Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC remains slow


  • This topic is locked This topic is locked
26 replies to this topic

#1 zochar

zochar

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 May 2018 - 08:28 AM

Hello,

 

My PC runs terribly slow.  I already used programslike Malwarebytes, ADwCleaner, esetsmart,... as shown in this link https://www.bleepingcomputer.com/forums/t/677470/pc-slow-overall/

 

Here are te logs from FRST

 

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 16.05.2018 01
Gestart door Jo (Beheerder) op JO-HP (20-05-2018 15:09:34)
Gestart vanaf C:\Users\Jo\Downloads
Geladen Profielen: Jo (Beschikbare Profielen: Jo & DefaultAppPool)
Platform: Windows 10 Home Versie 1709 16299.431 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-10-10] (EasyBits Software Corp.)
GroupPolicyScripts: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1
Tcpip\..\Interfaces\{6804d81e-2a68-46be-b33c-7cc5f393d16b}: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
URLSearchHook: HKU\S-1-5-21-415329193-230498918-4009263626-1001 - (Geen Naam) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - Geen bestand
SearchScopes: HKLM -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-05-18] (Microsoft Corporation)
BHO: Geen Naam -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Geen bestand
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-22] (RealPlayer)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://login.concentra.be/dana-cached/sc/JuniperSetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Geen bestand
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mbr9n78x.default-1456174220050-1526116072094
FF ProfilePath: C:\Users\Jo\AppData\Roaming\TomTom\HOME\Profiles\ppjyqv67.default [2011-07-10]
FF Extension: (Geen Naam) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [niet gevonden]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default [2018-05-19]
FF Extension: (DOM Inspector) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\inspector@mozilla.org [2014-12-18] [Verouderd] [ niet getekend]
FF Extension: (ChatZilla) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2014-12-16] [Verouderd] [ niet getekend]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 [2018-05-20]
FF Homepage: Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 -> www.google.be
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Geen bestand]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-22]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [nkkjbngicajdaliiaidnjpafflglkjhb] - C:\ProgramData\Bcool\nkkjbngicajdaliiaidnjpafflglkjhb.crx <niet gevonden>

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-05-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Bestand niet getekend]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
S4 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-03-11] ()
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-15] (PDF Complete Inc)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-15] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-07] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-07] (Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-02-19] (GFI Software)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-20] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-07] (Microsoft Corporation)
U3 idsvc; geen ImagePath

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2018-05-20 15:09 - 2018-05-20 15:17 - 000019516 _____ C:\Users\Jo\Downloads\FRST.txt
2018-05-20 15:08 - 2018-05-20 15:09 - 000000000 ____D C:\FRST
2018-05-20 15:07 - 2018-05-20 15:07 - 002413056 _____ (Farbar) C:\Users\Jo\Downloads\FRST64.exe
2018-05-20 14:46 - 2018-05-20 14:46 - 019709440 _____ (Luis Cobian, CobianSoft) C:\Users\Jo\Downloads\cbSetup.exe
2018-05-20 13:35 - 2018-05-20 13:35 - 000002018 _____ C:\Users\Public\Desktop\ESET Veilig internetbankieren.lnk
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\Program Files\ESET
2018-05-20 12:51 - 2018-05-20 13:00 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer(1).exe
2018-05-20 12:49 - 2018-05-20 12:49 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-05-20 10:38 - 2018-05-20 10:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{B4172FED-8007-4F75-BA0A-8019143FA9F6}
2018-05-19 20:39 - 2018-05-19 20:39 - 000021874 _____ C:\Users\Jo\Desktop\install.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000990 _____ C:\Users\Jo\Desktop\startup.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000524 _____ C:\Users\Jo\Desktop\startup2.txt
2018-05-19 20:26 - 2018-05-19 20:26 - 000002434 _____ C:\Users\Jo\Desktop\eset2.txt
2018-05-19 16:16 - 2018-05-19 16:28 - 1889579317 _____ C:\Users\Jo\Downloads\wetransfer-453dd0.zip
2018-05-19 12:26 - 2018-05-19 10:20 - 010394578 _____ C:\Users\Jo\Desktop\cafecafe_teaser_CL.mp4
2018-05-19 12:26 - 2018-05-19 10:20 - 010320477 _____ C:\Users\Jo\Desktop\cafecafe_teaser_ZW.mp4
2018-05-19 12:20 - 2018-05-19 12:21 - 020715382 _____ C:\Users\Jo\Downloads\wetransfer-daf9c7.zip
2018-05-19 10:43 - 2018-05-19 10:43 - 000000000 ____D C:\Users\Jo\AppData\Local\{18ABB502-982A-4642-AD41-9468B343014B}
2018-05-18 21:02 - 2018-05-18 21:02 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(2).exe
2018-05-18 20:18 - 2018-05-18 20:18 - 000000000 ____D C:\Users\Jo\AppData\Local\{0FF1559B-C708-4C96-8B08-CBFEE2439D7B}
2018-05-18 15:44 - 2018-05-18 15:59 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(1).exe
2018-05-18 15:12 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Desktop\gorporotzak.rar
2018-05-18 13:07 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Downloads\gorporotzak.rar
2018-05-18 12:06 - 2018-05-19 17:15 - 000000000 ____D C:\Users\Jo\Desktop\Nieuwe map
2018-05-16 22:10 - 2018-05-16 22:10 - 000000000 ____D C:\Users\Jo\AppData\Roaming\ESET
2018-05-16 11:31 - 2018-05-16 11:31 - 000000000 ____D C:\Users\Jo\AppData\Local\{81790DC4-9611-4210-AA94-EBD7876B0239}
2018-05-15 21:49 - 2018-05-15 21:49 - 000000000 ____D C:\Users\Jo\Desktop\BEKIJKEN
2018-05-15 20:40 - 2018-05-15 20:40 - 000000000 ____D C:\Users\Jo\AppData\Local\ESET
2018-05-15 20:36 - 2018-05-15 20:36 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu.exe
2018-05-15 20:31 - 2018-05-15 20:31 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer.exe
2018-05-15 20:28 - 2018-05-15 20:28 - 000000000 ____D C:\Users\Jo\AppData\Local\Notepad++
2018-05-15 20:27 - 2018-05-15 20:27 - 000001090 _____ C:\Users\Public\Desktop\Notepad++.lnk
2018-05-15 20:26 - 2018-05-15 20:26 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\Jo\Downloads\npp.7.5.6.Installer.exe
2018-05-15 20:11 - 2018-05-15 20:11 - 000003601 _____ C:\Users\Jo\Desktop\AdwCleaner[C00].txt
2018-05-15 19:46 - 2018-05-15 19:46 - 007271632 _____ (Malwarebytes) C:\Users\Jo\Downloads\AdwCleaner.exe
2018-05-15 19:45 - 2018-05-15 19:45 - 000003964 _____ C:\Users\Jo\Desktop\Log Malwarebytes.CLP
2018-05-15 19:43 - 2018-05-15 19:43 - 000046344 _____ C:\Users\Jo\Downloads\Clipboard-Viewer.zip
2018-05-14 22:35 - 2018-05-20 14:07 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-14 22:35 - 2018-05-14 22:35 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-14 22:35 - 2018-05-14 22:35 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-14 22:35 - 2018-05-14 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-14 22:34 - 2018-05-14 22:34 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-14 22:34 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-14 22:33 - 2018-05-14 22:33 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522(1).exe
2018-05-14 22:22 - 2018-05-14 22:23 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2018-05-14 15:31 - 2018-05-14 15:32 - 000000000 ____D C:\Users\Jo\AppData\Local\{7EDCF4EC-AF27-44F5-8903-126A897C7CA3}
2018-05-12 23:47 - 2018-05-12 23:47 - 000000000 ____D C:\Users\Jo\AppData\Local\{F347EE64-CE2D-456E-83F2-E5E33F7A52A0}
2018-05-12 11:08 - 2018-05-12 11:08 - 000000000 ____D C:\Users\Jo\Desktop\Oude Firefox-gegevens
2018-05-12 10:57 - 2018-05-12 10:57 - 036734360 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Setup 60.0.exe
2018-05-12 10:53 - 2018-05-18 12:31 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-12 10:53 - 2018-05-12 11:03 - 000001218 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-05-12 10:47 - 2018-05-12 10:47 - 000313624 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Installer.exe
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks opzij.html
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks extra.html
2018-05-12 10:39 - 2018-05-12 10:39 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks boven.html
2018-05-12 01:09 - 2018-05-20 13:55 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-12 01:05 - 2018-05-12 01:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-12 01:04 - 2018-05-12 01:04 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320(1).exe
2018-05-12 00:57 - 2018-05-12 00:57 - 000000000 ____D C:\Users\Jo\AppData\Roaming\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Users\Jo\AppData\Local\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-11 23:56 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2018-05-11 23:53 - 2018-05-11 23:54 - 012229768 _____ (VS Revo Group ) C:\Users\Jo\Downloads\RevoUninProSetup.exe
2018-05-11 23:15 - 2018-05-11 23:15 - 000221662 _____ C:\Users\Jo\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2018-05-11 21:24 - 2018-05-11 21:24 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-10 12:25 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-10 12:25 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-10 12:25 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-10 12:25 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-10 12:25 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-10 12:25 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-10 12:25 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-10 12:25 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-10 12:25 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-10 12:25 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-10 12:25 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-10 12:25 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-10 12:25 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-10 12:25 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-10 12:25 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-10 12:25 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-10 12:25 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-10 12:25 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-10 12:25 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-10 12:25 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-10 12:25 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-10 12:25 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-10 12:25 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-10 12:25 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-10 12:25 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-10 12:25 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-10 12:24 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-10 12:24 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-10 12:24 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-10 12:24 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-10 12:24 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-10 12:24 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-10 12:24 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-10 12:24 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-10 12:24 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-10 12:24 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-10 12:24 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-10 12:24 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-10 12:24 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-10 12:24 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-10 12:24 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-10 12:24 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-10 12:24 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-10 12:24 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-10 12:24 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-10 12:24 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-10 12:24 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-10 12:24 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-10 12:24 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-10 12:24 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-10 12:24 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-10 12:24 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-10 12:24 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-10 12:24 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-10 12:24 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-10 12:24 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-10 12:24 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-10 12:24 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-10 12:24 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-10 12:24 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-10 12:24 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-10 12:24 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-10 12:24 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-10 12:23 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-10 12:23 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-10 12:23 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-10 12:23 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-10 12:23 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-10 12:23 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-10 12:23 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-10 12:23 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-10 12:23 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-10 12:23 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-10 12:23 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-10 12:23 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-10 12:23 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-10 12:23 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-10 12:23 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-10 12:23 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-10 12:23 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-10 12:23 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-10 12:23 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-10 12:23 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-10 12:23 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-10 12:23 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-10 12:23 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-10 12:23 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-10 12:23 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-10 12:23 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-10 12:23 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-10 12:23 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-10 12:23 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-10 12:23 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-10 12:23 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-10 12:23 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-10 12:23 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-10 12:23 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-10 12:23 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-10 12:23 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-10 12:23 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-10 12:23 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-10 12:23 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-10 12:22 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-10 12:22 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-10 12:22 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-10 12:22 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-10 12:22 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-10 12:22 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-10 12:22 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-10 12:22 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-10 12:22 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-10 12:22 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-10 12:22 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-10 12:22 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-10 12:22 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-10 12:22 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-10 12:22 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-07 20:48 - 2018-05-07 20:48 - 073524488 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.5006.exe
2018-05-07 16:43 - 2018-05-07 16:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-07 16:15 - 2018-05-07 16:15 - 000000000 ____D C:\Users\Jo\AppData\Local\{2DB6AB69-6642-491D-AF93-85367A6629D2}
2018-05-06 12:07 - 2018-05-06 12:08 - 000000000 ____D C:\Users\Jo\AppData\Local\{53A37AB9-3673-4C08-8547-06739890F837}
2018-05-06 00:07 - 2018-05-06 00:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{80023CD4-C05C-4BCE-A193-E19D63106879}
2018-05-05 12:07 - 2018-05-05 12:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{47EC2EAD-0D83-41B1-83E7-031A18E2B14C}
2018-05-04 07:44 - 2018-05-04 07:44 - 000000000 ____D C:\Users\Jo\AppData\Local\{FE691A53-C8DB-4DEC-AA2E-086E0E9CEE3C}
2018-05-03 11:16 - 2018-05-03 11:16 - 000000000 ____D C:\Users\Jo\AppData\Local\{4609EB91-8353-41A3-986D-A65B6EFA6E1F}
2018-05-02 13:35 - 2018-05-02 13:35 - 000000000 ____D C:\Users\Jo\AppData\Local\{F216096A-8CC7-476F-AF43-E2BAB27DB29C}
2018-05-01 12:24 - 2018-05-01 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{09CE5054-3321-4ED1-BFEF-36A1B2D6E255}
2018-05-01 00:24 - 2018-05-01 00:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{9880017D-E459-46C6-9158-AA9B96462623}
2018-04-30 12:24 - 2018-04-30 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{48FDEEB9-2540-4256-959D-30E4C1C228C2}
2018-04-29 12:14 - 2018-04-29 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{C897AE3C-8AC6-4ED6-9E8A-C97B2D095D3E}
2018-04-29 00:14 - 2018-04-29 00:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{1841F072-BDD7-4882-942A-AC65CE9C2411}
2018-04-28 12:13 - 2018-04-28 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{7A010D62-D7A2-46E3-9039-A4A38CFECCF3}
2018-04-27 12:52 - 2018-04-27 12:52 - 000000000 ____D C:\Users\Jo\AppData\Local\{70B59A5F-D846-4C78-B941-AE78B9086341}
2018-04-25 10:37 - 2018-04-26 19:01 - 000000000 ____D C:\Users\Jo\AppData\Local\{0F2F505E-4AA0-475B-AFC0-F8D1486DF97E}
2018-04-24 22:37 - 2018-04-24 22:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{EA13E18D-2E70-470A-83FA-0018C5BC58DC}
2018-04-24 10:37 - 2018-04-24 10:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{FBA02216-9606-4090-94AC-E8813BA383B0}
2018-04-23 18:38 - 2018-04-23 18:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{301E9A1E-9EFE-429C-9A87-937DA69520E9}
2018-04-23 06:38 - 2018-04-23 06:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{CBFFF121-8AE3-454D-85CB-C1985CAA9468}
2018-04-22 12:13 - 2018-04-22 12:13 - 000000000 ____D C:\Users\Jo\AppData\Local\{A8F1ADC8-E15A-40F0-95AE-828FCC9D7422}
2018-04-21 22:18 - 2018-04-21 22:18 - 000000000 ____D C:\Users\Jo\AppData\Local\{8A8BFB90-20F4-4F61-8D98-8163C32F2CC2}
2018-04-21 10:17 - 2018-04-21 10:17 - 000000000 ____D C:\Users\Jo\AppData\Local\{2AC3248B-FD72-4152-8C7D-A9EE814858AE}
2018-04-20 21:50 - 2018-04-20 21:50 - 000000000 ____D C:\Users\Jo\AppData\Local\{A57C5C45-D032-44EC-8BFF-929A1C2A7B56}
2018-04-20 09:50 - 2018-04-20 09:50 - 000000000 ____D C:\Users\Jo\AppData\Local\{6B93180C-2C54-442E-A562-B5B561A9881E}

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2018-05-20 15:17 - 2018-04-12 19:02 - 000000000 ____D C:\$WINDOWS.~BT
2018-05-20 15:16 - 2017-12-10 19:24 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-20 14:47 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-20 14:14 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 14:13 - 2017-12-11 23:09 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{561A3659-DFCB-40E9-81A4-5F062B058A7E}
2018-05-20 14:08 - 2016-11-20 13:35 - 000000000 ____D C:\Users\Jo\AppData\LocalLow\Mozilla
2018-05-20 14:06 - 2017-12-11 23:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 14:06 - 2017-10-05 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-20 14:06 - 2016-11-19 16:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-20 14:06 - 2012-05-04 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-20 14:06 - 2012-01-22 19:11 - 000000000 ____D C:\Program Files (x86)\Pando Networks
2018-05-20 14:05 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-20 14:02 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-20 13:58 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-20 13:54 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2018-05-20 13:40 - 2018-03-04 21:04 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-20 13:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-20 12:49 - 2017-12-11 22:32 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-20 12:44 - 2017-12-11 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-20 12:34 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-19 23:51 - 2014-06-25 12:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-19 23:47 - 2015-01-14 14:45 - 000000000 ____D C:\Users\Jo\AppData\Local\Adobe
2018-05-19 23:24 - 2016-02-13 15:12 - 000000000 ____D C:\WINDOWS\ShellNew
2018-05-19 22:35 - 2012-11-04 15:02 - 000000000 ____D C:\Program Files (x86)\QuickTime
2018-05-19 22:35 - 2011-07-11 22:20 - 000000000 ____D C:\ProgramData\Apple Computer
2018-05-19 22:10 - 2011-03-28 23:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-19 22:03 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-05-19 21:57 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files\Windows Live
2018-05-19 21:24 - 2017-12-11 23:09 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-415329193-230498918-4009263626-1001
2018-05-19 21:07 - 2017-12-11 22:33 - 000000000 ____D C:\Users\Jo
2018-05-19 19:56 - 2011-12-28 19:51 - 000000000 ____D C:\Users\Jo\Desktop\EMILE
2018-05-19 19:53 - 2016-02-05 00:34 - 000000000 ____D C:\Program Files (x86)\uTorrent
2018-05-18 11:32 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-18 11:28 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-18 11:28 - 2014-05-15 00:18 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-05-18 11:25 - 2012-10-18 19:38 - 000000000 ____D C:\Program Files\Microsoft Office
2018-05-16 22:34 - 2015-10-29 11:51 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Getprivate VPN
2018-05-15 20:29 - 2013-01-18 20:54 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Notepad++
2018-05-15 20:27 - 2013-01-18 20:54 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-05-15 19:49 - 2015-01-15 22:38 - 000000000 ____D C:\AdwCleaner
2018-05-14 22:59 - 2013-12-26 22:46 - 000000000 ____D C:\VoidLauncher
2018-05-14 22:34 - 2011-06-07 21:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-14 17:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-14 14:40 - 2016-02-09 23:02 - 000000000 ____D C:\Users\Jo\Documents\Cubase Projects
2018-05-12 20:41 - 2012-02-29 16:24 - 000000000 ____D C:\Program Files (x86)\Your Product
2018-05-12 20:41 - 2010-10-10 14:51 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-05-12 20:30 - 2012-06-10 14:20 - 000000000 ____D C:\Program Files (x86)\Cracked Steam
2018-05-12 20:14 - 2012-09-19 20:16 - 000000000 ____D C:\Games
2018-05-12 16:03 - 2017-03-19 15:26 - 000000000 ____D C:\Users\Jo\Desktop\ROTZAK
2018-05-12 16:03 - 2016-04-18 17:03 - 000000000 ____D C:\Users\Jo\Desktop\fiets
2018-05-12 00:55 - 2016-07-11 12:54 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-05-12 00:55 - 2014-07-05 16:36 - 000000000 ____D C:\Users\Jo\AppData\Local\Reflector
2018-05-12 00:55 - 2012-01-18 21:46 - 000000000 ____D C:\ProgramData\Skype
2018-05-12 00:31 - 2016-04-18 17:13 - 000000000 ___RD C:\Users\Jo\3D Objects
2018-05-12 00:30 - 2011-04-17 22:56 - 000000000 ___RD C:\Users\Jo\Desktop\JO
2018-05-12 00:13 - 2015-02-13 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-12 00:13 - 2013-02-08 18:12 - 000000000 ____D C:\Program Files (x86)\Image-Line
2018-05-12 00:11 - 2015-02-13 18:12 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-05-12 00:10 - 2010-10-10 14:45 - 000000000 ____D C:\ProgramData\Symantec
2018-05-12 00:08 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-11 23:50 - 2017-12-11 22:23 - 005102568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-11 23:17 - 2011-03-30 13:33 - 000000000 ____D C:\Users\Jo\AppData\Local\ElevatedDiagnostics
2018-05-11 23:03 - 2017-12-11 22:34 - 000000000 ____D C:\Users\Jo\AppData\Local\Packages
2018-05-11 22:46 - 2011-07-11 22:19 - 000000000 ____D C:\ProgramData\Apple
2018-05-11 22:30 - 2010-10-10 14:37 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-05-11 22:30 - 2010-10-10 14:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-11 22:30 - 2010-10-10 14:31 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-11 22:28 - 2011-03-28 22:59 - 000000000 ____D C:\Users\Jo\AppData\Local\Hewlett-Packard
2018-05-11 22:28 - 2010-10-10 14:35 - 000000000 ____D C:\ProgramData\Temp
2018-05-11 22:09 - 2016-07-11 12:52 - 000000000 ____D C:\ProgramData\Panda Security
2018-05-11 22:08 - 2014-06-26 12:54 - 000000223 _____ C:\Users\Jo\BullseyeCoverageError.txt
2018-05-11 22:08 - 2013-04-25 16:55 - 000000000 ____D C:\Users\Jo\AppData\Local\Unity
2018-05-11 22:05 - 2016-07-11 12:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Panda Security
2018-05-11 22:00 - 2011-11-25 13:57 - 000000000 ____D C:\Program Files (x86)\PokerStars.BE
2018-05-11 21:52 - 2011-11-25 13:57 - 000000000 ____D C:\Users\Jo\AppData\Local\PokerStars.BE
2018-05-11 21:47 - 2010-10-10 14:32 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-05-11 21:45 - 2011-05-01 18:48 - 000000000 ____D C:\Users\Jo\AppData\Roaming\hpqLog
2018-05-11 21:31 - 2012-02-03 21:15 - 000000000 ____D C:\Users\Jo\AppData\Local\MCEdit
2018-05-11 20:13 - 2015-03-23 22:23 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Spotify
2018-05-11 20:12 - 2017-07-28 20:19 - 000000000 ____D C:\Users\Jo\AppData\Local\Spotify
2018-05-10 21:10 - 2017-12-11 22:27 - 002525284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-10 21:10 - 2017-09-30 16:32 - 001125254 _____ C:\WINDOWS\system32\perfh013.dat
2018-05-10 21:10 - 2017-09-30 16:32 - 000264930 _____ C:\WINDOWS\system32\perfc013.dat
2018-05-10 21:09 - 2016-02-13 15:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-10 17:02 - 2013-08-15 23:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 16:52 - 2017-10-12 07:25 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 16:51 - 2011-05-12 19:23 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-10 12:35 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-10 12:34 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-10 12:33 - 2015-09-19 14:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Audacity
2018-05-09 12:04 - 2013-02-19 22:39 - 000000000 ____D C:\Users\Jo\AppData\Local\adawarebp
2018-05-07 22:00 - 2011-06-07 21:22 - 000000000 ____D C:\ProgramData\Lavasoft
2018-05-07 16:43 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-05-07 16:24 - 2011-06-06 18:37 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-06 12:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-30 13:15 - 2017-03-14 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's

==================== Bestanden in de root van sommige mappen =======

2013-06-27 12:33 - 2014-06-22 22:33 - 000003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-11-09 20:25 - 2012-01-20 14:01 - 001355776 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVBVM50.DLL
2012-04-02 11:18 - 2012-04-02 11:22 - 099402530 _____ () C:\Users\Jo\AppData\Roaming\.minecraft.rar
2011-07-10 12:53 - 2011-09-02 07:31 - 000001854 _____ () C:\Users\Jo\AppData\Roaming\GhostObjGAFix.xml
2012-05-17 18:03 - 2012-05-17 18:03 - 000059369 _____ () C:\Users\Jo\AppData\Roaming\Jo3SQLite3.dll
2005-04-08 04:16 - 2012-05-17 19:24 - 000008413 ____H () C:\Users\Jo\AppData\Roaming\Jolog.dat
2012-11-08 17:38 - 2013-02-17 14:35 - 000703117 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar
2012-11-08 17:38 - 2012-12-16 16:19 - 000581642 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar.bak
2014-03-19 21:24 - 2014-03-19 21:24 - 000000863 _____ () C:\Users\Jo\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2018-05-18 15:18

==================== Eind van FRST.txt ============================

 

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 16.05.2018 01
Gestart door Jo (20-05-2018 15:19:38)
Gestart vanaf C:\Users\Jo\Downloads
Windows 10 Home Versie 1709 16299.431 (X64) (2017-12-11 21:10:55)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-415329193-230498918-4009263626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-415329193-230498918-4009263626-503 - Limited - Disabled)
Gast (S-1-5-21-415329193-230498918-4009263626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-415329193-230498918-4009263626-1002 - Limited - Enabled)
Jo (S-1-5-21-415329193-230498918-4009263626-1001 - Administrator - Enabled) => C:\Users\Jo
WDAGUtilityAccount (S-1-5-21-415329193-230498918-4009263626-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVG PC TuneUp 2014 (nl-NL) (HKLM-x32\...\{555E1FDF-9BF4-4943-BF75-C7DE98F7CF8A}) (Version: 14.0.1001.489 - AVG) Hidden
Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
eID Web Browser Middleware (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\eID Web Browser Middleware) (Version: 1.1.9 - e-Contract.be BVBA)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
Free WAV to MP3 Converter (HKLM-x32\...\Free WAV to MP3 Converter) (Version: 1.01 - Polaris-Software.com)
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Power Assistant (HKLM\...\{371FFC40-FA09-4E42-AFFD-62258C724BBF}) (Version: 1.1.1.5 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Share-to-Web (HKLM-x32\...\{748F4870-8350-11D3-B0BF-080009FB4A19}) (Version:  - )
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F283E29B-0B9B-492B-A4BF-5585D996E5AF}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
H-Series_Multi_Track_ASIO64 (HKLM\...\{2071332E-57E9-44AC-AD43-E72B069CC576}) (Version: 1.0.0.14 - ZOOM)
iExplorer 3.6.3.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Juniper Networks Host Checker (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Neoteris_Host_Checker) (Version: 7.4.0.30731 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Juniper_Setup_Client) (Version: 7.4.10.45165 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Malwarebytes versie 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Media converter (HKLM-x32\...\{729E66B3-1B80-4F3F-8D19-342A89631E1A}_is1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Mozilla Firefox 60.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 60.0.1 (x86 nl)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA 3D Vision controllerstuurprogramma 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9793 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.3 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncroSoft Emu (Remove only) (HKLM-x32\...\SyncroSoft Emu) (Version:  - )
Syncrosoft's License Control (HKLM-x32\...\Syncrosoft's License Control) (Version:  - Syncrosoft Hard- Und Software GmbH)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
UE3Redist (HKLM-x32\...\{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games) Hidden
UE3Redist (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
Unibet Poker version 2.5.0 (HKLM-x32\...\{E0DBCF0E-0758-4EDD-A7F1-A7BCA19ED37D}_is1) (Version: 2.5.0 - Relax Gaming Ltd.)
USB PC Camera-168 (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1206.106 - Sonix)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{BEA06A39-583D-486E-A3EB-2A434ED45940}) (Version: 1.9.10 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.9.10 - Yamaha Corporation)
YAMAHA THR Editor (HKLM-x32\...\{ECC6D4D5-EBD7-4117-BBA1-B76D93DD2A76}) (Version: 1.1.0 - Yamaha Corporation)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0393ED70-A426-4301-B038-0345D6C8D8B0} - System32\Tasks\{168B95EB-1DC4-41DC-9980-D3A267503636} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\Brick+Force+Hacks+Activator+and+Installer+Software.exe -d C:\Users\Jo\Desktop
Task: {05671178-FB8A-4071-B640-C46CE1BEF231} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A8BC0A8-C078-47A0-B38D-AD47957E4BA3} - System32\Tasks\{69331790-8071-415F-9FA6-AF9557439B29} => C:\Windows\system32\pcalua.exe -a "C:\Left 4 Dead 2\bin\addoninstaller.exe" -d "C:\Left 4 Dead 2\left4dead2\addons" -c C:\LEFT4D~1\LEFT4D~1\addons\DEATHC~1.VPK
Task: {0ADCFB6E-3ED0-4C5A-B255-B939742F3B33} - System32\Tasks\{324CC961-C442-4735-B676-CB34E4CCD362} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NCH Software\Switch\uninst.exe"
Task: {0AF32BE6-EA22-4EE2-820F-3EC69F6FC2AF} - System32\Tasks\{9BE8D3A6-CCBC-405D-B9AF-0AF8C60804C3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Addon Pack Installer.exe" -d C:\Users\Jo\Desktop
Task: {0BFFDDB0-947C-4484-AB93-640A12E163F1} - System32\Tasks\HPCeeScheduleForJO-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {0D68D6F3-74CA-43E1-877D-963172EB346D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-18] (Microsoft Corporation)
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F0EC3DD-EB84-41D2-B80A-6E04A3117F6C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {10E3FE64-ACA7-4E2B-A025-FE874BEF7E25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-13] (Adobe Systems Incorporated)
Task: {128E6F21-D0BA-4F7C-923A-EE975A24DAD8} - System32\Tasks\{07915808-E4BE-41D3-AF52-91AF40798708} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\gmod_9_0_4(1).exe -d C:\Users\Jo\Desktop
Task: {1427E3FA-0F5B-42CC-93AB-49C9A12B0BEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {16CCD989-A5D1-4A57-928D-CF1DE30B968B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1ED82B30-795E-4DDE-9F77-F5F143CF27B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {2514872B-7536-41F2-B4D5-56B72C719C4D} - System32\Tasks\{CC6E0155-0096-4A12-A37F-1A39F748DD9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Too Many Items Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2A00AC8A-C923-470D-8C0F-E845065CA4D2} - System32\Tasks\{55256250-BA29-476B-B1F5-162108FA7026} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {2AB820B2-886F-47CF-9490-A3AE93E045E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT
Task: {2CB47397-48EA-4C9F-AA02-BA1F01B54AFF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {2D0AA399-A1DF-4382-B125-F4CC22866F63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {2D9255BD-A97B-40E2-9F07-257EC49C45EE} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2DD82799-BC45-4CDE-95AA-BC450BD65D88} - System32\Tasks\{7E72A818-4631-4C2C-9946-D2D45B3941C8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C2048-CFFD-4340-9B3E-961475E86A80} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {33C859EA-3619-4C04-A7AA-CD0E6E7FEFE8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {35B1E687-C0A1-4BC3-8A30-1A25EAD35DF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {35D8EEB5-F313-47BE-A98D-A74381982F7C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D17F9CE-39D7-4EA4-B2D4-8F63C66568E9} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {453A236A-56DC-4149-B60F-8FF4B3037144} - System32\Tasks\{474BD07B-4D43-4AB5-A4D0-2E163685F2AE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Minions Mod Installer.exe" -d C:\Users\Jo\Desktop
Task: {45711822-BB72-44F5-B909-4F5179991EBB} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {45DB0286-1161-4192-B6F4-43BC81AD44C8} - System32\Tasks\{EE10459C-E07F-41E6-B580-0E985D27127D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Better Than Wolves Installer.exe" -d C:\Users\Jo\Desktop
Task: {4799EDF6-4F14-4451-8400-386936CE8DD5} - System32\Tasks\{933E2A31-8315-4940-BB65-4FC3072103F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Map and Texture Installer.exe" -d C:\Users\Jo\Desktop
Task: {4C6BB161-9CBB-42AA-A100-94DDC67A9057} - System32\Tasks\HP-Online updateprogramma => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {4D6FDA01-991A-451A-BC12-DD82366CD07B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5495A431-8285-4EF5-B706-7A5F59144B38} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {57329E8F-A9B9-401C-8945-FFE6CE971B76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {5C9165E6-586D-444A-BDF5-F96D8B7FE590} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT
Task: {63BE13FF-196D-466C-9A28-E78650018F2D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {66EF1EF2-191D-4A40-A9AE-34100098583B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {6765BC3F-EBE8-48D6-80AD-810D86E5DBB3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {6C08DD23-2AB3-46EF-A809-6B8A2FB48B67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {6DC4DF62-D8B2-48F6-B593-4AEC03D3D386} - System32\Tasks\{FB66AFFB-911B-48F8-B840-6D926575F36E} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {71DF1C5E-427E-4B8C-B6CD-1A07D4B9F64F} - System32\Tasks\{3C8D1373-5A59-447D-805D-B8DA898E02C9} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\AppData\Local\Roblox\Versions\version-9a11ba172314428c\RobloxPlayerLauncher.exe -c -uninstall
Task: {74813D0A-68A3-4779-A397-BADA3497659E} - System32\Tasks\{BC680E54-181B-4238-A4E1-1BE8E6C46EA4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Portal Gun Mod Installer 1.exe" -d C:\Users\Jo\Desktop
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {765BFA3F-0E38-48A5-889C-4A698A061018} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {78B68D21-F8BD-4448-BA18-B3B7B8A0506D} - System32\Tasks\{E5005B0D-2030-480A-8EED-9B42E24D912A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\PowerCraft Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E68B1FA-FA0F-4C7E-A13B-85CA45EEEA6A} - System32\Tasks\{EB9F1255-F250-4D24-B7D5-AF6EECA43FEE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Maxthon\Bin\Mx3Uninstall.exe"
Task: {7F187C20-E39C-414D-A16E-9C86B73F2F5E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {80E52670-6BE3-454D-98E0-799863D9CA62} - System32\Tasks\{1614415E-B8BE-4A92-8231-AFBB3581B2D8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.1.0.179.161/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86113B87-2729-42F0-A6D5-AF82AC5C0F3D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {88229494-16BA-4F33-968E-E7E87CF9F728} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {88233ADA-67D9-4A14-8DA7-298B192384E4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {89DC2FCE-C191-40DA-87D1-21902D66C44F} - System32\Tasks\{780C857C-28B4-46E6-9574-E3F82DB789F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {8A7485F7-E25F-4D61-868F-20158765B1AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {8B0FF95C-A33A-46A4-81FA-599586C09B80} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {8B7D2786-6E19-42E1-B9F2-406316F0CE5E} - System32\Tasks\{93CCD580-4F16-4DD9-9AD8-91CD19355452} => C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
Task: {8D84C51B-5255-4F86-8D89-9FE706855BE8} - System32\Tasks\{263976D2-4629-4287-B052-F0744DAC410A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\CJB Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {8F440A31-A305-4740-9CB9-CF0E8DA20C24} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {92239D3E-AC1E-4282-A4B7-95922BD3F588} - System32\Tasks\{0F7F4510-1CA0-4941-B5DC-E2A0C546FA5F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/219640
Task: {9600597F-8675-4394-9999-18926D8D1191} - System32\Tasks\{1877E92C-D702-4807-9CB8-1F8A1AC6F7F2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-\Call of Duty 5 fulll game.part1.exe" -d "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-"
Task: {9B275FCF-1434-46BC-B015-57AAC19FAD32} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F823EDA-3AA3-4322-ACBD-C990D843FE13} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {9F96232A-BEE1-4C7F-AADA-A971D2DFAD26} - System32\Tasks\{F4334C95-6960-4C72-9700-4B862E1326CA} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\gmod_9_0_4.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A5C335E9-2370-4AFA-AF8B-CD4980BF013F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {A7AF03A7-016B-4953-B902-D045386393F5} - System32\Tasks\Google Update => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A8A293D3-0037-4662-918F-0070285CDB75} - System32\Tasks\HPCeeScheduleForJo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A8E73696-1156-4E16-BD14-082B5D4B3AAB} - System32\Tasks\{144B934D-ECD6-4D31-BA15-3FEE6E781905} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {A97DFB7A-C994-435A-8320-F0092A0CC924} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {AC296AA1-4C21-4F51-B1F3-A459A0389207} - System32\Tasks\{943B7DB0-6871-454A-8927-49C1ACEA2311} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010"
Task: {AC417BCC-0BE2-41A0-8D3C-03A685C93DFA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C26B651E-0339-4E1C-9709-4809577FE9A6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C64E2255-03C1-4A33-A8DC-15799ADDB745} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C87158CF-BEA6-4EC0-A460-C8982ABC1BC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {C9870C46-1FB7-475D-B387-1C8F27161CE7} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {CB4D1143-D334-4174-96AB-408ECB5D69B0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CB58AF2E-98F0-4C3D-B5CE-6E6ABA0EC151} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT
Task: {DB63A411-0C37-45C8-A635-23A8F69BCD4C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {DDE1448C-2CD0-4A03-8F53-9FE129E75759} - System32\Tasks\{13881B29-719A-44F5-8C19-B20A3A3B8FCB} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Half-Life 2\Install.exe" -d "C:\Users\Jo\Downloads\Half-Life 2"
Task: {E323E965-2306-4FD9-B9B7-30A404832574} - System32\Tasks\{E8A386BE-6542-4293-A942-046978FBDD98} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Vogster Entertainment\CrimeCraft\uninstall.exe"
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E9B8BD7F-970A-476B-9EEA-7E4DB46B21B6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {EA98EDDB-7192-455A-8948-79F59EB54407} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EDF1DE0A-8BE5-4F77-9044-26813F93236B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {F06045AF-4567-457A-B486-2541A158B0DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {F06A4D59-91DB-411E-8F6A-22BEF0C804B3} - System32\Tasks\{171E7D74-FEF9-450C-A73B-7F08CB7AB251} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\SKD Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {F364F3C9-B6B9-4FE8-957A-AA03CC4D951E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F4346E46-08D6-4264-BD6E-473029AF6245} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F5209FEA-4367-45DD-B37D-6F0B3AC94D64} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F6E526E3-06F8-4A28-8A1C-22B60DD82908} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FA85FFA9-BA1F-4D55-AE01-AD0732CC5083} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {FB0A9A75-C505-4F9F-9A0D-62C9423B8FA0} - System32\Tasks\{86942974-2B18-417B-94F7-6475BEA648E1} => C:\Windows\system32\pcalua.exe -a G:\steambackup2.EXE -d G:\
Task: {FB435F40-2825-444B-9850-C88E79C1089A} - System32\Tasks\{2C364E6F-0E9C-4347-AB5A-16C02BDCAB91} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\Adaware_Installer.exe -d "C:\Program Files (x86)\Lavasoft\Ad-Aware"
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJO-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


==================== Geladen Modules (gefilterd) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-05 12:12 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-09 12:38 - 2012-09-18 16:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2017-10-05 12:12 - 2012-09-18 16:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2018-05-14 22:34 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-05-14 22:34 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-15 11:24 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-15 11:23 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-19 12:51 - 2018-05-19 13:01 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
AlternateDataStreams: C:\ProgramData\Temp:EAD001CC [128]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\sharepoint.com -> hxxps://sintangela-files.sharepoint.com

==================== Hosts inhoud: ===============================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Bureaubladachtergrond van Windows Live Photo Gallery.jpg
DNS Servers: 4.4.4.2 - 195.130.131.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

MSCONFIG\startupreg: H2O => C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe
HKLM\...\StartupApproved\StartupFolder: => "Snapfish PictureMover.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "hpsysdrv"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "Share-to-Web Namespace Daemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PDF Complete"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "HPAdvisorDock"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [TCP Query User{E390F3BE-041C-4324-981E-2C54FE4F6297}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AD6B6A1C-037A-4976-917D-28DAF3ABF668}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6A8FC79F-EB61-4517-9529-04CAF8CEDFA0}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E2B49390-F8EC-4F18-BFB1-7CD69E6C9C90}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{32E68893-4C0E-4668-893E-67B8BE959EB3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5C6AD616-DD80-4659-8371-34345F1DDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{032AB17A-DD28-4C9B-BC8D-3CC29526F668}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4EF06EC7-F581-4B4B-89F3-7FA28064C70D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2B7D790B-E717-4182-A54F-69A875A80B42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6AFDEFE0-B407-4F90-9D98-E1C981FC11DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB04FCCB-9612-4BA6-8DC5-8517E97E2CE3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C07D1AF1-9C4C-49DD-A737-5B65DC59801C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FC5E049-4EF9-48E7-8170-7E4DD7FCA40F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBEFA7CF-C4B1-4CB3-A3A6-5BBB75CBDCE9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A5876EE-3551-4321-AA4E-38D6660C9818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{426A08CB-C810-4F07-B385-6FE795114B31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FBD50D13-EF39-4664-B735-51E9875B1748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3034DEB-4364-4AB3-9632-EAE09DA9EF5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7324EDF4-3670-4EB0-A700-04A91A5BA4FE}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8EFD77DB-A482-4878-BE1F-841D2626DF02}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{849E02E7-73B9-487E-8ADA-3DD69425BC39}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EF6587A3-6C84-4E58-BBB6-9956500CE34D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DA98BA07-6B29-4CF9-9A33-544BAB6B8B57}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6162A4D5-32EB-4371-BDCB-A0F3E984AD27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9ADFFA9F-D32C-4E54-8080-22208C01EC99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{08F9ED33-0A5F-4E6A-88E8-D6A7B3D9F840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39C81CD5-D9EF-4500-B327-384D6BC45081}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Herstelpunten =========================

14-05-2018 18:23:13 Gepland controlepunt
19-05-2018 20:48:05 Removed ESET Security
19-05-2018 21:27:20 Removed Windows Media Player Firefox Plugin
19-05-2018 21:42:43 Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen is verwijderd
19-05-2018 21:52:55 WLSetup
19-05-2018 22:04:50 WLSetup
19-05-2018 22:11:13 Removed QuickTime 7
19-05-2018 23:14:50 Removed LibreOffice 3.6
19-05-2018 23:33:19 Removed Java SE Development Kit 7 Update 11
19-05-2018 23:40:15 Removed Java 8 Update 111

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (05/20/2018 02:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x2490
Starttijd van toepassing met fout: 0x01d3f037336a6530
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 7bf713bc-0bbd-40f2-801a-722998dea669
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:36:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x11ec
Starttijd van toepassing met fout: 0x01d3f0372b3b0812
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 08b8fb98-48b1-4f14-aa6b-eef53668d407
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x22e0
Starttijd van toepassing met fout: 0x01d3f0372153d91f
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: b1449e2c-e4ea-4394-8d2d-f433bdfa7ea1
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1edc
Starttijd van toepassing met fout: 0x01d3f037169c1cea
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: be63be14-23e5-4f51-9023-262020b2314b
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1a88
Starttijd van toepassing met fout: 0x01d3f0370ebcb9c9
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 113a3c6d-9e0b-4689-9981-a53fc895ef2a
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x22cc
Starttijd van toepassing met fout: 0x01d3f03707c4f911
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: bcf82876-8e60-4c60-a129-b895da9cace6
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:34:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1f44
Starttijd van toepassing met fout: 0x01d3f036f51dcddb
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 3d62c89c-73a8-448a-bb4a-1c36a55781d1
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:34:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1d50
Starttijd van toepassing met fout: 0x01d3f036eca8f018
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: a0207ddc-c223-4372-97dd-4c80bcb46721
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:


Systeemfouten:
=============
Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.


CodeIntegrity:
===================================

Date: 2018-05-18 15:44:20.640
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:20.385
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:19.408
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:19.020
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:18.750
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:18.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:43:53.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:43:42.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Geheugen info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage geheugen in gebruik: 80%
Totaal fysiek RAM-geheugen: 1975.11 MB
Beschikbaar fysiek RAM-geheugen: 391.2 MB
Totaal Virtueel geheugen: 5975.11 MB
Beschikbaar Virtueel geheugen: 3042.29 MB

==================== Schijven ================================

Drive c: (OS) (Fixed) (Total:915.94 GB) (Free:578.96 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.64 GB) (Free:1.79 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]

\\?\Volume{562966c3-59c8-11e0-8c2b-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{404d85cf-0000-0000-0000-8002e5000000}\ () (Fixed) (Total:0.83 GB) (Free:0.46 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 404D85CF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)
Partition 4: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)

==================== Eind van Addition.txt ============================

 

 

 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:43 PM

Posted 20 May 2018 - 08:53 AM

Greetings zochar and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

I would like to get the FRST reports in English so that it is easier for me to review. Please right click on the FRST icon, select Rename, and rename it to FRSTenglish or FRST64english depending on which version you are using. Be sure to copy and paste both documents in your reply using multiple posts if necessary.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 May 2018 - 09:02 AM

Hello Gary,

 

Thanks for your fast reply. Here are the logs in english

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jo (administrator) on JO-HP (20-05-2018 15:57:40)
Running from C:\Users\Jo\Downloads
Loaded Profiles: Jo (Available Profiles: Jo & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\9eaee87abab23b313c5b7697b9a103ad\WindowsUpdateBox.exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Jo\Downloads\FRST64english.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-10-10] (EasyBits Software Corp.)
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1
Tcpip\..\Interfaces\{6804d81e-2a68-46be-b33c-7cc5f393d16b}: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
URLSearchHook: HKU\S-1-5-21-415329193-230498918-4009263626-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-05-18] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-22] (RealPlayer)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://login.concentra.be/dana-cached/sc/JuniperSetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
 


Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 16.05.2018 01
Gestart door Jo (20-05-2018 15:40:15)
Gestart vanaf C:\Users\Jo\Downloads
Windows 10 Home Versie 1709 16299.431 (X64) (2017-12-11 21:10:55)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-415329193-230498918-4009263626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-415329193-230498918-4009263626-503 - Limited - Disabled)
Gast (S-1-5-21-415329193-230498918-4009263626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-415329193-230498918-4009263626-1002 - Limited - Enabled)
Jo (S-1-5-21-415329193-230498918-4009263626-1001 - Administrator - Enabled) => C:\Users\Jo
WDAGUtilityAccount (S-1-5-21-415329193-230498918-4009263626-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVG PC TuneUp 2014 (nl-NL) (HKLM-x32\...\{555E1FDF-9BF4-4943-BF75-C7DE98F7CF8A}) (Version: 14.0.1001.489 - AVG) Hidden
Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
eID Web Browser Middleware (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\eID Web Browser Middleware) (Version: 1.1.9 - e-Contract.be BVBA)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
Free WAV to MP3 Converter (HKLM-x32\...\Free WAV to MP3 Converter) (Version: 1.01 - Polaris-Software.com)
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Power Assistant (HKLM\...\{371FFC40-FA09-4E42-AFFD-62258C724BBF}) (Version: 1.1.1.5 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Share-to-Web (HKLM-x32\...\{748F4870-8350-11D3-B0BF-080009FB4A19}) (Version:  - )
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F283E29B-0B9B-492B-A4BF-5585D996E5AF}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
H-Series_Multi_Track_ASIO64 (HKLM\...\{2071332E-57E9-44AC-AD43-E72B069CC576}) (Version: 1.0.0.14 - ZOOM)
iExplorer 3.6.3.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Juniper Networks Host Checker (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Neoteris_Host_Checker) (Version: 7.4.0.30731 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Juniper_Setup_Client) (Version: 7.4.10.45165 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Malwarebytes versie 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Media converter (HKLM-x32\...\{729E66B3-1B80-4F3F-8D19-342A89631E1A}_is1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Mozilla Firefox 60.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 60.0.1 (x86 nl)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA 3D Vision controllerstuurprogramma 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9793 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.3 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncroSoft Emu (Remove only) (HKLM-x32\...\SyncroSoft Emu) (Version:  - )
Syncrosoft's License Control (HKLM-x32\...\Syncrosoft's License Control) (Version:  - Syncrosoft Hard- Und Software GmbH)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
UE3Redist (HKLM-x32\...\{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games) Hidden
UE3Redist (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
Unibet Poker version 2.5.0 (HKLM-x32\...\{E0DBCF0E-0758-4EDD-A7F1-A7BCA19ED37D}_is1) (Version: 2.5.0 - Relax Gaming Ltd.)
USB PC Camera-168 (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1206.106 - Sonix)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{BEA06A39-583D-486E-A3EB-2A434ED45940}) (Version: 1.9.10 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.9.10 - Yamaha Corporation)
YAMAHA THR Editor (HKLM-x32\...\{ECC6D4D5-EBD7-4117-BBA1-B76D93DD2A76}) (Version: 1.1.0 - Yamaha Corporation)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Geen bestand
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0393ED70-A426-4301-B038-0345D6C8D8B0} - System32\Tasks\{168B95EB-1DC4-41DC-9980-D3A267503636} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\Brick+Force+Hacks+Activator+and+Installer+Software.exe -d C:\Users\Jo\Desktop
Task: {05671178-FB8A-4071-B640-C46CE1BEF231} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A8BC0A8-C078-47A0-B38D-AD47957E4BA3} - System32\Tasks\{69331790-8071-415F-9FA6-AF9557439B29} => C:\Windows\system32\pcalua.exe -a "C:\Left 4 Dead 2\bin\addoninstaller.exe" -d "C:\Left 4 Dead 2\left4dead2\addons" -c C:\LEFT4D~1\LEFT4D~1\addons\DEATHC~1.VPK
Task: {0ADCFB6E-3ED0-4C5A-B255-B939742F3B33} - System32\Tasks\{324CC961-C442-4735-B676-CB34E4CCD362} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NCH Software\Switch\uninst.exe"
Task: {0AF32BE6-EA22-4EE2-820F-3EC69F6FC2AF} - System32\Tasks\{9BE8D3A6-CCBC-405D-B9AF-0AF8C60804C3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Addon Pack Installer.exe" -d C:\Users\Jo\Desktop
Task: {0BFFDDB0-947C-4484-AB93-640A12E163F1} - System32\Tasks\HPCeeScheduleForJO-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {0D68D6F3-74CA-43E1-877D-963172EB346D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-18] (Microsoft Corporation)
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F0EC3DD-EB84-41D2-B80A-6E04A3117F6C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {10E3FE64-ACA7-4E2B-A025-FE874BEF7E25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-13] (Adobe Systems Incorporated)
Task: {128E6F21-D0BA-4F7C-923A-EE975A24DAD8} - System32\Tasks\{07915808-E4BE-41D3-AF52-91AF40798708} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\gmod_9_0_4(1).exe -d C:\Users\Jo\Desktop
Task: {1427E3FA-0F5B-42CC-93AB-49C9A12B0BEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {16CCD989-A5D1-4A57-928D-CF1DE30B968B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1ED82B30-795E-4DDE-9F77-F5F143CF27B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {2514872B-7536-41F2-B4D5-56B72C719C4D} - System32\Tasks\{CC6E0155-0096-4A12-A37F-1A39F748DD9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Too Many Items Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2A00AC8A-C923-470D-8C0F-E845065CA4D2} - System32\Tasks\{55256250-BA29-476B-B1F5-162108FA7026} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {2AB820B2-886F-47CF-9490-A3AE93E045E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT
Task: {2CB47397-48EA-4C9F-AA02-BA1F01B54AFF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {2D0AA399-A1DF-4382-B125-F4CC22866F63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {2D9255BD-A97B-40E2-9F07-257EC49C45EE} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2DD82799-BC45-4CDE-95AA-BC450BD65D88} - System32\Tasks\{7E72A818-4631-4C2C-9946-D2D45B3941C8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C2048-CFFD-4340-9B3E-961475E86A80} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {33C859EA-3619-4C04-A7AA-CD0E6E7FEFE8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {35B1E687-C0A1-4BC3-8A30-1A25EAD35DF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {35D8EEB5-F313-47BE-A98D-A74381982F7C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D17F9CE-39D7-4EA4-B2D4-8F63C66568E9} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {453A236A-56DC-4149-B60F-8FF4B3037144} - System32\Tasks\{474BD07B-4D43-4AB5-A4D0-2E163685F2AE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Minions Mod Installer.exe" -d C:\Users\Jo\Desktop
Task: {45711822-BB72-44F5-B909-4F5179991EBB} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {45DB0286-1161-4192-B6F4-43BC81AD44C8} - System32\Tasks\{EE10459C-E07F-41E6-B580-0E985D27127D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Better Than Wolves Installer.exe" -d C:\Users\Jo\Desktop
Task: {4799EDF6-4F14-4451-8400-386936CE8DD5} - System32\Tasks\{933E2A31-8315-4940-BB65-4FC3072103F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Map and Texture Installer.exe" -d C:\Users\Jo\Desktop
Task: {4C6BB161-9CBB-42AA-A100-94DDC67A9057} - System32\Tasks\HP-Online updateprogramma => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {4D6FDA01-991A-451A-BC12-DD82366CD07B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5495A431-8285-4EF5-B706-7A5F59144B38} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {57329E8F-A9B9-401C-8945-FFE6CE971B76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {5C9165E6-586D-444A-BDF5-F96D8B7FE590} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT
Task: {63BE13FF-196D-466C-9A28-E78650018F2D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {66EF1EF2-191D-4A40-A9AE-34100098583B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {6765BC3F-EBE8-48D6-80AD-810D86E5DBB3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {6C08DD23-2AB3-46EF-A809-6B8A2FB48B67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {6DC4DF62-D8B2-48F6-B593-4AEC03D3D386} - System32\Tasks\{FB66AFFB-911B-48F8-B840-6D926575F36E} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {71DF1C5E-427E-4B8C-B6CD-1A07D4B9F64F} - System32\Tasks\{3C8D1373-5A59-447D-805D-B8DA898E02C9} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\AppData\Local\Roblox\Versions\version-9a11ba172314428c\RobloxPlayerLauncher.exe -c -uninstall
Task: {74813D0A-68A3-4779-A397-BADA3497659E} - System32\Tasks\{BC680E54-181B-4238-A4E1-1BE8E6C46EA4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Portal Gun Mod Installer 1.exe" -d C:\Users\Jo\Desktop
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {765BFA3F-0E38-48A5-889C-4A698A061018} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {78B68D21-F8BD-4448-BA18-B3B7B8A0506D} - System32\Tasks\{E5005B0D-2030-480A-8EED-9B42E24D912A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\PowerCraft Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E68B1FA-FA0F-4C7E-A13B-85CA45EEEA6A} - System32\Tasks\{EB9F1255-F250-4D24-B7D5-AF6EECA43FEE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Maxthon\Bin\Mx3Uninstall.exe"
Task: {7F187C20-E39C-414D-A16E-9C86B73F2F5E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {80E52670-6BE3-454D-98E0-799863D9CA62} - System32\Tasks\{1614415E-B8BE-4A92-8231-AFBB3581B2D8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.1.0.179.161/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86113B87-2729-42F0-A6D5-AF82AC5C0F3D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {88229494-16BA-4F33-968E-E7E87CF9F728} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {88233ADA-67D9-4A14-8DA7-298B192384E4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {89DC2FCE-C191-40DA-87D1-21902D66C44F} - System32\Tasks\{780C857C-28B4-46E6-9574-E3F82DB789F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {8A7485F7-E25F-4D61-868F-20158765B1AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {8B0FF95C-A33A-46A4-81FA-599586C09B80} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {8B7D2786-6E19-42E1-B9F2-406316F0CE5E} - System32\Tasks\{93CCD580-4F16-4DD9-9AD8-91CD19355452} => C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
Task: {8D84C51B-5255-4F86-8D89-9FE706855BE8} - System32\Tasks\{263976D2-4629-4287-B052-F0744DAC410A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\CJB Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {8F440A31-A305-4740-9CB9-CF0E8DA20C24} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {92239D3E-AC1E-4282-A4B7-95922BD3F588} - System32\Tasks\{0F7F4510-1CA0-4941-B5DC-E2A0C546FA5F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/219640
Task: {9600597F-8675-4394-9999-18926D8D1191} - System32\Tasks\{1877E92C-D702-4807-9CB8-1F8A1AC6F7F2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-\Call of Duty 5 fulll game.part1.exe" -d "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-"
Task: {9B275FCF-1434-46BC-B015-57AAC19FAD32} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F823EDA-3AA3-4322-ACBD-C990D843FE13} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {9F96232A-BEE1-4C7F-AADA-A971D2DFAD26} - System32\Tasks\{F4334C95-6960-4C72-9700-4B862E1326CA} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\gmod_9_0_4.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A5C335E9-2370-4AFA-AF8B-CD4980BF013F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {A7AF03A7-016B-4953-B902-D045386393F5} - System32\Tasks\Google Update => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A8A293D3-0037-4662-918F-0070285CDB75} - System32\Tasks\HPCeeScheduleForJo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A8E73696-1156-4E16-BD14-082B5D4B3AAB} - System32\Tasks\{144B934D-ECD6-4D31-BA15-3FEE6E781905} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {A97DFB7A-C994-435A-8320-F0092A0CC924} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {AC296AA1-4C21-4F51-B1F3-A459A0389207} - System32\Tasks\{943B7DB0-6871-454A-8927-49C1ACEA2311} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010"
Task: {AC417BCC-0BE2-41A0-8D3C-03A685C93DFA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C26B651E-0339-4E1C-9709-4809577FE9A6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C64E2255-03C1-4A33-A8DC-15799ADDB745} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C87158CF-BEA6-4EC0-A460-C8982ABC1BC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {C9870C46-1FB7-475D-B387-1C8F27161CE7} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {CB4D1143-D334-4174-96AB-408ECB5D69B0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CB58AF2E-98F0-4C3D-B5CE-6E6ABA0EC151} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT
Task: {DB63A411-0C37-45C8-A635-23A8F69BCD4C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {DDE1448C-2CD0-4A03-8F53-9FE129E75759} - System32\Tasks\{13881B29-719A-44F5-8C19-B20A3A3B8FCB} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Half-Life 2\Install.exe" -d "C:\Users\Jo\Downloads\Half-Life 2"
Task: {E323E965-2306-4FD9-B9B7-30A404832574} - System32\Tasks\{E8A386BE-6542-4293-A942-046978FBDD98} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Vogster Entertainment\CrimeCraft\uninstall.exe"
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E9B8BD7F-970A-476B-9EEA-7E4DB46B21B6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {EA98EDDB-7192-455A-8948-79F59EB54407} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EDF1DE0A-8BE5-4F77-9044-26813F93236B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {F06045AF-4567-457A-B486-2541A158B0DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {F06A4D59-91DB-411E-8F6A-22BEF0C804B3} - System32\Tasks\{171E7D74-FEF9-450C-A73B-7F08CB7AB251} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\SKD Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {F364F3C9-B6B9-4FE8-957A-AA03CC4D951E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F4346E46-08D6-4264-BD6E-473029AF6245} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F5209FEA-4367-45DD-B37D-6F0B3AC94D64} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F6E526E3-06F8-4A28-8A1C-22B60DD82908} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FA85FFA9-BA1F-4D55-AE01-AD0732CC5083} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {FB0A9A75-C505-4F9F-9A0D-62C9423B8FA0} - System32\Tasks\{86942974-2B18-417B-94F7-6475BEA648E1} => C:\Windows\system32\pcalua.exe -a G:\steambackup2.EXE -d G:\
Task: {FB435F40-2825-444B-9850-C88E79C1089A} - System32\Tasks\{2C364E6F-0E9C-4347-AB5A-16C02BDCAB91} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\Adaware_Installer.exe -d "C:\Program Files (x86)\Lavasoft\Ad-Aware"
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJO-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


==================== Geladen Modules (gefilterd) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-05 12:12 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-09 12:38 - 2012-09-18 16:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2017-10-05 12:12 - 2012-09-18 16:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2018-05-14 22:34 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-05-14 22:34 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-15 11:24 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-15 11:23 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
AlternateDataStreams: C:\ProgramData\Temp:EAD001CC [128]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\sharepoint.com -> hxxps://sintangela-files.sharepoint.com

==================== Hosts inhoud: ===============================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Bureaubladachtergrond van Windows Live Photo Gallery.jpg
DNS Servers: 4.4.4.2 - 195.130.131.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

MSCONFIG\startupreg: H2O => C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe
HKLM\...\StartupApproved\StartupFolder: => "Snapfish PictureMover.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "hpsysdrv"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "Share-to-Web Namespace Daemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PDF Complete"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "HPAdvisorDock"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [TCP Query User{E390F3BE-041C-4324-981E-2C54FE4F6297}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AD6B6A1C-037A-4976-917D-28DAF3ABF668}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6A8FC79F-EB61-4517-9529-04CAF8CEDFA0}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E2B49390-F8EC-4F18-BFB1-7CD69E6C9C90}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{32E68893-4C0E-4668-893E-67B8BE959EB3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5C6AD616-DD80-4659-8371-34345F1DDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{032AB17A-DD28-4C9B-BC8D-3CC29526F668}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4EF06EC7-F581-4B4B-89F3-7FA28064C70D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2B7D790B-E717-4182-A54F-69A875A80B42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6AFDEFE0-B407-4F90-9D98-E1C981FC11DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB04FCCB-9612-4BA6-8DC5-8517E97E2CE3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C07D1AF1-9C4C-49DD-A737-5B65DC59801C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FC5E049-4EF9-48E7-8170-7E4DD7FCA40F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBEFA7CF-C4B1-4CB3-A3A6-5BBB75CBDCE9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A5876EE-3551-4321-AA4E-38D6660C9818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{426A08CB-C810-4F07-B385-6FE795114B31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FBD50D13-EF39-4664-B735-51E9875B1748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3034DEB-4364-4AB3-9632-EAE09DA9EF5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7324EDF4-3670-4EB0-A700-04A91A5BA4FE}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8EFD77DB-A482-4878-BE1F-841D2626DF02}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{849E02E7-73B9-487E-8ADA-3DD69425BC39}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EF6587A3-6C84-4E58-BBB6-9956500CE34D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DA98BA07-6B29-4CF9-9A33-544BAB6B8B57}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6162A4D5-32EB-4371-BDCB-A0F3E984AD27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9ADFFA9F-D32C-4E54-8080-22208C01EC99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{08F9ED33-0A5F-4E6A-88E8-D6A7B3D9F840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39C81CD5-D9EF-4500-B327-384D6BC45081}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Herstelpunten =========================

14-05-2018 18:23:13 Gepland controlepunt
19-05-2018 20:48:05 Removed ESET Security
19-05-2018 21:27:20 Removed Windows Media Player Firefox Plugin
19-05-2018 21:42:43 Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen is verwijderd
19-05-2018 21:52:55 WLSetup
19-05-2018 22:04:50 WLSetup
19-05-2018 22:11:13 Removed QuickTime 7
19-05-2018 23:14:50 Removed LibreOffice 3.6
19-05-2018 23:33:19 Removed Java SE Development Kit 7 Update 11
19-05-2018 23:40:15 Removed Java 8 Update 111

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (05/20/2018 02:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x2490
Starttijd van toepassing met fout: 0x01d3f037336a6530
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 7bf713bc-0bbd-40f2-801a-722998dea669
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:36:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x11ec
Starttijd van toepassing met fout: 0x01d3f0372b3b0812
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 08b8fb98-48b1-4f14-aa6b-eef53668d407
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x22e0
Starttijd van toepassing met fout: 0x01d3f0372153d91f
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: b1449e2c-e4ea-4394-8d2d-f433bdfa7ea1
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1edc
Starttijd van toepassing met fout: 0x01d3f037169c1cea
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: be63be14-23e5-4f51-9023-262020b2314b
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1a88
Starttijd van toepassing met fout: 0x01d3f0370ebcb9c9
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 113a3c6d-9e0b-4689-9981-a53fc895ef2a
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x22cc
Starttijd van toepassing met fout: 0x01d3f03707c4f911
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: bcf82876-8e60-4c60-a129-b895da9cace6
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:34:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1f44
Starttijd van toepassing met fout: 0x01d3f036f51dcddb
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 3d62c89c-73a8-448a-bb4a-1c36a55781d1
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/20/2018 02:34:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1d50
Starttijd van toepassing met fout: 0x01d3f036eca8f018
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: a0207ddc-c223-4372-97dd-4c80bcb46721
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:


Systeemfouten:
=============
Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 en APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/20/2018 02:08:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.


CodeIntegrity:
===================================

Date: 2018-05-18 15:44:20.640
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:20.385
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:19.408
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:19.020
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:18.750
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:44:18.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:43:53.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 15:43:42.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Geheugen info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage geheugen in gebruik: 78%
Totaal fysiek RAM-geheugen: 1975.11 MB
Beschikbaar fysiek RAM-geheugen: 415.87 MB
Totaal Virtueel geheugen: 5975.11 MB
Beschikbaar Virtueel geheugen: 2846.57 MB

==================== Schijven ================================

Drive c: (OS) (Fixed) (Total:915.94 GB) (Free:578.99 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.64 GB) (Free:1.79 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]

\\?\Volume{562966c3-59c8-11e0-8c2b-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{404d85cf-0000-0000-0000-8002e5000000}\ () (Fixed) (Total:0.83 GB) (Free:0.46 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 404D85CF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)
Partition 4: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)

==================== Eind van Addition.txt ============================



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:43 PM

Posted 20 May 2018 - 09:07 AM

Thank you for the new report.

Please allow me some time to review the information. It is possible another person will be assisting me so you may not get a reply before you retire for the evening. Thank you for your patience and understanding.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 20 May 2018 - 11:24 AM

Hi zochar

I will be working with Gary to get your logs analyzed.
Please give me some time to look it over and I will get back to you as soon as possible.

Member of the Bleeping Computer A.I.I. early response team!


#6 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 20 May 2018 - 11:44 AM

Hi

Could you please repost the first log as it is cut off.
 


Member of the Bleeping Computer A.I.I. early response team!


#7 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 20 May 2018 - 01:05 PM

Hello, this one?

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jo (administrator) on JO-HP (20-05-2018 15:57:40)
Running from C:\Users\Jo\Downloads
Loaded Profiles: Jo (Available Profiles: Jo & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\9eaee87abab23b313c5b7697b9a103ad\WindowsUpdateBox.exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Jo\Downloads\FRST64english.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-10-10] (EasyBits Software Corp.)
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1
Tcpip\..\Interfaces\{6804d81e-2a68-46be-b33c-7cc5f393d16b}: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
URLSearchHook: HKU\S-1-5-21-415329193-230498918-4009263626-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-05-18] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-22] (RealPlayer)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://login.concentra.be/dana-cached/sc/JuniperSetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mbr9n78x.default-1456174220050-1526116072094
FF ProfilePath: C:\Users\Jo\AppData\Roaming\TomTom\HOME\Profiles\ppjyqv67.default [2011-07-10]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default [2018-05-19]
FF Extension: (DOM Inspector) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\inspector@mozilla.org [2014-12-18] [Legacy] [not signed]
FF Extension: (ChatZilla) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2014-12-16] [Legacy] [not signed]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 [2018-05-20]
FF Homepage: Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 -> www.google.be
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-22]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [nkkjbngicajdaliiaidnjpafflglkjhb] - C:\ProgramData\Bcool\nkkjbngicajdaliiaidnjpafflglkjhb.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-05-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
S4 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-03-11] ()
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-15] (PDF Complete Inc)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-15] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-07] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-02-19] (GFI Software)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-20] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-07] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-20 15:19 - 2018-05-20 15:42 - 000067940 _____ C:\Users\Jo\Downloads\Addition.txt
2018-05-20 15:09 - 2018-05-20 16:02 - 000019736 _____ C:\Users\Jo\Downloads\FRST.txt
2018-05-20 15:08 - 2018-05-20 15:57 - 000000000 ____D C:\FRST
2018-05-20 15:07 - 2018-05-20 15:07 - 002413056 _____ (Farbar) C:\Users\Jo\Downloads\FRST64english.exe
2018-05-20 14:46 - 2018-05-20 14:46 - 019709440 _____ (Luis Cobian, CobianSoft) C:\Users\Jo\Downloads\cbSetup.exe
2018-05-20 13:35 - 2018-05-20 13:35 - 000002018 _____ C:\Users\Public\Desktop\ESET Veilig internetbankieren.lnk
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\Program Files\ESET
2018-05-20 12:51 - 2018-05-20 13:00 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer(1).exe
2018-05-20 12:49 - 2018-05-20 12:49 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-05-20 10:38 - 2018-05-20 10:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{B4172FED-8007-4F75-BA0A-8019143FA9F6}
2018-05-19 20:39 - 2018-05-19 20:39 - 000021874 _____ C:\Users\Jo\Desktop\install.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000990 _____ C:\Users\Jo\Desktop\startup.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000524 _____ C:\Users\Jo\Desktop\startup2.txt
2018-05-19 20:26 - 2018-05-19 20:26 - 000002434 _____ C:\Users\Jo\Desktop\eset2.txt
2018-05-19 16:16 - 2018-05-19 16:28 - 1889579317 _____ C:\Users\Jo\Downloads\wetransfer-453dd0.zip
2018-05-19 12:26 - 2018-05-19 10:20 - 010394578 _____ C:\Users\Jo\Desktop\cafecafe_teaser_CL.mp4
2018-05-19 12:26 - 2018-05-19 10:20 - 010320477 _____ C:\Users\Jo\Desktop\cafecafe_teaser_ZW.mp4
2018-05-19 12:20 - 2018-05-19 12:21 - 020715382 _____ C:\Users\Jo\Downloads\wetransfer-daf9c7.zip
2018-05-19 10:43 - 2018-05-19 10:43 - 000000000 ____D C:\Users\Jo\AppData\Local\{18ABB502-982A-4642-AD41-9468B343014B}
2018-05-18 21:02 - 2018-05-18 21:02 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(2).exe
2018-05-18 20:18 - 2018-05-18 20:18 - 000000000 ____D C:\Users\Jo\AppData\Local\{0FF1559B-C708-4C96-8B08-CBFEE2439D7B}
2018-05-18 15:44 - 2018-05-18 15:59 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(1).exe
2018-05-18 15:12 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Desktop\gorporotzak.rar
2018-05-18 13:07 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Downloads\gorporotzak.rar
2018-05-18 12:06 - 2018-05-19 17:15 - 000000000 ____D C:\Users\Jo\Desktop\Nieuwe map
2018-05-16 22:10 - 2018-05-16 22:10 - 000000000 ____D C:\Users\Jo\AppData\Roaming\ESET
2018-05-16 11:31 - 2018-05-16 11:31 - 000000000 ____D C:\Users\Jo\AppData\Local\{81790DC4-9611-4210-AA94-EBD7876B0239}
2018-05-15 21:49 - 2018-05-15 21:49 - 000000000 ____D C:\Users\Jo\Desktop\BEKIJKEN
2018-05-15 20:40 - 2018-05-15 20:40 - 000000000 ____D C:\Users\Jo\AppData\Local\ESET
2018-05-15 20:36 - 2018-05-15 20:36 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu.exe
2018-05-15 20:31 - 2018-05-15 20:31 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer.exe
2018-05-15 20:28 - 2018-05-15 20:28 - 000000000 ____D C:\Users\Jo\AppData\Local\Notepad++
2018-05-15 20:27 - 2018-05-15 20:27 - 000001090 _____ C:\Users\Public\Desktop\Notepad++.lnk
2018-05-15 20:26 - 2018-05-15 20:26 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\Jo\Downloads\npp.7.5.6.Installer.exe
2018-05-15 20:11 - 2018-05-15 20:11 - 000003601 _____ C:\Users\Jo\Desktop\AdwCleaner[C00].txt
2018-05-15 19:46 - 2018-05-15 19:46 - 007271632 _____ (Malwarebytes) C:\Users\Jo\Downloads\AdwCleaner.exe
2018-05-15 19:45 - 2018-05-15 19:45 - 000003964 _____ C:\Users\Jo\Desktop\Log Malwarebytes.CLP
2018-05-15 19:43 - 2018-05-15 19:43 - 000046344 _____ C:\Users\Jo\Downloads\Clipboard-Viewer.zip
2018-05-14 22:35 - 2018-05-20 14:07 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-14 22:35 - 2018-05-20 14:07 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-14 22:35 - 2018-05-14 22:35 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-14 22:35 - 2018-05-14 22:35 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-14 22:35 - 2018-05-14 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-14 22:34 - 2018-05-14 22:34 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-14 22:34 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-14 22:33 - 2018-05-14 22:33 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522(1).exe
2018-05-14 22:22 - 2018-05-14 22:23 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2018-05-14 15:31 - 2018-05-14 15:32 - 000000000 ____D C:\Users\Jo\AppData\Local\{7EDCF4EC-AF27-44F5-8903-126A897C7CA3}
2018-05-12 23:47 - 2018-05-12 23:47 - 000000000 ____D C:\Users\Jo\AppData\Local\{F347EE64-CE2D-456E-83F2-E5E33F7A52A0}
2018-05-12 11:08 - 2018-05-12 11:08 - 000000000 ____D C:\Users\Jo\Desktop\Oude Firefox-gegevens
2018-05-12 10:57 - 2018-05-12 10:57 - 036734360 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Setup 60.0.exe
2018-05-12 10:53 - 2018-05-18 12:31 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-12 10:53 - 2018-05-12 11:03 - 000001218 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-05-12 10:47 - 2018-05-12 10:47 - 000313624 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Installer.exe
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks opzij.html
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks extra.html
2018-05-12 10:39 - 2018-05-12 10:39 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks boven.html
2018-05-12 01:09 - 2018-05-20 13:55 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-12 01:05 - 2018-05-12 01:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-12 01:04 - 2018-05-12 01:04 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320(1).exe
2018-05-12 00:57 - 2018-05-12 00:57 - 000000000 ____D C:\Users\Jo\AppData\Roaming\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Users\Jo\AppData\Local\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-11 23:56 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2018-05-11 23:53 - 2018-05-11 23:54 - 012229768 _____ (VS Revo Group ) C:\Users\Jo\Downloads\RevoUninProSetup.exe
2018-05-11 23:15 - 2018-05-11 23:15 - 000221662 _____ C:\Users\Jo\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2018-05-11 21:24 - 2018-05-11 21:24 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-10 12:25 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-10 12:25 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-10 12:25 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-10 12:25 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-10 12:25 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-10 12:25 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-10 12:25 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-10 12:25 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-10 12:25 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-10 12:25 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-10 12:25 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-10 12:25 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-10 12:25 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-10 12:25 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-10 12:25 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-10 12:25 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-10 12:25 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-10 12:25 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-10 12:25 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-10 12:25 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-10 12:25 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-10 12:25 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-10 12:25 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-10 12:25 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-10 12:25 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-10 12:25 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-10 12:24 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-10 12:24 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-10 12:24 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-10 12:24 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-10 12:24 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-10 12:24 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-10 12:24 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-10 12:24 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-10 12:24 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-10 12:24 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-10 12:24 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-10 12:24 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-10 12:24 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-10 12:24 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-10 12:24 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-10 12:24 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-10 12:24 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-10 12:24 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-10 12:24 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-10 12:24 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-10 12:24 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-10 12:24 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-10 12:24 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-10 12:24 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-10 12:24 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-10 12:24 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-10 12:24 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-10 12:24 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-10 12:24 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-10 12:24 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-10 12:24 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-10 12:24 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-10 12:24 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-10 12:24 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-10 12:24 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-10 12:24 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-10 12:24 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-10 12:23 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-10 12:23 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-10 12:23 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-10 12:23 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-10 12:23 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-10 12:23 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-10 12:23 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-10 12:23 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-10 12:23 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-10 12:23 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-10 12:23 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-10 12:23 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-10 12:23 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-10 12:23 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-10 12:23 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-10 12:23 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-10 12:23 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-10 12:23 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-10 12:23 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-10 12:23 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-10 12:23 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-10 12:23 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-10 12:23 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-10 12:23 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-10 12:23 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-10 12:23 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-10 12:23 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-10 12:23 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-10 12:23 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-10 12:23 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-10 12:23 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-10 12:23 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-10 12:23 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-10 12:23 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-10 12:23 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-10 12:23 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-10 12:23 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-10 12:23 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-10 12:23 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-10 12:22 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-10 12:22 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-10 12:22 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-10 12:22 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-10 12:22 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-10 12:22 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-10 12:22 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-10 12:22 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-10 12:22 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-10 12:22 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-10 12:22 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-10 12:22 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-10 12:22 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-10 12:22 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-10 12:22 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-07 20:48 - 2018-05-07 20:48 - 073524488 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.5006.exe
2018-05-07 16:43 - 2018-05-07 16:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-07 16:15 - 2018-05-07 16:15 - 000000000 ____D C:\Users\Jo\AppData\Local\{2DB6AB69-6642-491D-AF93-85367A6629D2}
2018-05-06 12:07 - 2018-05-06 12:08 - 000000000 ____D C:\Users\Jo\AppData\Local\{53A37AB9-3673-4C08-8547-06739890F837}
2018-05-06 00:07 - 2018-05-06 00:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{80023CD4-C05C-4BCE-A193-E19D63106879}
2018-05-05 12:07 - 2018-05-05 12:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{47EC2EAD-0D83-41B1-83E7-031A18E2B14C}
2018-05-04 07:44 - 2018-05-04 07:44 - 000000000 ____D C:\Users\Jo\AppData\Local\{FE691A53-C8DB-4DEC-AA2E-086E0E9CEE3C}
2018-05-03 11:16 - 2018-05-03 11:16 - 000000000 ____D C:\Users\Jo\AppData\Local\{4609EB91-8353-41A3-986D-A65B6EFA6E1F}
2018-05-02 13:35 - 2018-05-02 13:35 - 000000000 ____D C:\Users\Jo\AppData\Local\{F216096A-8CC7-476F-AF43-E2BAB27DB29C}
2018-05-01 12:24 - 2018-05-01 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{09CE5054-3321-4ED1-BFEF-36A1B2D6E255}
2018-05-01 00:24 - 2018-05-01 00:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{9880017D-E459-46C6-9158-AA9B96462623}
2018-04-30 12:24 - 2018-04-30 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{48FDEEB9-2540-4256-959D-30E4C1C228C2}
2018-04-29 12:14 - 2018-04-29 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{C897AE3C-8AC6-4ED6-9E8A-C97B2D095D3E}
2018-04-29 00:14 - 2018-04-29 00:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{1841F072-BDD7-4882-942A-AC65CE9C2411}
2018-04-28 12:13 - 2018-04-28 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{7A010D62-D7A2-46E3-9039-A4A38CFECCF3}
2018-04-27 12:52 - 2018-04-27 12:52 - 000000000 ____D C:\Users\Jo\AppData\Local\{70B59A5F-D846-4C78-B941-AE78B9086341}
2018-04-25 10:37 - 2018-04-26 19:01 - 000000000 ____D C:\Users\Jo\AppData\Local\{0F2F505E-4AA0-475B-AFC0-F8D1486DF97E}
2018-04-24 22:37 - 2018-04-24 22:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{EA13E18D-2E70-470A-83FA-0018C5BC58DC}
2018-04-24 10:37 - 2018-04-24 10:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{FBA02216-9606-4090-94AC-E8813BA383B0}
2018-04-23 18:38 - 2018-04-23 18:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{301E9A1E-9EFE-429C-9A87-937DA69520E9}
2018-04-23 06:38 - 2018-04-23 06:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{CBFFF121-8AE3-454D-85CB-C1985CAA9468}
2018-04-22 12:13 - 2018-04-22 12:13 - 000000000 ____D C:\Users\Jo\AppData\Local\{A8F1ADC8-E15A-40F0-95AE-828FCC9D7422}
2018-04-21 22:18 - 2018-04-21 22:18 - 000000000 ____D C:\Users\Jo\AppData\Local\{8A8BFB90-20F4-4F61-8D98-8163C32F2CC2}
2018-04-21 10:17 - 2018-04-21 10:17 - 000000000 ____D C:\Users\Jo\AppData\Local\{2AC3248B-FD72-4152-8C7D-A9EE814858AE}
2018-04-20 21:50 - 2018-04-20 21:50 - 000000000 ____D C:\Users\Jo\AppData\Local\{A57C5C45-D032-44EC-8BFF-929A1C2A7B56}
2018-04-20 09:50 - 2018-04-20 09:50 - 000000000 ____D C:\Users\Jo\AppData\Local\{6B93180C-2C54-442E-A562-B5B561A9881E}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-20 15:49 - 2018-04-12 19:02 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-20 15:22 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-20 15:16 - 2017-12-10 19:24 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-20 14:47 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-20 14:14 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 14:13 - 2017-12-11 23:09 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{561A3659-DFCB-40E9-81A4-5F062B058A7E}
2018-05-20 14:08 - 2016-11-20 13:35 - 000000000 ____D C:\Users\Jo\AppData\LocalLow\Mozilla
2018-05-20 14:06 - 2017-12-11 23:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 14:06 - 2017-10-05 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-20 14:06 - 2016-11-19 16:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-20 14:06 - 2012-05-04 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-20 14:06 - 2012-01-22 19:11 - 000000000 ____D C:\Program Files (x86)\Pando Networks
2018-05-20 14:05 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-20 13:58 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-20 13:54 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2018-05-20 13:40 - 2018-03-04 21:04 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-20 13:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-20 12:49 - 2017-12-11 22:32 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-20 12:44 - 2017-12-11 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-20 12:34 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-19 23:51 - 2014-06-25 12:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-19 23:47 - 2015-01-14 14:45 - 000000000 ____D C:\Users\Jo\AppData\Local\Adobe
2018-05-19 23:24 - 2016-02-13 15:12 - 000000000 ____D C:\WINDOWS\ShellNew
2018-05-19 22:35 - 2012-11-04 15:02 - 000000000 ____D C:\Program Files (x86)\QuickTime
2018-05-19 22:35 - 2011-07-11 22:20 - 000000000 ____D C:\ProgramData\Apple Computer
2018-05-19 22:10 - 2011-03-28 23:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-19 22:03 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-05-19 21:57 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files\Windows Live
2018-05-19 21:24 - 2017-12-11 23:09 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-415329193-230498918-4009263626-1001
2018-05-19 21:07 - 2017-12-11 22:33 - 000000000 ____D C:\Users\Jo
2018-05-19 19:56 - 2011-12-28 19:51 - 000000000 ____D C:\Users\Jo\Desktop\EMILE
2018-05-19 19:53 - 2016-02-05 00:34 - 000000000 ____D C:\Program Files (x86)\uTorrent
2018-05-18 11:32 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-18 11:28 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-18 11:28 - 2014-05-15 00:18 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-05-18 11:25 - 2012-10-18 19:38 - 000000000 ____D C:\Program Files\Microsoft Office
2018-05-16 22:34 - 2015-10-29 11:51 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Getprivate VPN
2018-05-15 20:29 - 2013-01-18 20:54 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Notepad++
2018-05-15 20:27 - 2013-01-18 20:54 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-05-15 19:49 - 2015-01-15 22:38 - 000000000 ____D C:\AdwCleaner
2018-05-14 22:59 - 2013-12-26 22:46 - 000000000 ____D C:\VoidLauncher
2018-05-14 22:34 - 2011-06-07 21:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-14 17:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-14 14:40 - 2016-02-09 23:02 - 000000000 ____D C:\Users\Jo\Documents\Cubase Projects
2018-05-12 20:41 - 2012-02-29 16:24 - 000000000 ____D C:\Program Files (x86)\Your Product
2018-05-12 20:41 - 2010-10-10 14:51 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-05-12 20:30 - 2012-06-10 14:20 - 000000000 ____D C:\Program Files (x86)\Cracked Steam
2018-05-12 20:14 - 2012-09-19 20:16 - 000000000 ____D C:\Games
2018-05-12 16:03 - 2017-03-19 15:26 - 000000000 ____D C:\Users\Jo\Desktop\ROTZAK
2018-05-12 16:03 - 2016-04-18 17:03 - 000000000 ____D C:\Users\Jo\Desktop\fiets
2018-05-12 00:55 - 2016-07-11 12:54 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-05-12 00:55 - 2014-07-05 16:36 - 000000000 ____D C:\Users\Jo\AppData\Local\Reflector
2018-05-12 00:55 - 2012-01-18 21:46 - 000000000 ____D C:\ProgramData\Skype
2018-05-12 00:31 - 2016-04-18 17:13 - 000000000 ___RD C:\Users\Jo\3D Objects
2018-05-12 00:30 - 2011-04-17 22:56 - 000000000 ___RD C:\Users\Jo\Desktop\JO
2018-05-12 00:13 - 2015-02-13 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-12 00:13 - 2013-02-08 18:12 - 000000000 ____D C:\Program Files (x86)\Image-Line
2018-05-12 00:11 - 2015-02-13 18:12 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-05-12 00:10 - 2010-10-10 14:45 - 000000000 ____D C:\ProgramData\Symantec
2018-05-12 00:08 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-11 23:50 - 2017-12-11 22:23 - 005102568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-11 23:17 - 2011-03-30 13:33 - 000000000 ____D C:\Users\Jo\AppData\Local\ElevatedDiagnostics
2018-05-11 23:03 - 2017-12-11 22:34 - 000000000 ____D C:\Users\Jo\AppData\Local\Packages
2018-05-11 22:46 - 2011-07-11 22:19 - 000000000 ____D C:\ProgramData\Apple
2018-05-11 22:30 - 2010-10-10 14:37 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-05-11 22:30 - 2010-10-10 14:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-11 22:30 - 2010-10-10 14:31 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-11 22:28 - 2011-03-28 22:59 - 000000000 ____D C:\Users\Jo\AppData\Local\Hewlett-Packard
2018-05-11 22:28 - 2010-10-10 14:35 - 000000000 ____D C:\ProgramData\Temp
2018-05-11 22:09 - 2016-07-11 12:52 - 000000000 ____D C:\ProgramData\Panda Security
2018-05-11 22:08 - 2014-06-26 12:54 - 000000223 _____ C:\Users\Jo\BullseyeCoverageError.txt
2018-05-11 22:08 - 2013-04-25 16:55 - 000000000 ____D C:\Users\Jo\AppData\Local\Unity
2018-05-11 22:05 - 2016-07-11 12:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Panda Security
2018-05-11 22:00 - 2011-11-25 13:57 - 000000000 ____D C:\Program Files (x86)\PokerStars.BE
2018-05-11 21:52 - 2011-11-25 13:57 - 000000000 ____D C:\Users\Jo\AppData\Local\PokerStars.BE
2018-05-11 21:47 - 2010-10-10 14:32 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-05-11 21:45 - 2011-05-01 18:48 - 000000000 ____D C:\Users\Jo\AppData\Roaming\hpqLog
2018-05-11 21:31 - 2012-02-03 21:15 - 000000000 ____D C:\Users\Jo\AppData\Local\MCEdit
2018-05-11 20:13 - 2015-03-23 22:23 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Spotify
2018-05-11 20:12 - 2017-07-28 20:19 - 000000000 ____D C:\Users\Jo\AppData\Local\Spotify
2018-05-10 21:10 - 2017-12-11 22:27 - 002525284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-10 21:10 - 2017-09-30 16:32 - 001125254 _____ C:\WINDOWS\system32\perfh013.dat
2018-05-10 21:10 - 2017-09-30 16:32 - 000264930 _____ C:\WINDOWS\system32\perfc013.dat
2018-05-10 21:09 - 2016-02-13 15:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-10 17:02 - 2013-08-15 23:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 16:52 - 2017-10-12 07:25 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 16:51 - 2011-05-12 19:23 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-10 12:35 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-10 12:34 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-10 12:33 - 2015-09-19 14:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Audacity
2018-05-09 12:04 - 2013-02-19 22:39 - 000000000 ____D C:\Users\Jo\AppData\Local\adawarebp
2018-05-07 22:00 - 2011-06-07 21:22 - 000000000 ____D C:\ProgramData\Lavasoft
2018-05-07 16:43 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-05-07 16:24 - 2011-06-06 18:37 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-06 12:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-30 13:15 - 2017-03-14 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's

==================== Files in the root of some directories =======

2013-06-27 12:33 - 2014-06-22 22:33 - 000003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-11-09 20:25 - 2012-01-20 14:01 - 001355776 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVBVM50.DLL
2012-04-02 11:18 - 2012-04-02 11:22 - 099402530 _____ () C:\Users\Jo\AppData\Roaming\.minecraft.rar
2011-07-10 12:53 - 2011-09-02 07:31 - 000001854 _____ () C:\Users\Jo\AppData\Roaming\GhostObjGAFix.xml
2012-05-17 18:03 - 2012-05-17 18:03 - 000059369 _____ () C:\Users\Jo\AppData\Roaming\Jo3SQLite3.dll
2005-04-08 04:16 - 2012-05-17 19:24 - 000008413 ____H () C:\Users\Jo\AppData\Roaming\Jolog.dat
2012-11-08 17:38 - 2013-02-17 14:35 - 000703117 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar
2012-11-08 17:38 - 2012-12-16 16:19 - 000581642 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar.bak
2014-03-19 21:24 - 2014-03-19 21:24 - 000000863 _____ () C:\Users\Jo\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-18 15:18

==================== End of FRST.txt ============================



#8 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 21 May 2018 - 03:06 PM

Hi zochar
 
Unfortunately there is evidence of illegal software on your computer. I am going to request you completely uninstall Brick Force Hacks Activator and Installer Software, Cracked Steam, Call of Duty 5 fulll game,Call of Duty 5 World at War & Half-Life 2 and any other products for which you do not have a valid Product Key, including all "cracked" software. If you are willing to do that please rerun a FRST scan after removal and copy/paste both reports in your reply. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please run this after removal.

===================================================

CKScanner

--------------------

  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

  • CKScanner report
  • FRST report
  • Addition report

Edited by Slurppa, 21 May 2018 - 03:15 PM.

Member of the Bleeping Computer A.I.I. early response team!


#9 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 22 May 2018 - 02:52 AM

Hi Slurppa,

 

I would like to uninstall those programs, but I can't seem to locate them on my PC.



#10 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 22 May 2018 - 12:29 PM

Hi

 

Good to know. I can help with that.

Please run CKScanner & FRST as I mentioned in my previous post.


Member of the Bleeping Computer A.I.I. early response team!


#11 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 22 May 2018 - 02:23 PM

Hi here arre the logs

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\common files\steinberg\soundframe\vst3 presets\steinberg media technologies\grungelizer\vinyl crackles.vstpreset
c:\program files (x86)\common files\steinberg\soundframe\vst3 presets\steinberg media technologies\studiochorus\chipmunks on crack.vstpreset
c:\program files (x86)\steinberg\cubase 5\track presets\audio\nutcracker synth brass.trackpreset
c:\program files (x86)\steinberg\cubase 5\vst3 presets\steinberg media technologies\grungelizer\vinyl crackles.vstpreset
c:\program files (x86)\steinberg\cubase 5\vst3 presets\steinberg media technologies\studiochorus\chipmunks on crack.vstpreset
c:\windows\softwaredistribution\download\9eaee87abab23b313c5b7697b9a103ad\amd64_openssh-client-package~~amd64~~10.0.17134.1\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17134.1_none_a227092418e9be66\ssh-keygen.exe
scanner sequence 3.BD.11.JHNAPZ
 ----- EOF -----
 


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jo (administrator) on JO-HP (22-05-2018 20:56:32)
Running from C:\Users\Jo\Downloads
Loaded Profiles: Jo (Available Profiles: Jo & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Users\Jo\Downloads\CKScanner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Jo\Downloads\FRST64english.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-10-10] (EasyBits Software Corp.)
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1
Tcpip\..\Interfaces\{6804d81e-2a68-46be-b33c-7cc5f393d16b}: [DhcpNameServer] 4.4.4.2 195.130.131.1 195.130.130.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
URLSearchHook: HKU\S-1-5-21-415329193-230498918-4009263626-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {5C5B96D1-7211-4CA0-8636-6D6F4929F74D} URL = hxxp://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {B90034E2-51C9-4EBF-B882-0A69F92CC946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-415329193-230498918-4009263626-1001 -> {EA920027-4491-4F2D-9B82-D503204115AC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-05-18] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-22] (RealPlayer)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://login.concentra.be/dana-cached/sc/JuniperSetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mbr9n78x.default-1456174220050-1526116072094
FF ProfilePath: C:\Users\Jo\AppData\Roaming\TomTom\HOME\Profiles\ppjyqv67.default [2011-07-10]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default [2018-05-19]
FF Extension: (DOM Inspector) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\inspector@mozilla.org [2014-12-18] [Legacy] [not signed]
FF Extension: (ChatZilla) - C:\Users\Jo\AppData\Roaming\Mozilla\SeaMonkey\Profiles\swnyva8l.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2014-12-16] [Legacy] [not signed]
FF ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 [2018-05-22]
FF Homepage: Mozilla\Firefox\Profiles\mbr9n78x.default-1456174220050-1526116072094 -> www.google.be
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-22] (RealNetworks, Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-415329193-230498918-4009263626-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-22]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [nkkjbngicajdaliiaidnjpafflglkjhb] - C:\ProgramData\Bcool\nkkjbngicajdaliiaidnjpafflglkjhb.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-05-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
S4 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-03-11] ()
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-15] (PDF Complete Inc)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-15] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-07] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-02-19] (GFI Software)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-20] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-05-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-07] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 20:44 - 2018-05-22 20:53 - 000000985 _____ C:\Users\Jo\Desktop\ckfiles.txt
2018-05-22 20:01 - 2018-05-22 20:08 - 000468480 _____ () C:\Users\Jo\Downloads\CKScanner.exe
2018-05-22 09:24 - 2018-05-22 09:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{C47A3950-469D-4758-9AAB-29B018FD8642}
2018-05-21 12:35 - 2018-05-21 12:35 - 000000000 ____D C:\Users\Jo\AppData\Local\{A9E3D710-3816-46E1-A906-E350BA6A38D0}
2018-05-20 22:40 - 2018-05-20 22:40 - 000000000 ____D C:\Users\Jo\AppData\Local\{65E21363-6323-4293-BFDA-AFA52281A5D4}
2018-05-20 15:19 - 2018-05-20 16:07 - 000067789 _____ C:\Users\Jo\Downloads\Addition.txt
2018-05-20 15:09 - 2018-05-22 21:07 - 000019447 _____ C:\Users\Jo\Downloads\FRST.txt
2018-05-20 15:08 - 2018-05-22 20:56 - 000000000 ____D C:\FRST
2018-05-20 15:07 - 2018-05-20 15:07 - 002413056 _____ (Farbar) C:\Users\Jo\Downloads\FRST64english.exe
2018-05-20 14:46 - 2018-05-20 14:46 - 019709440 _____ (Luis Cobian, CobianSoft) C:\Users\Jo\Downloads\cbSetup.exe
2018-05-20 14:18 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-20 13:35 - 2018-05-20 13:35 - 000002018 _____ C:\Users\Public\Desktop\ESET Veilig internetbankieren.lnk
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\ProgramData\ESET
2018-05-20 13:31 - 2018-05-20 13:31 - 000000000 ____D C:\Program Files\ESET
2018-05-20 12:51 - 2018-05-20 13:00 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer(1).exe
2018-05-20 12:49 - 2018-05-20 12:49 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-05-20 10:38 - 2018-05-20 10:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{B4172FED-8007-4F75-BA0A-8019143FA9F6}
2018-05-19 20:39 - 2018-05-19 20:39 - 000021874 _____ C:\Users\Jo\Desktop\install.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000990 _____ C:\Users\Jo\Desktop\startup.txt
2018-05-19 20:37 - 2018-05-19 20:37 - 000000524 _____ C:\Users\Jo\Desktop\startup2.txt
2018-05-19 20:26 - 2018-05-19 20:26 - 000002434 _____ C:\Users\Jo\Desktop\eset2.txt
2018-05-19 16:16 - 2018-05-19 16:28 - 1889579317 _____ C:\Users\Jo\Downloads\wetransfer-453dd0.zip
2018-05-19 12:26 - 2018-05-19 10:20 - 010394578 _____ C:\Users\Jo\Desktop\cafecafe_teaser_CL.mp4
2018-05-19 12:26 - 2018-05-19 10:20 - 010320477 _____ C:\Users\Jo\Desktop\cafecafe_teaser_ZW.mp4
2018-05-19 12:20 - 2018-05-19 12:21 - 020715382 _____ C:\Users\Jo\Downloads\wetransfer-daf9c7.zip
2018-05-19 10:43 - 2018-05-19 10:43 - 000000000 ____D C:\Users\Jo\AppData\Local\{18ABB502-982A-4642-AD41-9468B343014B}
2018-05-18 21:02 - 2018-05-18 21:02 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(2).exe
2018-05-18 20:18 - 2018-05-18 20:18 - 000000000 ____D C:\Users\Jo\AppData\Local\{0FF1559B-C708-4C96-8B08-CBFEE2439D7B}
2018-05-18 15:44 - 2018-05-18 15:59 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu(1).exe
2018-05-18 15:12 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Desktop\gorporotzak.rar
2018-05-18 13:07 - 2018-05-18 15:11 - 4266737520 _____ C:\Users\Jo\Downloads\gorporotzak.rar
2018-05-18 12:06 - 2018-05-19 17:15 - 000000000 ____D C:\Users\Jo\Desktop\Cafe Cafe
2018-05-16 22:10 - 2018-05-16 22:10 - 000000000 ____D C:\Users\Jo\AppData\Roaming\ESET
2018-05-16 11:31 - 2018-05-16 11:31 - 000000000 ____D C:\Users\Jo\AppData\Local\{81790DC4-9611-4210-AA94-EBD7876B0239}
2018-05-15 21:49 - 2018-05-15 21:49 - 000000000 ____D C:\Users\Jo\Desktop\BEKIJKEN
2018-05-15 20:40 - 2018-05-15 20:40 - 000000000 ____D C:\Users\Jo\AppData\Local\ESET
2018-05-15 20:36 - 2018-05-15 20:36 - 002870984 _____ (ESET) C:\Users\Jo\Downloads\esetsmartinstaller_enu.exe
2018-05-15 20:31 - 2018-05-15 20:31 - 004261120 _____ (ESET) C:\Users\Jo\Downloads\eset_smart_security_premium_live_installer.exe
2018-05-15 20:28 - 2018-05-15 20:28 - 000000000 ____D C:\Users\Jo\AppData\Local\Notepad++
2018-05-15 20:27 - 2018-05-15 20:27 - 000001090 _____ C:\Users\Public\Desktop\Notepad++.lnk
2018-05-15 20:26 - 2018-05-15 20:26 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\Jo\Downloads\npp.7.5.6.Installer.exe
2018-05-15 20:11 - 2018-05-15 20:11 - 000003601 _____ C:\Users\Jo\Desktop\AdwCleaner[C00].txt
2018-05-15 19:46 - 2018-05-15 19:46 - 007271632 _____ (Malwarebytes) C:\Users\Jo\Downloads\AdwCleaner.exe
2018-05-15 19:45 - 2018-05-15 19:45 - 000003964 _____ C:\Users\Jo\Desktop\Log Malwarebytes.CLP
2018-05-15 19:43 - 2018-05-15 19:43 - 000046344 _____ C:\Users\Jo\Downloads\Clipboard-Viewer.zip
2018-05-14 22:35 - 2018-05-20 14:07 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-14 22:35 - 2018-05-14 22:35 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-14 22:35 - 2018-05-14 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-14 22:34 - 2018-05-14 22:34 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-14 22:34 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-14 22:33 - 2018-05-14 22:33 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522(1).exe
2018-05-14 22:22 - 2018-05-14 22:23 - 074288784 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2018-05-14 15:31 - 2018-05-14 15:32 - 000000000 ____D C:\Users\Jo\AppData\Local\{7EDCF4EC-AF27-44F5-8903-126A897C7CA3}
2018-05-12 23:47 - 2018-05-12 23:47 - 000000000 ____D C:\Users\Jo\AppData\Local\{F347EE64-CE2D-456E-83F2-E5E33F7A52A0}
2018-05-12 11:08 - 2018-05-12 11:08 - 000000000 ____D C:\Users\Jo\Desktop\Oude Firefox-gegevens
2018-05-12 10:57 - 2018-05-12 10:57 - 036734360 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Setup 60.0.exe
2018-05-12 10:53 - 2018-05-18 12:31 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-12 10:53 - 2018-05-12 11:03 - 000001218 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-05-12 10:47 - 2018-05-12 10:47 - 000313624 _____ (Mozilla) C:\Users\Jo\Downloads\Firefox Installer.exe
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks opzij.html
2018-05-12 10:40 - 2018-05-12 10:40 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks extra.html
2018-05-12 10:39 - 2018-05-12 10:39 - 001764037 _____ C:\Users\Jo\Desktop\bookmarks boven.html
2018-05-12 01:09 - 2018-05-20 13:55 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-12 01:05 - 2018-05-12 01:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-12 01:04 - 2018-05-12 01:04 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320(1).exe
2018-05-12 00:57 - 2018-05-12 00:57 - 000000000 ____D C:\Users\Jo\AppData\Roaming\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Users\Jo\AppData\Local\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\VS Revo Group
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2018-05-11 23:56 - 2018-05-11 23:56 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-11 23:56 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2018-05-11 23:53 - 2018-05-11 23:54 - 012229768 _____ (VS Revo Group ) C:\Users\Jo\Downloads\RevoUninProSetup.exe
2018-05-11 23:15 - 2018-05-11 23:15 - 000221662 _____ C:\Users\Jo\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2018-05-11 21:24 - 2018-05-11 21:24 - 002415288 _____ (Kaspersky Lab) C:\Users\Jo\Downloads\kfa18.0.0.405abnl_fr_13320.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-10 19:18 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-10 12:25 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-10 12:25 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-10 12:25 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-10 12:25 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-10 12:25 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-10 12:25 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-10 12:25 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-10 12:25 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-10 12:25 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-10 12:25 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-10 12:25 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-10 12:25 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-10 12:25 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-10 12:25 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-10 12:25 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-10 12:25 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-10 12:25 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-10 12:25 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-10 12:25 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-10 12:25 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-10 12:25 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-10 12:25 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-10 12:25 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-10 12:25 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-10 12:25 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-10 12:25 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-10 12:25 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-10 12:25 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-10 12:25 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-10 12:25 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-10 12:25 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 12:25 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-10 12:25 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-10 12:25 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-10 12:25 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-10 12:25 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-10 12:25 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-10 12:25 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-10 12:25 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-10 12:24 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-10 12:24 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-10 12:24 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-10 12:24 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-10 12:24 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-10 12:24 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-10 12:24 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-10 12:24 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-10 12:24 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-10 12:24 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-10 12:24 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-10 12:24 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-10 12:24 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-10 12:24 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-10 12:24 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-10 12:24 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-10 12:24 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-10 12:24 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-10 12:24 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-10 12:24 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-10 12:24 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-10 12:24 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-10 12:24 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-10 12:24 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-10 12:24 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-10 12:24 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-10 12:24 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-10 12:24 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-10 12:24 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-10 12:24 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-10 12:24 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-10 12:24 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-10 12:24 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-10 12:24 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-10 12:24 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-10 12:24 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-10 12:24 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-10 12:24 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-10 12:24 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-10 12:24 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-10 12:24 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-10 12:24 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-10 12:24 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-10 12:24 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-10 12:24 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-10 12:24 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-10 12:24 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-10 12:24 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-10 12:24 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-10 12:24 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-10 12:24 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:24 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-10 12:24 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-10 12:24 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-10 12:24 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-10 12:24 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-10 12:24 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-10 12:24 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-10 12:24 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-10 12:24 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-10 12:23 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-10 12:23 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-10 12:23 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-10 12:23 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-10 12:23 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-10 12:23 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-10 12:23 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-10 12:23 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-10 12:23 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-10 12:23 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-10 12:23 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-10 12:23 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-10 12:23 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-10 12:23 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-10 12:23 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-10 12:23 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-10 12:23 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-10 12:23 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-10 12:23 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-10 12:23 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-10 12:23 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-10 12:23 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-10 12:23 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-10 12:23 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-10 12:23 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-10 12:23 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-10 12:23 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-10 12:23 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-10 12:23 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-10 12:23 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-10 12:23 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-10 12:23 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-10 12:23 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-10 12:23 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-10 12:23 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-10 12:23 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-10 12:23 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-10 12:23 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-10 12:23 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-10 12:23 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-10 12:23 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-10 12:23 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-10 12:23 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-10 12:23 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-10 12:23 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-10 12:23 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-10 12:23 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-10 12:23 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-10 12:23 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-10 12:23 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-10 12:23 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-10 12:23 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-10 12:23 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-10 12:23 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-10 12:23 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-10 12:23 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-10 12:23 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-10 12:23 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-10 12:23 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-10 12:22 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-10 12:22 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-10 12:22 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-10 12:22 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-10 12:22 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-10 12:22 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-10 12:22 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-10 12:22 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-10 12:22 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-10 12:22 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-10 12:22 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-10 12:22 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-10 12:22 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-10 12:22 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-10 12:22 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-10 12:22 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-10 12:22 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-10 12:22 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-10 12:22 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-10 12:22 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-10 12:22 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-10 12:22 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-10 12:22 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-10 12:22 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-10 12:22 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-10 12:22 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-10 12:22 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-10 12:22 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-10 12:22 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-10 12:22 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-10 12:22 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-10 12:22 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-10 12:22 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-07 20:48 - 2018-05-07 20:48 - 073524488 _____ (Malwarebytes ) C:\Users\Jo\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.5006.exe
2018-05-07 16:43 - 2018-05-07 16:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-07 16:15 - 2018-05-07 16:15 - 000000000 ____D C:\Users\Jo\AppData\Local\{2DB6AB69-6642-491D-AF93-85367A6629D2}
2018-05-06 12:07 - 2018-05-06 12:08 - 000000000 ____D C:\Users\Jo\AppData\Local\{53A37AB9-3673-4C08-8547-06739890F837}
2018-05-06 00:07 - 2018-05-06 00:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{80023CD4-C05C-4BCE-A193-E19D63106879}
2018-05-05 12:07 - 2018-05-05 12:07 - 000000000 ____D C:\Users\Jo\AppData\Local\{47EC2EAD-0D83-41B1-83E7-031A18E2B14C}
2018-05-04 07:44 - 2018-05-04 07:44 - 000000000 ____D C:\Users\Jo\AppData\Local\{FE691A53-C8DB-4DEC-AA2E-086E0E9CEE3C}
2018-05-03 11:16 - 2018-05-03 11:16 - 000000000 ____D C:\Users\Jo\AppData\Local\{4609EB91-8353-41A3-986D-A65B6EFA6E1F}
2018-05-02 13:35 - 2018-05-02 13:35 - 000000000 ____D C:\Users\Jo\AppData\Local\{F216096A-8CC7-476F-AF43-E2BAB27DB29C}
2018-05-01 12:24 - 2018-05-01 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{09CE5054-3321-4ED1-BFEF-36A1B2D6E255}
2018-05-01 00:24 - 2018-05-01 00:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{9880017D-E459-46C6-9158-AA9B96462623}
2018-04-30 12:24 - 2018-04-30 12:24 - 000000000 ____D C:\Users\Jo\AppData\Local\{48FDEEB9-2540-4256-959D-30E4C1C228C2}
2018-04-29 12:14 - 2018-04-29 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{C897AE3C-8AC6-4ED6-9E8A-C97B2D095D3E}
2018-04-29 00:14 - 2018-04-29 00:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{1841F072-BDD7-4882-942A-AC65CE9C2411}
2018-04-28 12:13 - 2018-04-28 12:14 - 000000000 ____D C:\Users\Jo\AppData\Local\{7A010D62-D7A2-46E3-9039-A4A38CFECCF3}
2018-04-27 12:52 - 2018-04-27 12:52 - 000000000 ____D C:\Users\Jo\AppData\Local\{70B59A5F-D846-4C78-B941-AE78B9086341}
2018-04-25 10:37 - 2018-04-26 19:01 - 000000000 ____D C:\Users\Jo\AppData\Local\{0F2F505E-4AA0-475B-AFC0-F8D1486DF97E}
2018-04-24 22:37 - 2018-04-24 22:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{EA13E18D-2E70-470A-83FA-0018C5BC58DC}
2018-04-24 10:37 - 2018-04-24 10:37 - 000000000 ____D C:\Users\Jo\AppData\Local\{FBA02216-9606-4090-94AC-E8813BA383B0}
2018-04-23 18:38 - 2018-04-23 18:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{301E9A1E-9EFE-429C-9A87-937DA69520E9}
2018-04-23 06:38 - 2018-04-23 06:38 - 000000000 ____D C:\Users\Jo\AppData\Local\{CBFFF121-8AE3-454D-85CB-C1985CAA9468}
2018-04-22 12:13 - 2018-04-22 12:13 - 000000000 ____D C:\Users\Jo\AppData\Local\{A8F1ADC8-E15A-40F0-95AE-828FCC9D7422}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 20:46 - 2016-11-20 13:35 - 000000000 ____D C:\Users\Jo\AppData\LocalLow\Mozilla
2018-05-22 19:30 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-22 19:30 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-22 19:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-22 19:19 - 2017-12-11 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-22 15:57 - 2017-12-11 23:09 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{561A3659-DFCB-40E9-81A4-5F062B058A7E}
2018-05-22 14:02 - 2011-04-24 11:20 - 000000000 ____D C:\Program Files (x86)\RapidShareManager
2018-05-21 14:18 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 20:51 - 2017-12-10 19:24 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-20 20:35 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-20 19:50 - 2017-12-11 23:07 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2018-05-20 19:50 - 2017-12-11 23:07 - 000028578 _____ C:\WINDOWS\diagerr.xml
2018-05-20 17:53 - 2018-04-12 19:02 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-20 17:53 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-05-20 17:52 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-20 14:06 - 2017-12-11 23:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 14:06 - 2017-10-05 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-20 14:06 - 2016-11-19 16:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-20 14:06 - 2012-05-04 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-20 14:06 - 2012-01-22 19:11 - 000000000 ____D C:\Program Files (x86)\Pando Networks
2018-05-20 14:05 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-20 13:58 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-20 13:54 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2018-05-20 13:40 - 2018-03-04 21:04 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-20 12:49 - 2017-12-11 22:32 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-19 23:51 - 2014-06-25 12:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-19 23:47 - 2015-01-14 14:45 - 000000000 ____D C:\Users\Jo\AppData\Local\Adobe
2018-05-19 23:24 - 2016-02-13 15:12 - 000000000 ____D C:\WINDOWS\ShellNew
2018-05-19 22:35 - 2011-07-11 22:20 - 000000000 ____D C:\ProgramData\Apple Computer
2018-05-19 22:10 - 2011-03-28 23:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-19 22:03 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-05-19 21:57 - 2011-03-28 23:05 - 000000000 ____D C:\Program Files\Windows Live
2018-05-19 21:24 - 2017-12-11 23:09 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-415329193-230498918-4009263626-1001
2018-05-19 21:07 - 2017-12-11 22:33 - 000000000 ____D C:\Users\Jo
2018-05-19 19:56 - 2011-12-28 19:51 - 000000000 ____D C:\Users\Jo\Desktop\EMILE
2018-05-18 11:32 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-18 11:28 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-18 11:28 - 2014-05-15 00:18 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-05-18 11:25 - 2012-10-18 19:38 - 000000000 ____D C:\Program Files\Microsoft Office
2018-05-16 22:34 - 2015-10-29 11:51 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Getprivate VPN
2018-05-15 20:29 - 2013-01-18 20:54 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Notepad++
2018-05-15 20:27 - 2013-01-18 20:54 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-05-15 19:49 - 2015-01-15 22:38 - 000000000 ____D C:\AdwCleaner
2018-05-14 22:59 - 2013-12-26 22:46 - 000000000 ____D C:\VoidLauncher
2018-05-14 22:34 - 2011-06-07 21:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-14 17:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-14 14:40 - 2016-02-09 23:02 - 000000000 ____D C:\Users\Jo\Documents\Cubase Projects
2018-05-12 20:41 - 2012-02-29 16:24 - 000000000 ____D C:\Program Files (x86)\Your Product
2018-05-12 20:41 - 2010-10-10 14:51 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-05-12 20:30 - 2012-06-10 14:20 - 000000000 ____D C:\Program Files (x86)\Cracked Steam
2018-05-12 20:14 - 2012-09-19 20:16 - 000000000 ____D C:\Games
2018-05-12 16:03 - 2017-03-19 15:26 - 000000000 ____D C:\Users\Jo\Desktop\ROTZAK
2018-05-12 16:03 - 2016-04-18 17:03 - 000000000 ____D C:\Users\Jo\Desktop\fiets
2018-05-12 00:55 - 2016-07-11 12:54 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-05-12 00:55 - 2014-07-05 16:36 - 000000000 ____D C:\Users\Jo\AppData\Local\Reflector
2018-05-12 00:55 - 2012-01-18 21:46 - 000000000 ____D C:\ProgramData\Skype
2018-05-12 00:31 - 2016-04-18 17:13 - 000000000 ___RD C:\Users\Jo\3D Objects
2018-05-12 00:30 - 2011-04-17 22:56 - 000000000 ___RD C:\Users\Jo\Desktop\JO
2018-05-12 00:13 - 2015-02-13 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-05-12 00:13 - 2013-02-08 18:12 - 000000000 ____D C:\Program Files (x86)\Image-Line
2018-05-12 00:11 - 2015-02-13 18:12 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-05-12 00:10 - 2010-10-10 14:45 - 000000000 ____D C:\ProgramData\Symantec
2018-05-12 00:08 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-11 23:50 - 2017-12-11 22:23 - 005102568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-11 23:17 - 2011-03-30 13:33 - 000000000 ____D C:\Users\Jo\AppData\Local\ElevatedDiagnostics
2018-05-11 23:03 - 2017-12-11 22:34 - 000000000 ____D C:\Users\Jo\AppData\Local\Packages
2018-05-11 22:46 - 2011-07-11 22:19 - 000000000 ____D C:\ProgramData\Apple
2018-05-11 22:30 - 2010-10-10 14:37 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-05-11 22:30 - 2010-10-10 14:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-11 22:30 - 2010-10-10 14:31 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-11 22:28 - 2011-03-28 22:59 - 000000000 ____D C:\Users\Jo\AppData\Local\Hewlett-Packard
2018-05-11 22:28 - 2010-10-10 14:35 - 000000000 ____D C:\ProgramData\Temp
2018-05-11 22:09 - 2016-07-11 12:52 - 000000000 ____D C:\ProgramData\Panda Security
2018-05-11 22:08 - 2014-06-26 12:54 - 000000223 _____ C:\Users\Jo\BullseyeCoverageError.txt
2018-05-11 22:08 - 2013-04-25 16:55 - 000000000 ____D C:\Users\Jo\AppData\Local\Unity
2018-05-11 22:05 - 2016-07-11 12:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Panda Security
2018-05-11 22:00 - 2011-11-25 13:57 - 000000000 ____D C:\Program Files (x86)\PokerStars.BE
2018-05-11 21:52 - 2011-11-25 13:57 - 000000000 ____D C:\Users\Jo\AppData\Local\PokerStars.BE
2018-05-11 21:47 - 2010-10-10 14:32 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-05-11 21:45 - 2011-05-01 18:48 - 000000000 ____D C:\Users\Jo\AppData\Roaming\hpqLog
2018-05-11 21:31 - 2012-02-03 21:15 - 000000000 ____D C:\Users\Jo\AppData\Local\MCEdit
2018-05-11 20:13 - 2015-03-23 22:23 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Spotify
2018-05-11 20:12 - 2017-07-28 20:19 - 000000000 ____D C:\Users\Jo\AppData\Local\Spotify
2018-05-10 21:10 - 2017-12-11 22:27 - 002525284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-10 21:10 - 2017-09-30 16:32 - 001125254 _____ C:\WINDOWS\system32\perfh013.dat
2018-05-10 21:10 - 2017-09-30 16:32 - 000264930 _____ C:\WINDOWS\system32\perfc013.dat
2018-05-10 21:09 - 2016-02-13 15:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-10 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-10 19:10 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-10 17:02 - 2013-08-15 23:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 16:52 - 2017-10-12 07:25 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 16:51 - 2011-05-12 19:23 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-10 12:35 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-10 12:34 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-10 12:34 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-10 12:33 - 2015-09-19 14:53 - 000000000 ____D C:\Users\Jo\AppData\Roaming\Audacity
2018-05-09 12:04 - 2013-02-19 22:39 - 000000000 ____D C:\Users\Jo\AppData\Local\adawarebp
2018-05-07 22:00 - 2011-06-07 21:22 - 000000000 ____D C:\ProgramData\Lavasoft
2018-05-07 16:43 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-05-07 16:24 - 2011-06-06 18:37 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-06 12:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-30 13:15 - 2017-03-14 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's

==================== Files in the root of some directories =======

2013-06-27 12:33 - 2014-06-22 22:33 - 000003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-11-09 20:25 - 2012-01-20 14:01 - 001355776 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVBVM50.DLL
2012-04-02 11:18 - 2012-04-02 11:22 - 099402530 _____ () C:\Users\Jo\AppData\Roaming\.minecraft.rar
2011-07-10 12:53 - 2011-09-02 07:31 - 000001854 _____ () C:\Users\Jo\AppData\Roaming\GhostObjGAFix.xml
2012-05-17 18:03 - 2012-05-17 18:03 - 000059369 _____ () C:\Users\Jo\AppData\Roaming\Jo3SQLite3.dll
2005-04-08 04:16 - 2012-05-17 19:24 - 000008413 ____H () C:\Users\Jo\AppData\Roaming\Jolog.dat
2012-11-08 17:38 - 2013-02-17 14:35 - 000703117 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar
2012-11-08 17:38 - 2012-12-16 16:19 - 000581642 _____ () C:\Users\Jo\AppData\Roaming\technic-launcher.jar.bak
2014-03-19 21:24 - 2014-03-19 21:24 - 000000863 _____ () C:\Users\Jo\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-18 15:18

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jo (22-05-2018 21:14:39)
Running from C:\Users\Jo\Downloads
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-11 21:10:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-415329193-230498918-4009263626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-415329193-230498918-4009263626-503 - Limited - Disabled)
Gast (S-1-5-21-415329193-230498918-4009263626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-415329193-230498918-4009263626-1002 - Limited - Enabled)
Jo (S-1-5-21-415329193-230498918-4009263626-1001 - Administrator - Enabled) => C:\Users\Jo
WDAGUtilityAccount (S-1-5-21-415329193-230498918-4009263626-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVG PC TuneUp 2014 (nl-NL) (HKLM-x32\...\{555E1FDF-9BF4-4943-BF75-C7DE98F7CF8A}) (Version: 14.0.1001.489 - AVG) Hidden
Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
eID Web Browser Middleware (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\eID Web Browser Middleware) (Version: 1.1.9 - e-Contract.be BVBA)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
Free WAV to MP3 Converter (HKLM-x32\...\Free WAV to MP3 Converter) (Version: 1.01 - Polaris-Software.com)
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Power Assistant (HKLM\...\{371FFC40-FA09-4E42-AFFD-62258C724BBF}) (Version: 1.1.1.5 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Share-to-Web (HKLM-x32\...\{748F4870-8350-11D3-B0BF-080009FB4A19}) (Version:  - )
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F283E29B-0B9B-492B-A4BF-5585D996E5AF}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
H-Series_Multi_Track_ASIO64 (HKLM\...\{2071332E-57E9-44AC-AD43-E72B069CC576}) (Version: 1.0.0.14 - ZOOM)
iExplorer 3.6.3.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Juniper Networks Host Checker (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Neoteris_Host_Checker) (Version: 7.4.0.30731 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Juniper_Setup_Client) (Version: 7.4.10.45165 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Malwarebytes versie 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Media converter (HKLM-x32\...\{729E66B3-1B80-4F3F-8D19-342A89631E1A}_is1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Mozilla Firefox 60.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 60.0.1 (x86 nl)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA 3D Vision controllerstuurprogramma 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9793 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.3 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncroSoft Emu (Remove only) (HKLM-x32\...\SyncroSoft Emu) (Version:  - )
Syncrosoft's License Control (HKLM-x32\...\Syncrosoft's License Control) (Version:  - Syncrosoft Hard- Und Software GmbH)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
UE3Redist (HKLM-x32\...\{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games) Hidden
UE3Redist (HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
Unibet Poker version 2.5.0 (HKLM-x32\...\{E0DBCF0E-0758-4EDD-A7F1-A7BCA19ED37D}_is1) (Version: 2.5.0 - Relax Gaming Ltd.)
USB PC Camera-168 (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1206.106 - Sonix)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{BEA06A39-583D-486E-A3EB-2A434ED45940}) (Version: 1.9.10 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.9.10 - Yamaha Corporation)
YAMAHA THR Editor (HKLM-x32\...\{ECC6D4D5-EBD7-4117-BBA1-B76D93DD2A76}) (Version: 1.1.0 - Yamaha Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-415329193-230498918-4009263626-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [2012-05-22] (Lavasoft Limited)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-07-19] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0393ED70-A426-4301-B038-0345D6C8D8B0} - System32\Tasks\{168B95EB-1DC4-41DC-9980-D3A267503636} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\Brick+Force+Hacks+Activator+and+Installer+Software.exe -d C:\Users\Jo\Desktop
Task: {05671178-FB8A-4071-B640-C46CE1BEF231} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A8BC0A8-C078-47A0-B38D-AD47957E4BA3} - System32\Tasks\{69331790-8071-415F-9FA6-AF9557439B29} => C:\Windows\system32\pcalua.exe -a "C:\Left 4 Dead 2\bin\addoninstaller.exe" -d "C:\Left 4 Dead 2\left4dead2\addons" -c C:\LEFT4D~1\LEFT4D~1\addons\DEATHC~1.VPK
Task: {0ADCFB6E-3ED0-4C5A-B255-B939742F3B33} - System32\Tasks\{324CC961-C442-4735-B676-CB34E4CCD362} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NCH Software\Switch\uninst.exe"
Task: {0AF32BE6-EA22-4EE2-820F-3EC69F6FC2AF} - System32\Tasks\{9BE8D3A6-CCBC-405D-B9AF-0AF8C60804C3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Addon Pack Installer.exe" -d C:\Users\Jo\Desktop
Task: {0BFFDDB0-947C-4484-AB93-640A12E163F1} - System32\Tasks\HPCeeScheduleForJO-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {0D68D6F3-74CA-43E1-877D-963172EB346D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-18] (Microsoft Corporation)
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F0EC3DD-EB84-41D2-B80A-6E04A3117F6C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {10E3FE64-ACA7-4E2B-A025-FE874BEF7E25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-13] (Adobe Systems Incorporated)
Task: {128E6F21-D0BA-4F7C-923A-EE975A24DAD8} - System32\Tasks\{07915808-E4BE-41D3-AF52-91AF40798708} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Desktop\gmod_9_0_4(1).exe -d C:\Users\Jo\Desktop
Task: {1427E3FA-0F5B-42CC-93AB-49C9A12B0BEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {16CCD989-A5D1-4A57-928D-CF1DE30B968B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1ED82B30-795E-4DDE-9F77-F5F143CF27B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {2514872B-7536-41F2-B4D5-56B72C719C4D} - System32\Tasks\{CC6E0155-0096-4A12-A37F-1A39F748DD9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Too Many Items Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2A00AC8A-C923-470D-8C0F-E845065CA4D2} - System32\Tasks\{55256250-BA29-476B-B1F5-162108FA7026} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {2AB820B2-886F-47CF-9490-A3AE93E045E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2CB47397-48EA-4C9F-AA02-BA1F01B54AFF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2D0AA399-A1DF-4382-B125-F4CC22866F63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2D9255BD-A97B-40E2-9F07-257EC49C45EE} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2DD82799-BC45-4CDE-95AA-BC450BD65D88} - System32\Tasks\{7E72A818-4631-4C2C-9946-D2D45B3941C8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C2048-CFFD-4340-9B3E-961475E86A80} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {33C859EA-3619-4C04-A7AA-CD0E6E7FEFE8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {35B1E687-C0A1-4BC3-8A30-1A25EAD35DF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {35D8EEB5-F313-47BE-A98D-A74381982F7C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D17F9CE-39D7-4EA4-B2D4-8F63C66568E9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {453A236A-56DC-4149-B60F-8FF4B3037144} - System32\Tasks\{474BD07B-4D43-4AB5-A4D0-2E163685F2AE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Minions Mod Installer.exe" -d C:\Users\Jo\Desktop
Task: {45711822-BB72-44F5-B909-4F5179991EBB} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {45DB0286-1161-4192-B6F4-43BC81AD44C8} - System32\Tasks\{EE10459C-E07F-41E6-B580-0E985D27127D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Better Than Wolves Installer.exe" -d C:\Users\Jo\Desktop
Task: {4799EDF6-4F14-4451-8400-386936CE8DD5} - System32\Tasks\{933E2A31-8315-4940-BB65-4FC3072103F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Map and Texture Installer.exe" -d C:\Users\Jo\Desktop
Task: {48AB5025-A540-4315-B505-2F1D310FA12D} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {4C6BB161-9CBB-42AA-A100-94DDC67A9057} - System32\Tasks\HP-Online updateprogramma => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {4D6FDA01-991A-451A-BC12-DD82366CD07B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5495A431-8285-4EF5-B706-7A5F59144B38} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-18] (Microsoft Corporation)
Task: {57329E8F-A9B9-401C-8945-FFE6CE971B76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {5C9165E6-586D-444A-BDF5-F96D8B7FE590} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {63BE13FF-196D-466C-9A28-E78650018F2D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {66EF1EF2-191D-4A40-A9AE-34100098583B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {6765BC3F-EBE8-48D6-80AD-810D86E5DBB3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6C08DD23-2AB3-46EF-A809-6B8A2FB48B67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6DC4DF62-D8B2-48F6-B593-4AEC03D3D386} - System32\Tasks\{FB66AFFB-911B-48F8-B840-6D926575F36E} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {71DF1C5E-427E-4B8C-B6CD-1A07D4B9F64F} - System32\Tasks\{3C8D1373-5A59-447D-805D-B8DA898E02C9} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\AppData\Local\Roblox\Versions\version-9a11ba172314428c\RobloxPlayerLauncher.exe -c -uninstall
Task: {74813D0A-68A3-4779-A397-BADA3497659E} - System32\Tasks\{BC680E54-181B-4238-A4E1-1BE8E6C46EA4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\Portal Gun Mod Installer 1.exe" -d C:\Users\Jo\Desktop
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {765BFA3F-0E38-48A5-889C-4A698A061018} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-05-18] (Microsoft Corporation)
Task: {78B68D21-F8BD-4448-BA18-B3B7B8A0506D} - System32\Tasks\{E5005B0D-2030-480A-8EED-9B42E24D912A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\PowerCraft Mod Installer.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E68B1FA-FA0F-4C7E-A13B-85CA45EEEA6A} - System32\Tasks\{EB9F1255-F250-4D24-B7D5-AF6EECA43FEE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Maxthon\Bin\Mx3Uninstall.exe"
Task: {7F187C20-E39C-414D-A16E-9C86B73F2F5E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {80E52670-6BE3-454D-98E0-799863D9CA62} - System32\Tasks\{1614415E-B8BE-4A92-8231-AFBB3581B2D8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.1.0.179.161/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86113B87-2729-42F0-A6D5-AF82AC5C0F3D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {88229494-16BA-4F33-968E-E7E87CF9F728} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {88233ADA-67D9-4A14-8DA7-298B192384E4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {89DC2FCE-C191-40DA-87D1-21902D66C44F} - System32\Tasks\{780C857C-28B4-46E6-9574-E3F82DB789F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {8A7485F7-E25F-4D61-868F-20158765B1AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {8B0FF95C-A33A-46A4-81FA-599586C09B80} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {8B7D2786-6E19-42E1-B9F2-406316F0CE5E} - System32\Tasks\{93CCD580-4F16-4DD9-9AD8-91CD19355452} => C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
Task: {8D84C51B-5255-4F86-8D89-9FE706855BE8} - System32\Tasks\{263976D2-4629-4287-B052-F0744DAC410A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\CJB Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {8F440A31-A305-4740-9CB9-CF0E8DA20C24} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {92239D3E-AC1E-4282-A4B7-95922BD3F588} - System32\Tasks\{0F7F4510-1CA0-4941-B5DC-E2A0C546FA5F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/219640
Task: {9600597F-8675-4394-9999-18926D8D1191} - System32\Tasks\{1877E92C-D702-4807-9CB8-1F8A1AC6F7F2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-\Call of Duty 5 fulll game.part1.exe" -d "C:\Users\Jo\Downloads\Call of Duty 5 World at War v_1.7 full game -=AviaRa=-"
Task: {9B275FCF-1434-46BC-B015-57AAC19FAD32} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F823EDA-3AA3-4322-ACBD-C990D843FE13} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {9F96232A-BEE1-4C7F-AADA-A971D2DFAD26} - System32\Tasks\{F4334C95-6960-4C72-9700-4B862E1326CA} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\gmod_9_0_4.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A5C335E9-2370-4AFA-AF8B-CD4980BF013F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {A7AF03A7-016B-4953-B902-D045386393F5} - System32\Tasks\Google Update => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A8A293D3-0037-4662-918F-0070285CDB75} - System32\Tasks\HPCeeScheduleForJo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A8E73696-1156-4E16-BD14-082B5D4B3AAB} - System32\Tasks\{144B934D-ECD6-4D31-BA15-3FEE6E781905} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.60.106/nl/abandoninstall?page=tsProgressBar
Task: {A97DFB7A-C994-435A-8320-F0092A0CC924} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {A990F9FA-F3B3-41E0-BD89-8B45888D2287} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-05-07] (Microsoft Corporation)
Task: {AC296AA1-4C21-4F51-B1F3-A459A0389207} - System32\Tasks\{943B7DB0-6871-454A-8927-49C1ACEA2311} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Firewatch\_CommonRedist\vcredist\2010"
Task: {AC417BCC-0BE2-41A0-8D3C-03A685C93DFA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4390A14-61AB-43DD-A9C9-CE9877BDA41A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-05-07] (Microsoft Corporation)
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C26B651E-0339-4E1C-9709-4809577FE9A6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C64E2255-03C1-4A33-A8DC-15799ADDB745} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C87158CF-BEA6-4EC0-A460-C8982ABC1BC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {C9870C46-1FB7-475D-B387-1C8F27161CE7} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {CB4D1143-D334-4174-96AB-408ECB5D69B0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CB58AF2E-98F0-4C3D-B5CE-6E6ABA0EC151} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {DB16501F-FE37-4474-B4A4-3BF4F6A3D5D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-05-07] (Microsoft Corporation)
Task: {DB63A411-0C37-45C8-A635-23A8F69BCD4C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-415329193-230498918-4009263626-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {DDE1448C-2CD0-4A03-8F53-9FE129E75759} - System32\Tasks\{13881B29-719A-44F5-8C19-B20A3A3B8FCB} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Downloads\Half-Life 2\Install.exe" -d "C:\Users\Jo\Downloads\Half-Life 2"
Task: {E323E965-2306-4FD9-B9B7-30A404832574} - System32\Tasks\{E8A386BE-6542-4293-A942-046978FBDD98} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Vogster Entertainment\CrimeCraft\uninstall.exe"
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E9B8BD7F-970A-476B-9EEA-7E4DB46B21B6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA98EDDB-7192-455A-8948-79F59EB54407} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EDF1DE0A-8BE5-4F77-9044-26813F93236B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {F06045AF-4567-457A-B486-2541A158B0DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F06A4D59-91DB-411E-8F6A-22BEF0C804B3} - System32\Tasks\{171E7D74-FEF9-450C-A73B-7F08CB7AB251} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jo\Desktop\SKD Mods Installer.exe" -d C:\Users\Jo\Desktop
Task: {F364F3C9-B6B9-4FE8-957A-AA03CC4D951E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F4346E46-08D6-4264-BD6E-473029AF6245} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F5209FEA-4367-45DD-B37D-6F0B3AC94D64} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F6E526E3-06F8-4A28-8A1C-22B60DD82908} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FA444B67-0DE5-4438-AA50-11A5BE361094} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-05-07] (Microsoft Corporation)
Task: {FA85FFA9-BA1F-4D55-AE01-AD0732CC5083} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {FB0A9A75-C505-4F9F-9A0D-62C9423B8FA0} - System32\Tasks\{86942974-2B18-417B-94F7-6475BEA648E1} => C:\Windows\system32\pcalua.exe -a G:\steambackup2.EXE -d G:\
Task: {FB435F40-2825-444B-9850-C88E79C1089A} - System32\Tasks\{2C364E6F-0E9C-4347-AB5A-16C02BDCAB91} => C:\Windows\system32\pcalua.exe -a C:\Users\Jo\Downloads\Adaware_Installer.exe -d "C:\Program Files (x86)\Lavasoft\Ad-Aware"
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001Core.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-415329193-230498918-4009263626-1001UA.job => C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJO-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-04-09 12:38 - 2012-09-18 16:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2017-10-05 12:12 - 2012-09-18 16:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2018-05-14 22:34 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-05 12:12 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-03-30 13:14 - 2011-03-02 12:40 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2018-03-15 11:24 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-15 11:23 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-22 20:01 - 2018-05-22 20:08 - 000468480 _____ () C:\Users\Jo\Downloads\CKScanner.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4 [130]
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
AlternateDataStreams: C:\ProgramData\Temp:EAD001CC [128]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\sharepoint.com -> hxxps://sintangela-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-415329193-230498918-4009263626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Bureaubladachtergrond van Windows Live Photo Gallery.jpg
DNS Servers: 4.4.4.2 - 195.130.131.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: H2O => C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe
HKLM\...\StartupApproved\StartupFolder: => "Snapfish PictureMover.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "hpsysdrv"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "Share-to-Web Namespace Daemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PDF Complete"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "HPAdvisorDock"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E390F3BE-041C-4324-981E-2C54FE4F6297}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AD6B6A1C-037A-4976-917D-28DAF3ABF668}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6A8FC79F-EB61-4517-9529-04CAF8CEDFA0}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E2B49390-F8EC-4F18-BFB1-7CD69E6C9C90}C:\users\jo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{32E68893-4C0E-4668-893E-67B8BE959EB3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5C6AD616-DD80-4659-8371-34345F1DDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{032AB17A-DD28-4C9B-BC8D-3CC29526F668}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4EF06EC7-F581-4B4B-89F3-7FA28064C70D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2B7D790B-E717-4182-A54F-69A875A80B42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6AFDEFE0-B407-4F90-9D98-E1C981FC11DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB04FCCB-9612-4BA6-8DC5-8517E97E2CE3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C07D1AF1-9C4C-49DD-A737-5B65DC59801C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FC5E049-4EF9-48E7-8170-7E4DD7FCA40F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBEFA7CF-C4B1-4CB3-A3A6-5BBB75CBDCE9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A5876EE-3551-4321-AA4E-38D6660C9818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{426A08CB-C810-4F07-B385-6FE795114B31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FBD50D13-EF39-4664-B735-51E9875B1748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3034DEB-4364-4AB3-9632-EAE09DA9EF5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7324EDF4-3670-4EB0-A700-04A91A5BA4FE}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8EFD77DB-A482-4878-BE1F-841D2626DF02}C:\users\jo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{849E02E7-73B9-487E-8ADA-3DD69425BC39}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EF6587A3-6C84-4E58-BBB6-9956500CE34D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DA98BA07-6B29-4CF9-9A33-544BAB6B8B57}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6162A4D5-32EB-4371-BDCB-A0F3E984AD27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9ADFFA9F-D32C-4E54-8080-22208C01EC99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{08F9ED33-0A5F-4E6A-88E8-D6A7B3D9F840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39C81CD5-D9EF-4500-B327-384D6BC45081}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

14-05-2018 18:23:13 Gepland controlepunt
19-05-2018 20:48:05 Removed ESET Security
19-05-2018 21:27:20 Removed Windows Media Player Firefox Plugin
19-05-2018 21:42:43 Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen is verwijderd
19-05-2018 21:52:55 WLSetup
19-05-2018 22:04:50 WLSetup
19-05-2018 22:11:13 Removed QuickTime 7
19-05-2018 23:14:50 Removed LibreOffice 3.6
19-05-2018 23:33:19 Removed Java SE Development Kit 7 Update 11
19-05-2018 23:40:15 Removed Java 8 Update 111

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2018 07:49:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x1604
Starttijd van toepassing met fout: 0x01d3f1f54a490aeb
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 97d6318c-80af-4f61-8948-f512e7d3d4ef
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x7564
Starttijd van toepassing met fout: 0x01d3f1f545ce8283
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 57fee65c-bc15-4663-ae90-18e7919a1674
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x2660
Starttijd van toepassing met fout: 0x01d3f1f543cecda0
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 478ddcab-8faa-49c9-8f01-fceda4bc95f5
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x5934
Starttijd van toepassing met fout: 0x01d3f1f54051a629
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: efdf7574-e4af-4fec-84ee-0e4d9d9992ae
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x6218
Starttijd van toepassing met fout: 0x01d3f1f53e35d3a7
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 36514478-b170-434c-879d-2ef2dde48d08
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x7b04
Starttijd van toepassing met fout: 0x01d3f1f53b845517
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 7e82ccff-7731-4164-a3a2-363522c6243e
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x81c8
Starttijd van toepassing met fout: 0x01d3f1f539c319b9
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 67c70a5a-7a56-4506-80a8-16f94f56bdcc
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/22/2018 07:49:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.16299.15, tijdstempel: 0x5e7a01e6
Naam van module met fout: CFHD.dll, versie: 8.6.3.670, tijdstempel: 0x52e94e95
Uitzonderingscode: 0xc0000005
Foutmarge: 0x0000000000004947
Id van proces met fout: 0x6814
Starttijd van toepassing met fout: 0x01d3f1f537cd0ed2
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\system32\CFHD.dll
Rapport-id: 9c6dec9c-2778-4f96-96ad-fdddaa733f62
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:


System errors:
=============
Error: (05/22/2018 08:08:40 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 08:07:06 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 07:24:38 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server microsoft.windowscommunicationsapps_17.9226.21595.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 07:14:39 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 07:09:38 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 06:31:16 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 06:31:13 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/22/2018 06:31:11 PM) (Source: DCOM) (EventID: 10010) (User: Jo-HP)
Description: De server microsoft.windowscommunicationsapps_17.9226.21595.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.


CodeIntegrity:
===================================

Date: 2018-05-20 18:12:32.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:32.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:32.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:31.111
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:30.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:30.423
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:24.839
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-20 18:12:21.769
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 86%
Total physical RAM: 1975.11 MB
Available physical RAM: 266.19 MB
Total Virtual: 6199.96 MB
Available Virtual: 2175.58 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:915.94 GB) (Free:568.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.64 GB) (Free:1.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{404d85cf-0000-0000-0000-8002e5000000}\ () (Fixed) (Total:0.83 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 404D85CF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)
Partition 4: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#12 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 25 May 2018 - 10:25 AM

Hi

Thanks. Let us continue :)

Can you tell me what this program is?
 

Media converter (HKLM-x32\...\{729E66B3-1B80-4F3F-8D19-342A89631E1A}_is1) (Version:  - )

Have you created these settings yourself?



HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-415329193-230498918-4009263626-1001\...\Policies\system: [DisableLockWorkstation] 0

:step1:
We need to run a fix with FRST:

Please copy and paste the fix I have placed in below to a text file and save it to the same location as FRST with name fixlist.txt





cmd: gpresult /v

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

Member of the Bleeping Computer A.I.I. early response team!


#13 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 25 May 2018 - 01:35 PM

Hi,

 

I use Media converter to convert wav-files to mp3. I didn't create those settings.

 

 

Here's the fixlog

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jo (25-05-2018 20:32:52) Run:1
Running from C:\Users\Jo\Downloads
Loaded Profiles: Jo (Available Profiles: Jo & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
cmd: gpresult /v

*****************


========= gpresult /v =========


Microsoft ® Windows ® Operating System Group Policy Result tool v2.0
¸ 2017 Microsoft Corporation. All rights reserved.

Created on ?25-?5-?2018 at 20:32:57



RSOP data for Jo-HP\Jo on JO-HP : Logging Mode
-----------------------------------------------

OS Configuration:            Standalone Workstation
OS Version:                  10.0.16299
Site Name:                   N/A
Roaming Profile:             N/A
Local Profile:               C:\Users\Jo
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
    
    Last time Group Policy was applied: 24-5-2018 at 09:41:06
    Group Policy was applied from:      N/A
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        JO-HP
    Domain Type:                        <Local Computer>

    Applied Group Policy Objects
    -----------------------------
        Lokaal groepsbeleid

    The computer is a part of the following security groups
    -------------------------------------------------------
        BUILTIN\Administrators
        Iedereen
        Geverifieerde gebruikers
        Verplicht niveau voor systeem
        
    Resultant Set Of Policies for Computer
    ---------------------------------------

        Software Installations
        ----------------------
            N/A

        Startup Scripts
        ---------------
            N/A

        Shutdown Scripts
        ----------------
            N/A

        Account Policies
        ----------------
            N/A

        Audit Policy
        ------------
            N/A

        User Rights
        -----------
            N/A

        Security Options
        ----------------
            N/A

            N/A

        Event Log Settings
        ------------------
            N/A

        Restricted Groups
        -----------------
            N/A

        System Services
        ---------------
            N/A

        Registry Settings
        -----------------
            N/A

        File System Settings
        --------------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            N/A


USER SETTINGS
--------------
    
    Last time Group Policy was applied: 25-5-2018 at 10:00:12
    Group Policy was applied from:      N/A
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        Jo-HP
    Domain Type:                        <Local Computer>
    
    Applied Group Policy Objects
    -----------------------------
        N/A

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Lokaal groepsbeleid
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        None
        Iedereen
        Lokaal account en lid van de groep Administrators
        HomeUsers
        BUILTIN\Administrators
        Gebruikers
        INTERACTIEF
        AANMELDEN OP DE CONSOLE
        Geverifieerde gebruikers
        Deze organisatie
        Lokaal account
        LOKAAL
        NTLM-verificatie
        Hoog verplicht niveau
        
    The user has the following security privileges
    ----------------------------------------------

        Controle op bladeren negeren
        Controlebeleid en beveiligingslogboek beheren
        Back-ups van bestanden en mappen maken
        Bestanden en mappen terugzetten
        Systeemtijd wijzigen
        Systeem afsluiten
        Afsluiten vanaf een extern systeem
        Eigenaar worden van bestanden of andere objecten
        Fouten in programma's opsporen
        Omgevingswaarden in firmware wijzigen
        Systeemprestaties bekijken
        Een enkel proces bekijken
        Prioriteit verhogen voor planning
        Stuurprogramma's laden en verwijderen
        Wisselbestand maken
        Geheugenquota voor een proces verhogen
        Computer uit basisstation verwijderen
        Onderhoudstaken op volume uitvoeren
        Een client nabootsen na authenticatie
        Globale objecten maken
        Tijdzone wijzigen
        Symbolische koppelingen maken
        Een proceswerkset vergroten

    Resultant Set Of Policies for User
    -----------------------------------

        Software Installations
        ----------------------
            N/A

        Logon Scripts
        -------------
            N/A

        Logoff Scripts
        --------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            N/A

        Folder Redirection
        ------------------
            N/A

        Internet Explorer Browser User Interface
        ----------------------------------------
            N/A

        Internet Explorer Connection
        ----------------------------
            N/A

        Internet Explorer URLs
        ----------------------
            N/A

        Internet Explorer Security
        --------------------------
            N/A

        Internet Explorer Programs
        --------------------------
            N/A

========= End of CMD: =========


==== End of Fixlog 20:33:02 ====



#14 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:43 AM

Posted 26 May 2018 - 03:40 PM

Hi
 
Your logs look clean.
How is your PC running now?

If you are still experiencing slowdowns please try to boot your computer into safe mode
and see if the problem still persists there. After that you can also try Safe mode with Networking
This way we can check if the slowdowns are due to software based issues. To return your computer to normal mode restart it.
 
Let me know of the results.


Member of the Bleeping Computer A.I.I. early response team!


#15 zochar

zochar
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 27 May 2018 - 12:08 PM

Hi,

 

My PC seems to run a lot faster now. Thanks a lot for your support.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users