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-20] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-07-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-07-20] (Malwarebytes Corporation -> Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_995a8ca55addcada\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [449944 2019-05-13] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 SjtWinIo20; C:\WINDOWS\System32\drivers\SjtWinIo_v2_0.sys [11776 2017-05-04] (Microsoft Windows Hardware Compatibility Publisher -> SpeedJet Technology INC.) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-05-13] (Synaptics Incorporated -> Synaptics Incorporated) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [40568 2016-06-15] (SteelSeries ApS -> SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2019-05-13] (SteelSeries ApS -> SteelSeries ApS) R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38656 2019-05-13] (SteelSeries ApS -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> ) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-07-20 10:23 - 2019-07-20 10:24 - 000041041 _____ C:\Users\Lordgoofox\Desktop\FRST.txt 2019-07-20 10:22 - 2019-07-20 10:23 - 000000000 ____D C:\FRST 2019-07-20 10:04 - 2019-07-20 10:04 - 002095104 _____ (Farbar) C:\Users\Lordgoofox\Desktop\FRST64.exe 2019-07-20 10:03 - 2019-07-20 10:04 - 000003395 _____ C:\Users\Lordgoofox\Desktop\scan_report_AdwCleaner_20_07_2019.txt 2019-07-20 10:02 - 2019-07-20 10:02 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-07-20 10:01 - 2019-07-20 10:01 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-07-20 10:01 - 2019-07-20 10:01 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-07-20 10:01 - 2019-07-20 10:01 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-07-20 10:00 - 2019-07-20 10:01 - 000000000 ____D C:\AdwCleaner 2019-07-20 09:59 - 2019-07-20 09:59 - 007025360 _____ (Malwarebytes) C:\Users\Lordgoofox\Desktop\adwcleaner_7.3.exe 2019-07-20 09:58 - 2019-07-20 09:58 - 000001224 _____ C:\Users\Lordgoofox\Desktop\scan_report_20_07_2019.txt 2019-07-20 09:09 - 2019-07-20 09:09 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-07-20 09:08 - 2019-07-20 09:08 - 000001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-20 09:08 - 2019-07-20 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-20 09:08 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-07-20 09:08 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-07-17 13:33 - 2019-07-17 13:33 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\Google 2019-07-16 20:26 - 2019-07-16 20:26 - 000381800 _____ C:\Users\Lordgoofox\Desktop\Invoice 2017 vpv-6752 Contract ID 4231 dd 11-07-2018.pdf 2019-07-16 20:25 - 2019-07-16 20:23 - 000223456 _____ C:\Users\Lordgoofox\Desktop\Invoice 2018 VPV-7842 Contract ID 44231 dd 16-07-2019.pdf 2019-07-11 01:20 - 2019-07-11 01:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2019-07-11 01:20 - 2019-07-11 01:20 - 002494232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2019-07-11 01:20 - 2019-07-11 01:20 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000801592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2019-07-11 01:20 - 2019-07-11 01:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000516752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-07-11 01:20 - 2019-07-11 01:20 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-11 01:20 - 2019-07-11 01:20 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-11 01:20 - 2019-07-11 01:20 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2019-07-11 01:20 - 2019-07-11 01:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2019-07-11 01:19 - 2019-07-11 01:20 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 009917752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 007887440 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 007636616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 007242312 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 007175168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 006534712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 006224296 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 006068840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 004552336 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003914480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 003748864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003372952 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003261440 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002990608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 002771008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002763552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-07-11 01:19 - 2019-07-11 01:19 - 002725376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 002697728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002550584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002281984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002258336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002117160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001979392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001815040 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001781248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-11 01:19 - 2019-07-11 01:19 - 001745920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001721344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001717560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-11 01:19 - 2019-07-11 01:19 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001337656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001262864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001250432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001071928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2019-07-11 01:19 - 2019-07-11 01:19 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000889656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2019-07-11 01:19 - 2019-07-11 01:19 - 000876856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000829544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000810512 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000774152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000673152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000602432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000588464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2019-07-11 01:19 - 2019-07-11 01:19 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000523912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-07-11 01:19 - 2019-07-11 01:19 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-07-11 01:19 - 2019-07-11 01:19 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2019-07-11 01:19 - 2019-07-11 01:19 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000415800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000386016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000336752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000296976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000210440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000182072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000127296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000071720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000058825 _____ C:\WINDOWS\system32\srms.dat 2019-07-11 01:19 - 2019-07-11 01:19 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2019-07-11 01:19 - 2019-07-11 01:19 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2019-07-11 01:19 - 2019-07-11 01:19 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-07-11 01:19 - 2019-07-11 01:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2019-07-08 13:50 - 2019-07-08 14:19 - 000000000 ____D C:\Users\Lordgoofox\Desktop\BACKPACK TRIPPPPPPP THAILAND 2019-07-08 12:33 - 2019-07-08 12:38 - 000000000 ____D C:\Users\Lordgoofox\Desktop\Urbex_Maxime 2019-06-26 22:45 - 2019-06-26 22:46 - 000378436 _____ C:\WINDOWS\Minidump\062619-51546-01.dmp 2019-06-26 22:45 - 2019-06-26 22:45 - 2945513847 ____N C:\WINDOWS\MEMORY.DMP 2019-06-26 21:06 - 2019-06-26 21:06 - 010356188 _____ C:\WINDOWS\Minidump\062619-100968-01.dmp 2019-06-25 22:15 - 2019-06-25 22:15 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsignb5efc0170b1c0238 2019-06-25 22:15 - 2019-06-25 22:15 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsign3e1e2da8abeba4e8 2019-06-25 22:14 - 2019-06-25 22:14 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsign00bced0ce1832ab3 2019-06-24 16:22 - 2019-06-24 16:22 - 009546188 _____ C:\WINDOWS\Minidump\062419-50218-01.dmp 2019-06-24 15:19 - 2019-06-26 22:45 - 000000000 ____D C:\WINDOWS\Minidump 2019-06-23 18:51 - 2019-06-27 22:40 - 000000000 ____D C:\Users\Lordgoofox\Desktop\Urbex 2019-06-20 23:46 - 2019-07-06 13:28 - 000000000 ____D C:\Windows.old 2019-06-20 23:21 - 2019-06-20 23:46 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2019-06-20 23:20 - 2019-06-20 23:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-06-20 23:20 - 2019-06-20 23:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-06-20 23:18 - 2019-06-20 23:18 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 005014016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-06-20 23:18 - 2019-06-20 23:18 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001510960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001493944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2019-06-20 23:18 - 2019-06-20 23:18 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-06-20 23:18 - 2019-06-20 23:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 007831368 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 007275008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 006381568 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 005939712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 005071360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 004034048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 003734456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 002698552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001830416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001422848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 001395600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001283384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-06-20 23:17 - 2019-06-20 23:17 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001068856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000939504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000911360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000811192 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-06-20 23:17 - 2019-06-20 23:17 - 000811192 _____ C:\WINDOWS\system32\locale.nls 2019-06-20 23:17 - 2019-06-20 23:17 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000773168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000726328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000613904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-06-20 23:17 - 2019-06-20 23:17 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000466624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2019-06-20 23:17 - 2019-06-20 23:17 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000401416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2019-06-20 23:17 - 2019-06-20 23:17 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-06-20 23:17 - 2019-06-20 23:17 - 000223248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000201256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000199688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-06-20 23:17 - 2019-06-20 23:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000161848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000139472 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000136720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-06-20 23:17 - 2019-06-20 23:17 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2019-06-20 23:17 - 2019-06-20 23:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2019-06-20 23:17 - 2019-06-20 23:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe 2019-06-20 23:17 - 2019-06-20 23:17 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL 2019-06-20 23:17 - 2019-06-20 23:17 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-06-20 23:17 - 2019-06-20 23:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-06-20 23:12 - 2019-06-20 23:12 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll 2019-06-20 23:12 - 2019-06-20 23:12 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2019-06-20 23:12 - 2019-06-20 23:12 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2019-06-20 23:12 - 2019-06-20 23:12 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2019-06-20 23:12 - 2019-06-20 23:12 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2019-06-20 23:12 - 2019-06-20 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2019-06-20 23:12 - 2019-06-20 23:12 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-06-20 23:12 - 2019-06-20 23:12 - 000000000 ____D C:\Program Files\MSBuild 2019-06-20 23:12 - 2019-06-20 23:12 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2019-06-20 23:12 - 2019-06-20 23:12 - 000000000 ____D C:\Program Files (x86)\MSBuild 2019-06-20 22:58 - 2019-06-20 22:58 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-06-20 22:56 - 2019-07-20 10:10 - 001773644 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-06-20 22:56 - 2019-07-20 10:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-06-20 22:56 - 2019-07-15 13:19 - 000004696 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-06-20 22:56 - 2019-07-06 13:18 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3119324879-1501395537-2743486772-1002 2019-06-20 22:56 - 2019-06-20 22:56 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-06-20 22:56 - 2019-06-20 22:56 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-06-20 22:56 - 2019-06-20 22:56 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification 2019-06-20 22:56 - 2019-06-20 22:56 - 000003114 _____ C:\WINDOWS\System32\Tasks\MSI_Help_Desk_Agent 2019-06-20 22:56 - 2019-06-20 22:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002942 _____ C:\WINDOWS\System32\Tasks\Dragon_Center_updater 2019-06-20 22:56 - 2019-06-20 22:56 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002858 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-eli-janssen@hotmail.com 2019-06-20 22:56 - 2019-06-20 22:56 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002566 _____ C:\WINDOWS\System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002396 _____ C:\WINDOWS\System32\Tasks\Nahimic2UILauncherRun 2019-06-20 22:56 - 2019-06-20 22:56 - 000002384 _____ C:\WINDOWS\System32\Tasks\Nahimic2Svc64Run 2019-06-20 22:56 - 2019-06-20 22:56 - 000002376 _____ C:\WINDOWS\System32\Tasks\Nahimic2Svc32Run 2019-06-20 22:56 - 2019-06-20 22:56 - 000002330 _____ C:\WINDOWS\System32\Tasks\{AFB03345-6CED-4A98-ADEC-94C824F4A2F1} 2019-06-20 22:56 - 2019-06-20 22:56 - 000002262 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Center 2019-06-20 22:56 - 2019-06-20 22:56 - 000002196 _____ C:\WINDOWS\System32\Tasks\MSISCMTsk 2019-06-20 22:56 - 2019-06-20 22:56 - 000000020 ___SH C:\Users\Lordgoofox\ntuser.ini 2019-06-20 22:56 - 2019-06-20 22:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-3119324879-1501395537-2743486772-1002 2019-06-20 22:56 - 2019-06-20 22:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2019-06-20 22:56 - 2019-06-20 22:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel 2019-06-20 22:54 - 2019-06-20 22:56 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2019-06-20 22:54 - 2019-06-20 22:56 - 000007623 _____ C:\WINDOWS\diagerr.xml 2019-06-20 22:49 - 2019-07-06 13:18 - 000002394 _____ C:\Users\Lordgoofox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-06-20 22:49 - 2019-06-27 00:08 - 000000000 ____D C:\Users\Lordgoofox 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Sjablonen 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Netwerkprinteromgeving 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Mijn documenten 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Menu Start 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Documents\Mijn video's 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Documents\Mijn muziek 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\Documents\Mijn afbeeldingen 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 _SHDL C:\Users\Lordgoofox\AppData\Local\Geschiedenis 2019-06-20 22:49 - 2019-06-20 22:49 - 000000000 ____D C:\ProgramData\USOShared 2019-06-20 22:48 - 2019-06-20 23:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2019-06-20 22:47 - 2019-07-20 09:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-06-20 22:47 - 2019-07-11 04:52 - 000640352 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-06-20 22:47 - 2019-06-24 15:19 - 002471542 ____N C:\WINDOWS\Minidump\062419-8281-01.dmp ==================== Een maand (gewijzigd) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-07-20 10:10 - 2019-03-19 14:33 - 000791496 _____ C:\WINDOWS\system32\perfh013.dat 2019-07-20 10:10 - 2019-03-19 14:33 - 000158298 _____ C:\WINDOWS\system32\perfc013.dat 2019-07-20 10:10 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2019-07-20 10:10 - 2018-05-25 15:17 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\D3DSCache 2019-07-20 10:03 - 2017-06-09 20:15 - 000000000 ____D C:\ProgramData\NVIDIA 2019-07-20 10:02 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-20 10:01 - 2019-05-13 12:55 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\IObit 2019-07-20 10:01 - 2019-05-13 12:55 - 000000000 ____D C:\ProgramData\IObit 2019-07-20 10:01 - 2019-05-13 12:55 - 000000000 ____D C:\Program Files (x86)\IObit 2019-07-20 10:01 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-07-20 10:01 - 2016-08-31 20:10 - 000000000 __SHD C:\Users\Lordgoofox\IntelGraphicsProfiles 2019-07-20 09:59 - 2016-11-29 22:12 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\Spotify 2019-07-20 09:59 - 2016-11-29 22:12 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Spotify 2019-07-20 09:08 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-07-20 08:58 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-20 01:11 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-20 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-20 01:09 - 2016-08-31 23:02 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Battle.net 2019-07-16 01:12 - 2016-08-31 20:19 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-15 16:26 - 2016-08-31 20:22 - 000000000 ____D C:\Program Files (x86)\Steam 2019-07-15 13:19 - 2016-09-30 12:48 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Adobe 2019-07-15 13:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-07-15 13:18 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-07-14 01:15 - 2016-09-01 10:02 - 000000000 ____D C:\Program Files\Microsoft Office 2019-07-11 04:53 - 2017-11-17 14:46 - 000000000 ___RD C:\Users\Lordgoofox\3D Objects 2019-07-11 04:53 - 2016-04-09 15:38 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-11 04:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-11 01:23 - 2016-08-31 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-11 01:22 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing 2019-07-11 01:22 - 2016-08-31 22:43 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-10 09:29 - 2016-09-01 19:59 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-07-09 10:38 - 2018-02-17 19:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-07-06 13:18 - 2016-08-31 20:12 - 000000000 ___RD C:\Users\Lordgoofox\OneDrive 2019-07-03 20:45 - 2019-06-19 22:42 - 000000000 ___DC C:\WINDOWS\Panther 2019-07-02 09:28 - 2016-08-31 23:03 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2019-06-29 11:02 - 2016-08-31 22:56 - 000000000 ____D C:\Program Files (x86)\Battle.net 2019-06-28 14:42 - 2017-11-17 14:28 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Packages 2019-06-26 11:07 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-06-25 22:14 - 2019-04-09 18:13 - 000000034 _____ C:\Users\Lordgoofox\AppData\Roaming\AdobeWLCMCache.dat 2019-06-23 23:18 - 2016-08-31 20:27 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Comms 2019-06-23 00:17 - 2018-06-28 10:31 - 000000000 ____D C:\ProgramData\Packages 2019-06-22 22:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\appcompat 2019-06-21 12:51 - 2018-05-24 09:59 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\PlaceholderTileLogoFolder 2019-06-20 23:46 - 2019-06-19 14:09 - 000000000 ____D C:\Program Files\UNP 2019-06-20 23:46 - 2019-04-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016 2019-06-20 23:46 - 2019-04-29 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2019-06-20 23:46 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-06-20 23:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help 2019-06-20 23:46 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-06-20 23:46 - 2018-10-29 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SU Podium V2.5 Plus 2019-06-20 23:46 - 2018-10-05 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's 2019-06-20 23:46 - 2018-10-01 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2018 2019-06-20 23:46 - 2018-08-09 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2019-06-20 23:46 - 2018-07-20 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2019-06-20 23:46 - 2018-07-02 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2019-06-20 23:46 - 2018-05-25 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-06-20 23:46 - 2018-04-12 18:02 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB 2019-06-20 23:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-06-20 23:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-06-20 23:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps 2019-06-20 23:46 - 2017-12-18 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artlantis Studio 6 2019-06-20 23:46 - 2017-06-13 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2 2019-06-20 23:46 - 2017-06-09 20:15 - 000000000 ____D C:\Program Files\Intel 2019-06-20 23:46 - 2017-05-04 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI True Color 2019-06-20 23:46 - 2017-04-26 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com] 2019-06-20 23:46 - 2017-04-14 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-06-20 23:46 - 2017-04-05 11:12 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2019-06-20 23:46 - 2017-01-24 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2019-06-20 23:46 - 2016-11-22 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017 2019-06-20 23:46 - 2016-11-08 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2019-06-20 23:46 - 2016-09-27 09:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2019-06-20 23:46 - 2016-09-01 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2019-06-20 23:46 - 2016-08-31 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2019-06-20 23:46 - 2016-08-31 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2019-06-20 23:46 - 2016-08-31 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2019-06-20 23:46 - 2016-07-13 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2019-06-20 23:46 - 2016-07-13 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnRecovery 2019-06-20 23:46 - 2016-07-13 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software 2019-06-20 23:46 - 2016-07-13 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2019-06-20 23:46 - 2016-07-13 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2019-06-20 23:46 - 2016-07-13 18:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2019-06-20 23:22 - 2019-05-13 11:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2019-06-20 23:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE 2019-06-20 23:22 - 2018-05-24 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks 2019-06-20 23:21 - 2019-03-19 14:35 - 000000000 ____D C:\WINDOWS\OCR 2019-06-20 23:21 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources 2019-06-20 23:21 - 2017-06-09 20:15 - 000000000 ____D C:\Program Files\Realtek 2019-06-20 23:21 - 2016-09-02 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2019-06-20 23:21 - 2016-07-13 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries 2019-06-20 23:20 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-06-20 23:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-06-20 23:15 - 2019-03-19 14:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-06-20 23:15 - 2019-03-19 14:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2019-06-20 23:15 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2019-06-20 23:15 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\system32\WCN 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System 2019-06-20 23:15 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\system32\winrm 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\system32\slmgr 2019-06-20 23:14 - 2019-03-19 14:33 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2019-06-20 23:14 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2019-06-20 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2019-06-20 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2019-06-20 23:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2019-06-20 23:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2019-06-20 23:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI 2019-06-20 23:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-06-20 22:57 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate 2019-06-20 22:56 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows NT 2019-06-20 22:56 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender 2019-06-20 22:56 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-06-20 22:56 - 2016-09-27 09:27 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\ConnectedDevicesPlatform 2019-06-20 22:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration 2019-06-20 22:52 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media 2019-06-20 22:52 - 2016-09-27 09:24 - 000023076 _____ C:\WINDOWS\system32\emptyregdb.dat 2019-06-20 22:50 - 2017-12-11 21:32 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-06-20 22:50 - 2017-10-03 11:00 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2019-06-20 22:50 - 2016-11-11 12:29 - 000000000 ____D C:\Users\Lordgoofox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2019-06-20 22:49 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-06-20 22:48 - 2017-06-09 20:15 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-06-20 22:48 - 2017-06-09 20:15 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-06-20 22:48 - 2017-06-09 20:15 - 000000000 ____D C:\Program Files\Elantech 2019-06-20 22:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState 2019-06-20 22:47 - 2017-06-09 20:15 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-06-20 09:28 - 2016-08-31 20:50 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\CrashDumps ==================== Bestanden in de root van sommige mappen ================ 2019-04-09 18:13 - 2019-06-25 22:14 - 000000034 _____ () C:\Users\Lordgoofox\AppData\Roaming\AdobeWLCMCache.dat 2019-04-16 21:28 - 2019-04-16 21:28 - 000001456 _____ () C:\Users\Lordgoofox\AppData\Local\Adobe Opslaan voor web 13.0 Prefs 2019-04-15 11:02 - 2019-04-15 11:02 - 000000000 _____ () C:\Users\Lordgoofox\AppData\Local\oobelibMkey.log 2019-02-24 12:46 - 2019-02-24 12:46 - 000000017 _____ () C:\Users\Lordgoofox\AppData\Local\resmon.resmoncfg ==================== SigCheck =============================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ============================ Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323912 Share Posted July 20, 2019 Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 15-07-2019 01 Gestart door Lordgoofox (20-07-2019 10:24:51) Gestart vanaf C:\Users\Lordgoofox\Desktop Windows 10 Home Versie 1903 18362.239 (X64) (2019-06-20 20:56:16) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3119324879-1501395537-2743486772-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3119324879-1501395537-2743486772-503 - Limited - Disabled) Gast (S-1-5-21-3119324879-1501395537-2743486772-501 - Limited - Disabled) Lordgoofox (S-1-5-21-3119324879-1501395537-2743486772-1002 - Administrator - Enabled) => C:\Users\Lordgoofox WDAGUtilityAccount (S-1-5-21-3119324879-1501395537-2743486772-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk) ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.3.1 - Adobe Systems) Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Acrobat 9.3.1 - CPSID_50570 (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}_931) (Version: - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe) Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated) Adobe InDesign CC 2015 (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB8}) (Version: 11.0 - Adobe Systems Incorporated) Adobe InDesign CC 2017 (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB9}) (Version: 12.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated) Adobe Universal Patcher 2.0.0.0 (HKLM-x32\...\Adobe Universal Patcher 2.0.0.0) (Version: 2.0.0.0 - PainteR) ApoDispatchConfigurator (HKLM\...\{064FCD7F-935D-4A3C-BDA5-8B272AA5A698}) (Version: 2.3.1401 - Nahimic) Hidden Artlantis 6.5 Exporter for SketchUp Pro 2018 64-Bit (HKLM\...\Abvent_SkpPro2018_64BittoATL6.5) (Version: - Abvent R&D) Artlantis Studio 6.0.2.26 (HKLM\...\Artlantis Studio 6) (Version: 6.0.2.26 - Abvent R&D) AudioLaunchpadConfigurator (HKLM\...\{E49685B2-DE80-4609-9B01-A993282D563B}) (Version: 2.3.1401 - Nahimic) Hidden AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk) Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk) Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk) Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk) Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk) Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application) Hidden BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application) CheckDevicesConfigurator (HKLM\...\{F17C92A4-9E41-43A2-B0C1-6BFAFD4B0354}) (Version: 2.3.1401 - Nahimic) Hidden Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\Discord) (Version: 0.0.301 - Discord Inc.) Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1711.2101 - Micro-Star International Co., Ltd.) Hidden Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1711.2101 - Micro-Star International Co., Ltd.) Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line) ELAN Touchpad 15.13.9.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.9.1 - ELAN Microelectronic Corp.) Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Gwent (HKLM-x32\...\1971477531_is1) (Version: 0.9.23.5.430.3 - GOG.com) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) IL MiniHost (HKLM-x32\...\IL MiniHost) (Version: - Image-Line) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) Intel(R) Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.5.1192 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4454 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.4.1046 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation) KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LauncherSetup (HKLM\...\{EAF34292-88ED-4E8A-8DD2-39F9E0DD4DC7}) (Version: 2.3.1401 - Nahimic) Hidden League of Legends (HKLM-x32\...\{B2777235-FDF0-4371-9D1E-0CD24DFE3579}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.11727.20244 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.) MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 1.6.3.005 - Portrait Displays, Inc.) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic) Nahimic2UISetup (HKLM\...\{FD585866-680F-4FE0-8082-731D715F90CE}) (Version: 2.3.1401 - Nahimic) Hidden NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) ProductDaemonSetup (HKLM\...\{E5C605BF-FEF0-460C-9927-BC86E0647AD3}) (Version: 2.3.1401 - Nahimic) Hidden ProductNSConfigurator (HKLM\...\{1B4DB619-21BD-4006-A8BA-394B70C2F761}) (Version: 2.3.1401 - Nahimic) Hidden Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.230 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application) Hidden Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application) SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.) SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.) SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk) Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) SonicMapperConfigurator (HKLM\...\{BC0A78EE-7CA5-4262-9F8C-2B6F7AF6EA63}) (Version: 2.3.1401 - Nahimic) Hidden Spotify (HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.8.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.1 - SteelSeries ApS) SU2018 Podium V2.5 Plus 2.5.804 (HKLM-x32\...\{F79F91FD-C2D3-4B26-87E2-AF54D6510753}_is1) (Version: 2.5.804 - Cadalog Inc.) Thunderbolt(TM) Software (HKLM-x32\...\{BE0D4095-95CC-43FD-82E5-25562BCD5892}) (Version: 16.1.45.250 - Intel Corporation) UIInstallUpgrade (HKLM\...\{34755904-0831-4F83-BDDB-4395A581930D}) (Version: 2.3.1401 - Nahimic) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. ) World of Tanks (HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs) Packages: ========= Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-06-21] (Facebook Inc) Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2131.0_x64__rh07ty8m5nkag [2018-10-13] (Rivet Networks LLC) Mail en Agenda -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad] Microsoft Nieuws -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad] MSN geldzaken -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] MSN sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-09] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.) RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.4.0.1_x86__fxme7667cy4q4 [2019-05-14] (Ricoh Company, Ltd.) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-09-11] (Microsoft Corporation) Ziggo GO -> C:\Program Files\WindowsApps\LibertyGlobal.ZiggoGO_2.11.0.0_x64__gmwgfebrpy77e [2019-07-06] (Liberty Global) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => Geen bestand CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => Geen bestand CustomCLSID: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => c:\Program Files\WinZip\wzshls64.dll [2013-08-03] (WinZip Computing -> WinZip Computing, S.L.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-08-16 19:42 - 2017-08-16 19:42 - 002939237 _____ () [Bestand niet getekend] C:\Windows\appdata\svchost.exe 2014-08-31 18:34 - 2014-08-31 18:34 - 000331264 _____ () [Bestand niet getekend] C:\Windows\appdata\winlogon.exe 2016-06-15 18:21 - 2016-06-15 18:21 - 002146304 _____ (Holtek Semiconductor Inc.) [Bestand niet getekend] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll 2016-06-15 18:21 - 2016-06-15 18:21 - 000358400 _____ (Holtek) [Bestand niet getekend] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll 2017-01-24 11:22 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [Bestand niet getekend] C:\Program Files\7-Zip\7-zip.dll 2016-03-18 20:03 - 2016-03-18 20:03 - 000008704 _____ (Intel Corporation) [Bestand niet getekend] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe 2015-06-11 20:35 - 2015-06-11 20:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [Bestand niet getekend] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll 2017-11-21 17:00 - 2017-11-21 17:00 - 006455064 _____ (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe 2009-07-10 00:54 - 2009-07-10 00:54 - 000160768 _____ (Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\WINDOWS\SysWoW64\MSIService.exe 2017-01-30 13:17 - 2012-02-02 20:23 - 000027648 _____ (RICOH CO.,Ltd.) [Bestand niet getekend] C:\WINDOWS\System32\ricu00lm.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\...\sharepoint.com -> hxxps://stichtingfontys-files.sharepoint.com ==================== Hosts inhoud: ========================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 09:24 - 2017-04-05 10:57 - 000001030 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 2017-06-18 00:20 - 2017-06-18 00:21 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-3119324879-1501395537-2743486772-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lordgoofox\Pictures\Wallpapers\SunsetRoad.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "SCM" HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{35AE6B57-2112-4896-82A9-72649D7ACF9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{1381D5C3-1CF2-4A52-B010-7EDD30E20565}D:\game downloads d\overwatch\overwatch.exe] => (Allow) D:\game downloads d\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{3B76F255-B90D-44F5-8925-6EE4D6D765CB}D:\game downloads d\overwatch\overwatch.exe] => (Allow) D:\game downloads d\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{EF854068-567C-49C3-BCF8-06836424A01C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{84FFCB42-2E22-4476-A8B8-27599B262C4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F46BFE48-4DAD-421C-8E5F-102A8075EFFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0640A5DF-F46C-47CF-B49D-54ADF9172550}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DC37F99C-03D2-46C5-AF2B-34657E032B6E}] => (Allow) C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) FirewallRules: [{B0D52747-21A2-434A-BAE7-25FDEF38F84B}] => (Allow) C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) FirewallRules: [{82B468D8-23F2-45E2-B126-AABE80087C2F}] => (Allow) C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) FirewallRules: [{09E498F3-F59F-4D6A-8909-890EACC67320}] => (Allow) C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.) FirewallRules: [{91214DC3-630A-4F3F-8CB9-A980CA18CCE9}] => (Allow) C:\Users\Lordgoofox\AppData\Local\Temp\System.exe Geen bestand FirewallRules: [{5B763C82-F21E-4DFD-B4EC-8078930B63EF}] => (Allow) C:\Users\Lordgoofox\AppData\Local\Temp\System.exe Geen bestand FirewallRules: [{51D54B52-77EA-421F-B8F4-6BDC07526E16}] => (Allow) LPort=50248 FirewallRules: [{E5C4CA5D-18CD-47E3-9CD8-D620174EA462}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\AppsPanel\Updater\Adobe Application Updater.exe Geen bestand FirewallRules: [{FDF824EE-5E68-4011-89C3-20BF189C236D}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2017\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{EA258637-52AB-4F88-B4A2-854C0F215DD6}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2017\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{3EDE9F62-6EAF-4DDA-BCD4-09F81BC5F632}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2017\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{BF268A23-6F04-4ADC-8857-5A7662A2311B}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2017\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{60CF2D69-886D-4957-B035-44164E25CA94}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{7DEF8C40-CD75-4D91-9958-670601F274E2}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{1F4F5487-D222-4403-8979-59A10446BF61}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{0BAAAFB4-706F-4D82-91F9-EC6A1E266E66}] => (Allow) C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{A2E43AB0-2BD2-46C6-8796-F5F49DDA4368}] => (Allow) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Incorporated -> Adobe Systems Inc.) FirewallRules: [{A398DBD8-E304-4B4F-A09D-B25E2F246D8F}] => (Allow) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Incorporated -> Adobe Systems Inc.) FirewallRules: [{DE40E5AE-C4FC-4D3B-AC1A-A5F740CADF0B}] => (Allow) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Incorporated -> Adobe Systems Inc.) FirewallRules: [{32EAD04B-7803-44EC-AEE2-B99B4FBE5897}] => (Allow) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Incorporated -> Adobe Systems Inc.) FirewallRules: [{6DBA3CA4-3F5C-4B47-B636-F203DA6DB066}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{455DC741-D0AF-4A97-BE1D-FD643647C520}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{8B7BBCE4-8A7E-4A02-AA51-84AF1CB967CE}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{31D47219-DFF3-474F-89A8-AE17C9D49C72}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) FirewallRules: [{288DC812-391C-4CD0-8BB7-2439DCC25DE6}] => (Allow) C:\Users\Lordgoofox\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand FirewallRules: [{548E2495-39C1-475F-88D3-3AB0C93834FD}] => (Allow) C:\Users\Lordgoofox\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand FirewallRules: [{C8DB6BA5-92F5-42BA-8C2A-4EA98123EDEB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AE33E975-758D-43DF-BD15-086611BB1AFF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{0DAE971C-BC2C-45FD-B497-EA755E028E1F}D:\game downloads d\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\game downloads d\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{1834207C-A366-4671-B4F4-416B262EFAB0}D:\game downloads d\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\game downloads d\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{32702460-33FE-465B-A6FA-CD8E80FB0BA4}D:\game downloads d\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\game downloads d\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{A5DCD95B-5E29-4F39-9E0A-3E48FCEB10A5}D:\game downloads d\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\game downloads d\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{502ACAC9-752E-483F-9464-8D7589435ACB}D:\game downloads d\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\game downloads d\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{F1CF4967-4319-44E6-9B65-06F9C809D78E}D:\game downloads d\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\game downloads d\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{51D9CF95-F653-4818-9080-FFCB618AC038}C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe] => (Block) C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{8E37457C-22AD-4917-94B6-B48517DF9D1C}C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe] => (Block) C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{6D20A682-CD79-4EDA-AB5A-3233DF70438A}C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe] => (Block) C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{07EA11A1-DADD-4306-8F06-46504003BB0C}C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe] => (Block) C:\programdata\sketchup\sketchup 2018\sketchup\plugins\su_podium_v25\su_podium_v25\programs\oopr.exe () [Bestand niet getekend] FirewallRules: [{D1F55C61-7FA3-4928-A56D-23CFD2DF050D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A155ECE7-E036-4DE5-A64C-39DE3492F857}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{C43A4F65-3D6D-4B8C-8DE3-08AA2B1D7131}D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis studio.exe] => (Allow) D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis studio.exe (ABVENT -> Abvent R&D) FirewallRules: [TCP Query User{07C811B1-35B3-4D40-ADFE-7AE65F8BA420}D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis studio.exe] => (Allow) D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis studio.exe (ABVENT -> Abvent R&D) FirewallRules: [{1AF29772-6403-41FA-9037-CCAB1BF2810E}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{22B21514-30C6-49FE-A0EA-97D7D2F8C1E1}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{EFD650BB-D46D-4174-8BDD-E290F4DD7413}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{843FF387-4C25-42F3-A5D2-B55A1EDB269D}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{9682D7BE-9E59-4A43-9BF2-9F5AB0CDC43F}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{690A82FB-2D79-4DF6-AEE0-A6E3384810A2}] => (Allow) C:\Program Files\SketchUp\SketchUp 2018\SketchUp.exe (Trimble Navigation -> Trimble, Inc.) [Bestand niet getekend] FirewallRules: [{D277C08C-F883-4549-A748-13553CCB9F84}] => (Allow) D:\Game downloads D\World of Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{362D4EDA-B8C0-41E4-9D1B-5F4A1F74C337}] => (Allow) D:\Game downloads D\World of Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{648D67B1-CD2E-42BD-8690-4965D2FF4ECF}] => (Allow) D:\Game downloads D\World of Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{B9EDED0D-3379-4EE5-9F3C-7A6C95BAF243}] => (Allow) D:\Game downloads D\World of Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{1460EF37-5754-4DE1-B108-73DAA6579C2D}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{7DA094E4-A490-4FCA-AEF5-46906509ADEF}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{98421259-F725-4468-8FFB-83FF30B11C32}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{01E5296C-1891-4633-8385-0AF3CD7E548C}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{00AB7F3D-2A26-42F9-8969-56CCC83DF2BD}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{F2322441-AA7B-4357-925E-783303359684}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{472A164D-156B-45A1-A636-5486B5023C2D}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{F092EB78-343A-4D7F-86E8-A4CADB89D8F5}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{F3977313-691E-443A-B909-A25B8EAAE1C5}D:\game downloads d\overwatch\overwatch.exe] => (Allow) D:\game downloads d\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{99806444-0E85-4598-BA87-AACDA0146CFA}D:\game downloads d\overwatch\overwatch.exe] => (Allow) D:\game downloads d\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{C6C54DA9-89BB-4CD6-A620-D79EE93B5D95}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe Geen bestand FirewallRules: [TCP Query User{86A87384-C669-4DFF-8D9B-3F9EE5E0BF42}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe Geen bestand FirewallRules: [{9F81B59E-E8F1-4819-AF6C-6C55BF948D8F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C8BD23EB-E656-41CA-BACC-DA54CEDA6CB1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{F2EB7EDA-9D41-47E1-B013-97A74F57CF27}D:\game downloads d\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\game downloads d\world of warcraft\utils\wowvoiceproxy.exe Geen bestand FirewallRules: [TCP Query User{DA8F0D76-7B14-470B-ADF0-85281F708743}D:\game downloads d\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\game downloads d\world of warcraft\utils\wowvoiceproxy.exe Geen bestand FirewallRules: [UDP Query User{B7A8CC75-F9A3-4870-9724-BC2601CC5720}D:\game downloads d\starcraft ii\versions\base66668\sc2_x64.exe] => (Allow) D:\game downloads d\starcraft ii\versions\base66668\sc2_x64.exe Geen bestand FirewallRules: [TCP Query User{32FE7A24-255A-4D75-A826-00E8401CD1B1}D:\game downloads d\starcraft ii\versions\base66668\sc2_x64.exe] => (Allow) D:\game downloads d\starcraft ii\versions\base66668\sc2_x64.exe Geen bestand FirewallRules: [UDP Query User{9FAA9296-B99C-4C86-820F-6DC5C5EF749F}D:\game downloads d\starcraft ii\versions\base65895\sc2_x64.exe] => (Allow) D:\game downloads d\starcraft ii\versions\base65895\sc2_x64.exe Geen bestand FirewallRules: [TCP Query User{8B3C54D9-6162-4760-B635-E2142C02E436}D:\game downloads d\starcraft ii\versions\base65895\sc2_x64.exe] => (Allow) D:\game downloads d\starcraft ii\versions\base65895\sc2_x64.exe Geen bestand FirewallRules: [UDP Query User{F51F2125-7334-4145-A79B-4743D1AECDA1}D:\game downloads d\destiny 2\destiny 2\destiny2.exe] => (Allow) D:\game downloads d\destiny 2\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [TCP Query User{7DF19A61-F6B6-4EAB-9A13-98661DD9FBDD}D:\game downloads d\destiny 2\destiny 2\destiny2.exe] => (Allow) D:\game downloads d\destiny 2\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [UDP Query User{9DCAF1FA-28EC-410C-8BC6-FC2D1D902E58}D:\game downloads d\destiny 2\destiny 2\destiny2.exe] => (Allow) D:\game downloads d\destiny 2\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [TCP Query User{FA3EC57B-2857-4AFA-A973-AFB21726A8DD}D:\game downloads d\destiny 2\destiny 2\destiny2.exe] => (Allow) D:\game downloads d\destiny 2\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{649BC52C-3B64-4F9B-AA36-AC7C772EB4B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D917AA64-A62A-4394-8D4C-468158366623}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{BFB97D03-FF52-46DA-9421-D720133368D5}C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe Geen bestand FirewallRules: [TCP Query User{A79C40AE-CF5E-4ABC-934E-D2F30180B1B2}C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe Geen bestand FirewallRules: [{CCE1D6CB-4113-48C5-BCB7-96ADE8313517}] => (Allow) LPort=5000 FirewallRules: [{CECD9747-8718-43E7-9A3A-D645319BF96E}] => (Allow) LPort=61885 FirewallRules: [UDP Query User{1D6DF842-C672-4295-B335-0A06917B0DB7}C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe Geen bestand FirewallRules: [TCP Query User{494C0667-78CA-49CC-A611-3ADB887A0D62}C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\lordgoofox\appdata\local\akamai\netsession_win.exe Geen bestand FirewallRules: [{C21A90F1-DF68-4BF6-AF44-A486D16B84D1}] => (Allow) C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe Geen bestand FirewallRules: [{82B36A4C-FACC-42DE-BBBE-A71D9063CF5D}] => (Allow) C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe Geen bestand FirewallRules: [UDP Query User{F5BE0DC0-4D68-4745-A7C4-8D1880683D2C}D:\game downloads d\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\game downloads d\diablo 3\diablo iii\x64\diablo iii64.exe Geen bestand FirewallRules: [TCP Query User{69B15DC5-B690-4D1D-8826-788ADB11B362}D:\game downloads d\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\game downloads d\diablo 3\diablo iii\x64\diablo iii64.exe Geen bestand FirewallRules: [UDP Query User{ABE1FE3B-E598-4A3D-A446-75D3D8403E4F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe Geen bestand FirewallRules: [TCP Query User{F4E19794-5444-4601-BA77-F28ED941FB77}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe Geen bestand FirewallRules: [UDP Query User{EE0E5F28-44DC-4808-A302-1F1B36421193}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [TCP Query User{7315CCD5-221B-4679-A443-168B2DFAAC90}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [{F20889F6-CA25-4E39-8509-D4A21D565F54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{60CC76F6-2CC7-4641-8E02-A988B2A87CD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A68B471B-82B5-4EC1-B315-2EBC8E4FB912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Geen bestand FirewallRules: [{FA3AA8CD-1016-4344-B333-969AF17E8323}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0C0FE957-2CC9-4F01-9D16-BBC9D5F17EF7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{80ABA84E-C094-40FA-93B0-A7452B7A7021}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [TCP Query User{21A16D79-1D9E-4163-ADE6-00A799CAAE2E}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [UDP Query User{B8EF14AA-FA14-4E76-BCC5-A1394BFC0B78}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] FirewallRules: [TCP Query User{A07F46E8-7B49-43F6-BF82-2CFC4F65EABF}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] FirewallRules: [UDP Query User{300969A9-38D6-4B05-B125-6EF04DC8E0BC}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe Geen bestand FirewallRules: [TCP Query User{0166377C-6F83-48DE-A597-AAAA6A6DDDD2}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe Geen bestand FirewallRules: [{04C9ABD6-8ABC-46D8-8260-720B4D9A15C7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Geen bestand FirewallRules: [{234925EE-1AB3-4921-BA2D-948854A3E205}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Geen bestand FirewallRules: [{9286C497-703A-43C3-B0F8-1CF16AC62AE2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{BFB0A582-B71E-44CA-BF02-878DBA247A60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{70444156-01E9-401C-806E-0381B5062FFE}C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{9FD12DA4-8CCB-4D73-9646-44BFDE47241D}C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AC35D495-874A-415C-8985-9ED43356FDC5}] => (Allow) D:\Game downloads D\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{6325A82F-02DB-46A9-8658-41FF3259CDCB}] => (Allow) D:\Game downloads D\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [TCP Query User{95111D04-CD08-439A-9713-BA6FD019D7EB}D:\game downloads d\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\game downloads d\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [UDP Query User{4A36634B-C674-4CAA-BB00-87A6B152B701}D:\game downloads d\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\game downloads d\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [{B2C5E0D0-0DA4-4BD9-9E5B-B1A718412C0B}] => (Allow) D:\Game downloads D\steamapps\common\The Binding Of Isaac\Isaac.exe (Edmund Mcmillen & Florian Himsl ) [Bestand niet getekend] FirewallRules: [{59EEB2CD-AE86-424E-BBC9-1A05161C2234}] => (Allow) D:\Game downloads D\steamapps\common\The Binding Of Isaac\Isaac.exe (Edmund Mcmillen & Florian Himsl ) [Bestand niet getekend] FirewallRules: [{B11D18AA-E6EE-4184-AC7C-EE3C31108131}] => (Allow) D:\Game downloads D\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [Bestand niet getekend] FirewallRules: [{8A3B605C-A904-4D9E-BEE1-D9A8014366B5}] => (Allow) D:\Game downloads D\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [Bestand niet getekend] FirewallRules: [TCP Query User{CDAB0B69-F450-4A53-823A-4F973F108EEA}D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [Bestand niet getekend] FirewallRules: [UDP Query User{886E287D-0D8C-43F9-8C20-9B408BDEF328}D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [Bestand niet getekend] FirewallRules: [TCP Query User{4C0072E3-C4E0-4156-87EE-E82C096FD402}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{81D8E319-1553-4D4B-ADA6-676A0A890058}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [{15B252E3-0A55-43FA-89CB-0EF10B4D2BC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{9BF51198-D3A9-4CBF-A748-F0A08CCBD683}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{45CC7899-3357-4CB9-A069-882897AF25D8}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe () [Bestand niet getekend] FirewallRules: [{3944AD1C-8A1F-4F80-BA47-34C43A9162BD}] => (Allow) D:\Game downloads D\steamapps\common\Faeria\Faeria.exe () [Bestand niet getekend] FirewallRules: [{4FB7AE95-DEA7-4E74-9F3E-2BCBE172B6D6}] => (Allow) D:\Game downloads D\steamapps\common\Faeria\Faeria.exe () [Bestand niet getekend] FirewallRules: [{73CBC05A-ACE5-4C7F-916C-4A1886219C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.) FirewallRules: [{A694AA5B-D04D-49C6-A8A2-00DC9B6AAAAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.) FirewallRules: [{09513A68-5209-4910-BF97-F2C6B107E6DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{0EA3693F-7807-4D9D-AEE3-17A2439F5FF9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{6604374F-BAD3-432B-B686-AE6679A84146}] => (Allow) D:\Game downloads D\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [Bestand niet getekend] FirewallRules: [{F28FDAF4-D0B5-4FA8-9625-EE40FB733C3E}] => (Allow) D:\Game downloads D\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [Bestand niet getekend] FirewallRules: [TCP Query User{DF8463D4-F47D-49C6-930C-6F4EFF671AFC}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] FirewallRules: [UDP Query User{7E0D2BF1-10E8-45CD-87D3-23CBE19E8D09}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [Bestand niet getekend] FirewallRules: [TCP Query User{7DE108A5-1FBD-4891-AFB9-8EBE3A87F27C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{616A1460-269A-407B-9D45-97A61ECD4D55}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [{7DB62D8A-62B0-4BD4-93F0-CBCD57F3AD65}] => (Allow) D:\Game downloads D\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> ) FirewallRules: [{8BF2A7EA-C9BB-4F62-8E67-B28645095D62}] => (Allow) D:\Game downloads D\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> ) FirewallRules: [TCP Query User{20AE6567-B9A8-4ED7-B99C-AFEDDFFB1D4C}C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{99BE714C-1024-4043-94C2-7B5E38AE405C}C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lordgoofox\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7390ABBC-7F0C-42B7-8866-B50F79737796}] => (Allow) D:\Game downloads D\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{9C9DAA50-22B9-4328-BAA3-BEE6591D0E66}] => (Allow) D:\Game downloads D\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{D41599E6-A9C6-43CB-AD03-6683F95C45EA}D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{71584160-26BB-4286-8424-7C0296183F94}D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{64939451-1683-4D43-815F-30D2C0D7B828}D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{879FA027-FA87-4327-960B-F8F310398037}D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\game downloads d\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{7CC97FBA-4A33-44C9-A8FA-1B325BA25EEA}] => (Allow) C:\Users\Lordgoofox\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand FirewallRules: [{06AFB547-19CD-4DFA-BBC6-922E42C739BC}] => (Allow) C:\Users\Lordgoofox\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand FirewallRules: [TCP Query User{C8737DAC-0A3A-436B-BE08-892EEFE7A764}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe Geen bestand FirewallRules: [UDP Query User{046A9016-738A-4E6B-A5BE-48FC6C052648}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe Geen bestand FirewallRules: [TCP Query User{446B37BF-4C90-4A96-ADAE-B159E69046D6}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe Geen bestand FirewallRules: [UDP Query User{CBD11C3B-171E-4239-9045-5896EC6CEEC0}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe Geen bestand FirewallRules: [TCP Query User{DA0DBC68-AF51-492E-AF79-1FF3629857EA}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe Geen bestand FirewallRules: [UDP Query User{6FCC5AEE-E737-47E3-B114-F03DD9081023}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe Geen bestand FirewallRules: [{2971C6E9-198B-4E6D-9064-E701FC0447F9}] => (Allow) D:\Game downloads D\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [Bestand niet getekend] FirewallRules: [{3BDC822E-ABF3-4EB5-BBDE-FC90F759F43D}] => (Allow) D:\Game downloads D\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [Bestand niet getekend] FirewallRules: [{4B3C282A-2A85-4C20-89B4-1A4F7E17BD4A}] => (Allow) D:\Game downloads D\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [Bestand niet getekend] FirewallRules: [{370276DF-8759-44C4-8224-C9AF7842E873}] => (Allow) D:\Game downloads D\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{B958CC86-5BEF-4AFD-9A88-20FB6BCBE569}D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis license manager.exe] => (Allow) D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis license manager.exe (ABVENT -> Abvent R&D) FirewallRules: [UDP Query User{6C40C712-8040-4B9E-8D2C-E2FD2CC4C974}D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis license manager.exe] => (Allow) D:\game downloads d\artlantis studio 6.5\artlantis studio 6\artlantis license manager.exe (ABVENT -> Abvent R&D) FirewallRules: [TCP Query User{B55AC3ED-EBF8-42C4-B166-24C896D4D1CB}D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [Bestand niet getekend] FirewallRules: [UDP Query User{8170152C-C8A1-4D80-BA3F-D6F06E2246BA}D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\game downloads d\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [Bestand niet getekend] FirewallRules: [{BC31DF43-6F11-4B53-9C44-45EF24FF1C2F}] => (Allow) D:\Game downloads D\steamapps\common\DarkestDungeon\_windows\Darkest.exe Geen bestand FirewallRules: [{22BDCD08-D952-483B-8C6A-6E74D5077811}] => (Allow) D:\Game downloads D\steamapps\common\DarkestDungeon\_windows\Darkest.exe Geen bestand FirewallRules: [TCP Query User{B084B9BB-C951-4DAA-9CE5-52534246563E}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe Geen bestand FirewallRules: [UDP Query User{71E96474-D955-40CA-81CA-D96141AB8539}D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\game downloads d\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe Geen bestand FirewallRules: [TCP Query User{20202686-EF3D-4550-AA06-40314801253A}D:\game downloads d\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\game downloads d\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [UDP Query User{0D38CF86-33CB-45BA-AB29-521D2A32CE72}D:\game downloads d\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\game downloads d\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [TCP Query User{DEC83E8A-6218-4A14-86FC-59BE67FF28B5}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe Geen bestand FirewallRules: [UDP Query User{76EC3E19-E637-4E62-BDCB-91EC42FD277B}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe Geen bestand FirewallRules: [{C3DFD5BB-2589-4A9A-BD77-9F75CCD13321}] => (Allow) D:\Game downloads D\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{8898CA0A-EA07-43DE-84B7-E3A88A6129C8}] => (Allow) D:\Game downloads D\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{792A9171-D6E6-466F-BB6E-850A32D2902A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= 19-07-2019 20:37:26 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (07/20/2019 10:20:47 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10904,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/20/2019 10:11:10 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5748,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/20/2019 10:02:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: GammaSpline.exe, versie: 1.0.0.1, tijdstempel: 0x57d336da Naam van module met fout: GammaSpline.exe, versie: 1.0.0.1, tijdstempel: 0x57d336da Uitzonderingscode: 0xc0000005 Foutmarge: 0x00000000000209da Id van proces met fout: 0x34b4 Starttijd van toepassing met fout: 0x01d53ed17638a239 Pad naar toepassing met fout: C:\Program Files\Portrait Displays\MSI True Color\GammaSpline.exe Pad naar module met fout: C:\Program Files\Portrait Displays\MSI True Color\GammaSpline.exe Rapport-id: baf0af2b-52d3-480d-b2dd-75bc3089cf6e Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (07/20/2019 09:47:20 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9288,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/20/2019 09:38:42 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (15408,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/20/2019 09:31:09 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11460,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (07/20/2019 09:17:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: GammaSpline.exe, versie: 1.0.0.1, tijdstempel: 0x57d336da Naam van module met fout: GammaSpline.exe, versie: 1.0.0.1, tijdstempel: 0x57d336da Uitzonderingscode: 0xc0000005 Foutmarge: 0x00000000000209da Id van proces met fout: 0x304c Starttijd van toepassing met fout: 0x01d53ecb3c579f61 Pad naar toepassing met fout: C:\Program Files\Portrait Displays\MSI True Color\GammaSpline.exe Pad naar module met fout: C:\Program Files\Portrait Displays\MSI True Color\GammaSpline.exe Rapport-id: 1c85df67-e511-487d-8555-7530ffd4ef14 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (07/20/2019 09:15:00 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9248,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Systeemfouten: ============= Error: (07/20/2019 10:01:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Autodesk Content Service-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (07/20/2019 10:01:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (45000 seconden) tijdens het wachten op het verbinden van deze service: Autodesk Content Service. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De NVIDIA Display Container LS-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 6000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Klik-en-klaar-service van Microsoft Office-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De NVIDIA LocalSystem Container-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 6000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Adobe Genuine Monitor Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De AtherosSvc-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (07/20/2019 10:01:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De AdobeUpdateService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Windows Defender: =================================== Date: 2019-07-20 09:33:09.500 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {FD3B0A41-BC9A-46AE-9506-D9BDBCFB7E76} Type scan: Antimalware Scanparameters: Volledige scan Gebruiker: MSI\Lordgoofox Date: 2019-07-19 17:43:01.460 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {A3AC1B2F-ABB6-4E8B-9003-3543FE42F23F} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-07-12 11:41:43.068 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {B7119A0B-E8D9-4282-8E48-79154952767A} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-07-10 20:46:54.685 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {DD42A5DE-9500-46DF-96C7-8181A87F2444} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-07-10 18:30:37.893 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {2D79236D-C56C-48E0-987F-1DA3A3C4D6B3} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM CodeIntegrity: =================================== Date: 2019-07-20 10:15:48.592 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-07-20 10:15:48.586 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. Date: 2019-07-20 10:15:45.925 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements. Date: 2019-07-20 10:15:45.922 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements. Date: 2019-07-20 10:15:45.325 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-07-20 10:15:45.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. Date: 2019-07-20 09:56:30.516 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-07-20 09:56:30.492 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. E16K2IMS.108 07/26/2016 Motherboard: Micro-Star International Co., Ltd. MS-16K2 Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Percentage geheugen in gebruik: 40% Totaal fysiek RAM-geheugen: 16269.17 MB Beschikbaar fysiek RAM-geheugen: 9676.73 MB Totaal Virtueel geheugen: 32653.17 MB Beschikbaar Virtueel geheugen: 24654.73 MB ==================== Schijven ================================ Drive 😄 (OS_Install) (Fixed) (Total:237.18 GB) (Free:42.78 GB) NTFS Drive d: (Data) (Fixed) (Total:914.66 GB) (Free:338.61 GB) NTFS \\?\Volume{99cb3d02-e43c-402a-8000-8f4824a9c83d}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.35 GB) NTFS \\?\Volume{a7ece6d4-750b-4ace-97be-431e610683e7}\ (BIOS_RVY) (Fixed) (Total:16.85 GB) (Free:0.69 GB) NTFS \\?\Volume{f4bc48cd-b863-4008-b747-db90337907bb}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 583EECBB) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 583EEC59) Partition: GPT. ==================== Einde van Addition.txt ============================ Link to post Share on other sites More sharing options...
kevinf80 Posted July 20, 2019 ID:1323917 Share Posted July 20, 2019 Thanks for those logs Aellion, Continue please: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop Ensure to get the correct version for your system....https://www.microsoft.com/en-gb/download/malicious-software-removal-tool-details.aspx Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:notepad c:\windows\debug\mrt.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Let me see those logs in your reply, also let me know if there are any remaining issues or concerns... Thank you, Kevin... fixlist.txt Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323919 Share Posted July 20, 2019 Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 15-07-2019 01 Gestart door Lordgoofox (20-07-2019 11:08:38) Run:1 Gestart vanaf C:\Users\Lordgoofox\Desktop Geladen Profielen: Lordgoofox (Beschikbare Profielen: Lordgoofox) Boot Modus: Normal ============================================== fixlist inhoud: ***************** CreateRestorePoint: CloseProcesses: 2019-06-25 22:15 - 2019-06-25 22:15 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsignb5efc0170b1c0238 2019-06-25 22:15 - 2019-06-25 22:15 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsign3e1e2da8abeba4e8 2019-06-25 22:14 - 2019-06-25 22:14 - 000000000 ____D C:\Users\Lordgoofox\AppData\Local\Tempzxpsign00bced0ce1832ab3 2017-08-16 19:42 - 2017-08-16 19:42 - 002939237 _____ () [Bestand niet getekend] C:\Windows\appdata\svchost.exe 2014-08-31 18:34 - 2014-08-31 18:34 - 000331264 _____ () [Bestand niet getekend] C:\Windows\appdata\winlogon.exe AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480] FirewallRules: [{91214DC3-630A-4F3F-8CB9-A980CA18CCE9}] => (Allow) C:\Users\Lordgoofox\AppData\Local\Temp\System.exe Geen bestand FirewallRules: [{5B763C82-F21E-4DFD-B4EC-8078930B63EF}] => (Allow) C:\Users\Lordgoofox\AppData\Local\Temp\System.exe Geen bestand FirewallRules: [{51D54B52-77EA-421F-B8F4-6BDC07526E16}] => (Allow) LPort=50248 FirewallRules: [{CCE1D6CB-4113-48C5-BCB7-96ADE8313517}] => (Allow) LPort=5000 FirewallRules: [{CECD9747-8718-43E7-9A3A-D645319BF96E}] => (Allow) LPort=61885 EmptyTemp: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. C:\Users\Lordgoofox\AppData\Local\Tempzxpsignb5efc0170b1c0238 => is succesvol verplaatst C:\Users\Lordgoofox\AppData\Local\Tempzxpsign3e1e2da8abeba4e8 => is succesvol verplaatst C:\Users\Lordgoofox\AppData\Local\Tempzxpsign00bced0ce1832ab3 => is succesvol verplaatst C:\Windows\appdata\svchost.exe => is succesvol verplaatst C:\Windows\appdata\winlogon.exe => is succesvol verplaatst C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS is succesvol verwijderd C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS is succesvol verwijderd C:\Users\Public\Shared Files => ":VersionCache" ADS is succesvol verwijderd FirewallRules: [{91214DC3-630A-4F3F-8CB9-A980CA18CCE9}] => (Allow) C:\Users\Lordgoofox\AppData\Local\Temp\System.exe Geen bestand => Fout: Geen automatische fix gevonden voor dit item. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B763C82-F21E-4DFD-B4EC-8078930B63EF}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\FirewallRules: [{51D54B52-77EA-421F-B8F4-6BDC07526E16}] => (Allow) LPort=50248" => niet gevonden "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCE1D6CB-4113-48C5-BCB7-96ADE8313517}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CECD9747-8718-43E7-9A3A-D645319BF96E}" => is succesvol verwijderd =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 127413248 B Java, Flash, Steam htmlcache => 675379770 B Windows/system/drivers => 6983409 B Edge => 2388417 B Chrome => 451498186 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B LocalService => 0 B NetworkService => 66634 B NetworkService => 0 B Lordgoofox => 23427445 B RecycleBin => 174798722 B EmptyTemp: => 1.4 GB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 11:09:42 ==== Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323920 Share Posted July 20, 2019 --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.74, July 2019 (build 5.74.16130.3) Started On Thu Jul 11 01:22:12 2019 Engine: 1.1.16000.6 Signatures: 1.295.1362.0 MpGear: 1.1.15747.1 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 11 01:23:51 2019 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.73, June 2019 (build 5.73.16044.1) Started On Sat Jul 20 11:12:48 2019 Engine: 1.1.15900.4 Signatures: 1.293.2420.0 MpGear: 1.1.15747.1 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Sat Jul 20 11:16:18 2019 Return code: 0 (0x0) Link to post Share on other sites More sharing options...
kevinf80 Posted July 20, 2019 ID:1323926 Share Posted July 20, 2019 Have the blocks ceased...? Link to post Share on other sites More sharing options...
Aellion Posted July 20, 2019 Author ID:1323928 Share Posted July 20, 2019 The pop-ups did stop! Mucho gracias! As logs are abacadabra for me could you please explain what we just did and what for infection I had? Also is this now completely resolved? Can I delete the programs downloaded etc...? Thanks alot for your help! Regards, Link to post Share on other sites More sharing options...
kevinf80 Posted July 20, 2019 ID:1323931 Share Posted July 20, 2019 Hello again Aellion, The infection was some kind off hijacker that makes outbound calls from your PC to its website, Malwarebytes did its job and blocked those calls. We successfully removed the infection with FRST. I`m not 100% sure where the infection came from but be aware P2P programs and applications are are known prime conduit for such infections. To clean up: Right click on FRST here: C:\Users\Lordgoofox\Desktop\FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator" If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST64 to uninstall That action will remove FRST and all created files and folders... Next, Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2 Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/ From there you should be good to go... Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner? Take care and surf safe Kevin... Link to post Share on other sites More sharing options...
kevinf80 Posted July 26, 2019 ID:1325394 Share Posted July 26, 2019 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts