Auteur Topic: Hidden Remote Desktop Protocol  (gelezen 1452 keer)

0 leden en 1 gast bekijken dit topic.

Offline john

  • Super Member
  • *****
  • Berichten: 552
Hidden Remote Desktop Protocol
« Gepost op: 12 juni 2020, 15:59:22 »
Han, heeft me geadviseerd hier een topic te openen om het probleem, indien werkelijk aanwezig, op te lossen.
Het resultaat van de Far Recovery Scan Tool gaat hierbij:
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-04-2017 01
Gestart door John (Beheerder) op DESKTOP-HJ2FD4E (12-06-2020 15:26:34)
Gestart vanaf D:\Downloads
Geladen Profielen: John (Beschikbare Profielen: John )
Platform: Windows 10 Home Versie 1909 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

Kon geen toegng krijgen tot proces -> Registry
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_caabc087e4b97a65\Intel_PIE_Service.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Fork, Ltd.) C:\Windows\Prey\wpxsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ELAN Microelectronics Corp.) C:\Program Files\ElanFP\ELANFPService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_500b295e7e5efb08\ICEsoundService64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(ASUSTek Computer Inc.) C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\CompPkgSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(PageBites, Inc.) C:\Users\John \AppData\Roaming\Imo Messenger\ImoDesktopApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js) C:\Windows\Prey\versions\1.7.3\bin\node.exe
(Farbar) D:\Downloads\FRST64(1).exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-02-14] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files\opera\assistant\browser_assistant.exe [3004440 2020-06-10] (Opera Software)
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [3566528 2019-12-18] (Binary Fortress Software)
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd)
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\Run: [SnailDriver] => C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\SnailLaunch.exe [792064 2018-07-26] (SnailDrivers)
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\MountPoints2: {171c646a-b1ba-11e9-bb82-d151e93aa9a8} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\MountPoints2: {ae1cf122-929b-11ea-bba8-44032cea3f07} - "E:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-08-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\John \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2020-03-13]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{31cb43f3-1ebd-4ebc-b23a-d5fb8cc95fbc}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{400dcf92-b43e-47c7-85b3-e57d93ab2ad8}: [DhcpNameServer] 192.168.1.1 192.168.0.1
Tcpip\..\Interfaces\{9ce681c6-96b7-475a-93b9-97dd5f3f14ce}: [DhcpNameServer] 169.254.177.95

Internet Explorer:
==================
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-932849357-2366556874-2288096604-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-932849357-2366556874-2288096604-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-09] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Geen bestand
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Geen bestand

Edge:
======
Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]

FireFox:
========
FF DefaultProfile: 2j41camh.default-1546570635261
FF ProfilePath: Profiles/2j41camh.default-1546570635261 [niet gevonden]
FF ProfilePath: C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261 [2020-06-12]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2019-05-15]
FF Extension: (Privacy Badger) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-06-04]
FF Extension: (Geen Naam) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-06-11]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-06-09]
FF Extension: (uBlock Origin) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\uBlock0@raymondhill.net.xpi [2020-05-29]
FF Extension: (Avast Online Security) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\wrc@avast.com.xpi [2019-11-27]
FF Extension: (Lightshot (screenshot tool)) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\2j41camh.default-1546570635261\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2019-01-04]
FF ProfilePath: C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\9527wii5.john [2019-01-05]
FF Extension: (Avast Online Security) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\9527wii5.john\Extensions\wrc@avast.com.xpi [2018-06-23]
FF ProfilePath: C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\4w6e6ij1.Standaardgebruiker [2020-01-30]
FF Extension: (Avast Online Security) - C:\Users\John \AppData\Roaming\Mozilla\Firefox\Profiles\4w6e6ij1.Standaardgebruiker\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (DoH Roll-Out) - C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi [2020-06-09] [ niet getekend]
FF Extension: (Firefox Screenshots) - C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi [2020-06-09] [ niet getekend]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2020-06-09] [ niet getekend]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => niet gevonden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => niet gevonden
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\John \AppData\Local\Google\Chrome\User Data\Default [2020-06-12]
CHR Extension: (Google Drive) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-08]
CHR Extension: (YouTube) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-08]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
CHR Profile: C:\Users\John \AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-12]
CHR Profile: C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1 [2020-06-12]
CHR Extension: (Presentaties) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-01]
CHR Extension: (Documenten) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-01]
CHR Extension: (Google Drive) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-01]
CHR Extension: (YouTube) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-11]
CHR Extension: (Avast SafePrice
 Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-19]
CHR Extension: (Spreadsheets) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-01]
CHR Extension: (McAfeeģ WebAdvisor) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-06-03]
CHR Extension: (Offline Documenten) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Avast Online Security) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-05-29]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
CHR Profile: C:\Users\John \AppData\Local\Google\Chrome\User Data\System Profile [2020-06-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - c:\program files\opera\Launcher.exe

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [184832 2020-02-14] (Microsoft Corporation)
S3 AarSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 AarSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1393664 2020-05-13] (Microsoft Corporation)
S3 BcastDVRUserService_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-05-13] (Microsoft Corporation)
R3 BluetoothUserService_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 BluetoothUserService_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [237056 2020-05-13] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1072128 2020-05-13] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [701952 2020-05-13] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [368640 2020-05-13] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [128000 2020-05-13] (Microsoft Corporation)
S3 CaptureService_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 CaptureService_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1125376 2020-05-13] (Microsoft Corporation)
R3 cbdhsvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10637168 2020-05-29] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [177664 2020-05-13] (Microsoft Corporation)
S3 ConsentUxUserSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe [508984 2019-10-30] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe [510008 2019-10-30] (Intel Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [380632 2020-05-13] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_f2fed; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [380632 2020-05-13] (Microsoft Corporation)
R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2018-02-28] (Fork, Ltd.) [Bestand niet getekend]
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [231912 2020-05-13] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185952 2020-05-13] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [466944 2020-05-13] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338432 2020-05-13] (Microsoft Corporation)
S3 DevicePickerUserSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [650240 2020-05-13] (Microsoft Corporation)
S3 DevicesFlowUserSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DevicesFlowUserSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [215040 2020-05-13] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [407040 2020-02-14] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-03-10] (Microsoft Corporation)
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [358912 2020-03-10] (Microsoft Corporation)
R2 ELANFPService; C:\Program Files\ElanFP\ELANFPService.exe [50912 2019-04-22] (ELAN Microelectronics Corp.)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1701480 2017-07-07] (Intel Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe [1287152 2020-06-02] (Google LLC)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-17] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 ICEsoundService; C:\WINDOWS\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_500b295e7e5efb08\ICEsoundService64.exe [814264 2020-03-16] (ICEpower A/S)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe [391736 2019-10-30] (Intel Corporation)
R3 InstallService; C:\WINDOWS\system32\InstallService.dll [2465792 2020-05-13] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1737216 2020-05-13] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [64512 2019-03-19] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-06] (Intel Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [317952 2019-03-19] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-14] (Malwarebytes)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-13] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-13] (Microsoft Corporation)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [831488 2019-03-19] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (Intel Security, Inc.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
R3 PIEServiceNew; C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_caabc087e4b97a65\Intel_PIE_Service.exe [480544 2019-09-26] (Intel Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [178688 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_f2fed; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_f2fed; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [269824 2019-03-19] (Microsoft Corporation)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-08-22] (Intel Corporation)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc.)
R3 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [929144 2020-03-10] (Microsoft Corporation)
R3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1270784 2020-05-13] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [472576 2019-12-20] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [986112 2019-12-20] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1498624 2020-05-13] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1245696 2020-05-13] (Microsoft Corporation)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
S3 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2019-12-20] (Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [544256 2020-05-13] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [355840 2020-04-15] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [740352 2019-03-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729600 2020-05-13] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1390080 2019-03-19] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [921600 2020-05-13] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [2131456 2020-04-15] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare)
S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [72704 2019-03-19] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\System32\ibtsiva [X]

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [337920 2020-03-10] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2020-03-10] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-03-10] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek COMPUTER INC.)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2019-12-20] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2019-12-20] (Microsoft Corporation)
R3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [117264 2020-02-14] (Microsoft Corporation)
R3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [97280 2019-03-19] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [36864 2020-03-10] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [64312 2019-03-19] (Microsoft Corporation)
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [457216 2020-05-13] (Microsoft Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Windows (R) Win 7 DDK provider)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74168 2017-07-07] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2017-07-07] (Intel Corporation)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2017-07-07] (Intel Corporation)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2019-12-20] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [64000 2019-12-20] (Microsoft Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUS)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185232 2019-10-17] (Intel Corporation)
R3 iaLPSS2_SPI; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [152464 2019-10-17] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [298384 2019-10-17] (Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-08-22] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [756216 2020-01-19] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys [20620368 2019-10-30] (Intel Corporation)
R3 IntcDAud; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_af5afa2a89e9d034\IntcDAud.sys [354152 2019-10-30] (Intel(R) Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [535864 2019-03-19] (Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [62264 2019-03-19] (Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-11] (Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-04] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [359424 2019-12-20] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys [253840 2019-10-17] (Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492520 2017-09-15] (McAfee LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-14] (McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115184 2017-09-15] (McAfee LLC)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [187904 2019-03-19] (Microsoft Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8832792 2020-03-10] (Intel Corporation)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [96056 2019-03-19] (Microsoft Corporation)
S3 pmem; C:\WINDOWS\System32\drivers\pmem.sys [127800 2019-03-19] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [33592 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-23] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [76088 2019-03-19] (Microsoft Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-01-13] (SlimWare Utilities, Inc.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2019-12-20] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2019-12-20] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2019-12-20] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2019-12-20] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2019-12-20] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [257536 2019-12-20] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Corporation)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [251392 2020-05-13] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [205112 2019-12-20] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-11-17] (Zemana Ltd.)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2020-06-11 23:53 - 2020-06-11 23:59 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-06-11 23:00 - 2020-06-11 23:00 - 00214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-11 23:00 - 2020-06-11 23:00 - 00000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20200611_230000.txt
2020-06-11 21:49 - 2020-06-11 21:49 - 00000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20200611_214914.txt
2020-06-09 19:49 - 2020-06-09 19:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Mozilla
2020-06-09 10:06 - 2020-06-11 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2020-06-08 11:09 - 2020-06-08 11:09 - 00000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20200608_110900.txt
2020-06-04 14:50 - 2020-06-04 14:50 - 00248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-30 19:54 - 2020-05-30 19:54 - 00000000 ____D C:\Users\John \AppData\Roaming\shrink_pic
2020-05-30 19:53 - 2020-05-30 20:08 - 00000000 ____D C:\Program Files (x86)\Shrink Pic
2020-05-22 21:01 - 2020-05-22 21:01 - 00000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20200522_210158.txt
2020-05-22 13:29 - 2020-05-22 13:29 - 02510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-05-14 10:17 - 2020-05-14 10:17 - 00000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20200514_101748.txt
2020-05-13 11:33 - 2020-05-13 11:33 - 25902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 25444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 22638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 19851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 19812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 18029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 08013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 07822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 07756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 07267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 07011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 06525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 06291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 05911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 05757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 05098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 04858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 04129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 03822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 03513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-13 11:33 - 2020-05-13 11:33 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-13 11:33 - 2020-05-13 11:33 - 02584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 02259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 02073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 01525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 01071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 01034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-13 11:33 - 2020-05-13 11:33 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-13 11:33 - 2020-05-13 11:33 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-13 11:33 - 2020-05-13 11:33 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-13 11:33 - 2020-05-13 11:33 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-13 11:32 - 2020-05-13 11:33 - 02798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 14819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 09929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 09339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 07902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 07604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 07257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 06710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 06435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 06168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 06082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 05945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 05340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 05280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 04565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 04012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 04005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 03974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 03807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 03747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 03727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 03371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 03084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 02854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 02072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 01005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll


Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #1 Gepost op: 12 juni 2020, 16:00:54 »
Hierna rest van de scan:
2020-05-13 11:32 - 2020-05-13 11:32 - 00693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-13 11:32 - 2020-05-13 11:32 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-13 11:32 - 2020-05-13 11:32 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-13 11:32 - 2020-05-13 11:32 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-13 11:32 - 2020-05-13 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 17791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 07297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 06232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 04624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 03711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 03581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 02504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 02060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 01007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-13 11:31 - 2020-05-13 11:31 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-13 11:31 - 2020-05-13 11:31 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-13 11:31 - 2020-05-13 11:31 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-13 11:31 - 2020-05-13 11:31 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2020-06-12 15:26 - 2018-05-14 10:24 - 00000000 ___DC C:\FRST
2020-06-12 15:25 - 2018-11-17 07:05 - 00191328 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-06-12 15:14 - 2017-12-05 12:40 - 00000000 ___DC C:\Users\John \AppData\LocalLow\Mozilla
2020-06-12 15:12 - 2019-12-20 16:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-12 14:03 - 2019-03-19 06:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-12 10:51 - 2020-02-28 21:25 - 00002063 ____C C:\Users\John \Desktop\Imo Messenger.lnk
2020-06-11 23:14 - 2017-12-05 10:58 - 00000000 ___DC C:\Users\John \AppData\Local\ClassicShell
2020-06-11 23:07 - 2019-04-03 11:27 - 00000000 ____D C:\Users\John \AppData\Local\D3DSCache
2020-06-11 23:04 - 2019-12-20 16:40 - 01771832 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-11 23:04 - 2019-03-19 14:33 - 00788866 _____ C:\WINDOWS\system32\perfh013.dat
2020-06-11 23:04 - 2019-03-19 14:33 - 00154844 _____ C:\WINDOWS\system32\perfc013.dat
2020-06-11 23:04 - 2019-03-19 06:50 - 00000000 ____D C:\WINDOWS\INF
2020-06-11 23:00 - 2017-10-24 01:45 - 00000000 _SHDC C:\Users\John \IntelGraphicsProfiles
2020-06-11 22:59 - 2019-12-20 16:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-11 22:52 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-06-11 22:52 - 2019-03-19 06:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-11 21:49 - 2018-11-18 05:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-11 20:17 - 2019-03-19 06:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 20:15 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-06-10 15:56 - 2020-01-16 17:06 - 00075553 _____ C:\Users\John \Documents\boodschappen NL_2020.xlsx
2020-06-10 15:45 - 2020-02-26 19:04 - 00004170 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1582736646
2020-06-09 19:49 - 2018-11-18 05:13 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-09 19:40 - 2019-03-19 06:52 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-09 19:39 - 2017-10-24 00:59 - 00000000 ____D C:\Program Files\Microsoft Office
2020-06-07 18:20 - 2018-01-29 15:01 - 02524498 ____C C:\Users\John \AppData\Local\census.cache
2020-06-07 18:20 - 2018-01-29 15:01 - 00124150 ____C C:\Users\John \AppData\Local\ars.cache
2020-06-07 17:23 - 2017-12-06 10:54 - 00000000 ___DC C:\ProgramData\TEMP
2020-06-07 17:22 - 2017-12-06 10:53 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2020-06-07 17:10 - 2019-03-19 06:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-06-05 23:03 - 2019-03-19 06:56 - 00835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 00179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 15:51 - 2018-02-28 13:41 - 00000000 ____D C:\WINDOWS\Prey
2020-06-05 09:37 - 2017-12-05 13:33 - 00002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-04 17:01 - 2017-12-10 21:19 - 00000000 ___DC C:\Users\John \AppData\Local\Packages
2020-06-04 15:35 - 2019-12-20 16:39 - 00003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-932849357-2366556874-2288096604-1001
2020-06-04 15:35 - 2019-12-20 16:33 - 00002382 ____C C:\Users\John \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-04 15:35 - 2017-10-24 01:47 - 00000000 __RDC C:\Users\John \OneDrive
2020-06-04 14:49 - 2019-07-22 03:45 - 00019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-04 10:14 - 2019-12-20 16:39 - 00003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2020-06-04 10:14 - 2017-12-05 13:33 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-04 09:43 - 2018-05-21 03:49 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 11:06 - 2017-12-31 11:38 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-30 12:18 - 2019-06-20 05:19 - 00000000 ____D C:\Program Files\UNP
2020-05-22 21:48 - 2020-02-28 21:25 - 00000000 ____D C:\Users\John \AppData\Roaming\Imo Messenger
2020-05-22 21:01 - 2018-02-11 09:34 - 00000000 ____D C:\Program Files\Opera
2020-05-21 16:52 - 2019-12-20 16:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1518334949
2020-05-21 16:52 - 2018-02-11 09:42 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-browser.lnk
2020-05-14 10:38 - 2018-05-21 10:54 - 00000000 ___DC C:\Users\John \AppData\Local\PlaceholderTileLogoFolder
2020-05-14 10:18 - 2017-12-10 21:40 - 00000000 __RDC C:\Users\John \3D Objects
2020-05-14 10:18 - 2017-10-24 00:31 - 00000000 _RHDC C:\Users\Public\AccountPictures
2020-05-14 10:17 - 2019-12-20 16:30 - 00439440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\TextInput
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\system32\en-GB
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\Provisioning
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-05-14 10:16 - 2019-03-19 06:52 - 00000000 ____D C:\PerfLogs
2020-05-13 13:34 - 2017-12-06 11:00 - 00000000 ___DC C:\Users\John \AppData\Roaming\vlc
2020-05-13 12:07 - 2017-12-05 10:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2020-05-13 11:38 - 2017-12-05 10:04 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-13 11:31 - 2019-12-20 16:33 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Bestanden in de root van sommige mappen =======

2017-10-24 01:48 - 2019-12-20 15:33 - 0000200 ____C () C:\Users\John \AppData\Roaming\sp_data.sys
2020-01-19 14:49 - 2020-01-19 14:49 - 0000886 _____ () C:\Users\John \AppData\Roaming\stevin stevinson - Snelkoppeling (2).lnk
2019-08-14 11:33 - 2019-08-14 11:33 - 0000886 _____ () C:\Users\John \AppData\Roaming\stevin stevinson - Snelkoppeling.lnk
2018-01-29 15:01 - 2020-06-07 18:20 - 0124150 ____C () C:\Users\John \AppData\Local\ars.cache
2018-01-29 15:01 - 2020-06-07 18:20 - 2524498 ____C () C:\Users\John \AppData\Local\census.cache
2018-01-29 14:40 - 2018-01-29 14:40 - 0000036 ____C () C:\Users\John \AppData\Local\housecall.guid.cache
2018-08-29 05:20 - 2018-08-29 05:20 - 0000017 ____C () C:\Users\John \AppData\Local\resmon.resmoncfg
2018-08-05 15:12 - 2020-01-03 02:45 - 0002249 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
C:\WINDOWS\system32\codeintegrity\Bootcat.cache ONTBREEKT <==== AANDACHT

==================== Eind van FRST.txt ============================

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #2 Gepost op: 13 juni 2020, 10:59:33 »
Hallo,

Doe als eerste wat Han schreef: zorg voor een goede back up.

IK zie dat je FRST al heb uitgevoerd, er worden twee logbestanden aangemaakt met de naam (FRST.txt en Addition.txt)
Je heb alleen FRST.txt geplaatst plats Addition.txt ook nog even.


Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #3 Gepost op: 13 juni 2020, 13:01:00 »
Sorry, slordig van me. Hierbij alsnog. Wat ik inmiddels ook nog heb gedaan, althans een poging daartoe, door in Taakbeheer, onder Processen en Services alsmede start up te klijken of er geen verdacht iets aanwezig is wat zou kunnen wijzen op een key logger. Ik heb, niets kunnen ontdekken. Even zo in programma's en onderdelen, dat er recent een app is geÔnstalleerd waar ik geen weet van heb. Dit als aanvullende info.
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01
Gestart door John  (12-06-2020 15:28:17)
Gestart vanaf D:\Downloads
Windows 10 Home Versie 1909 (X64) (2019-12-20 14:39:26)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-932849357-2366556874-2288096604-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-932849357-2366556874-2288096604-503 - Limited - Disabled)
Gast (S-1-5-21-932849357-2366556874-2288096604-501 - Limited - Disabled)
John  (S-1-5-21-932849357-2366556874-2288096604-1001 - Administrator - Enabled) => C:\Users\John
WDAGUtilityAccount (S-1-5-21-932849357-2366556874-2288096604-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== GeÔnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

1310 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
1310_Help (x32 Version: 82.0.58.000 - Hewlett-Packard) Hidden
1310Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.25.401.14526 - Alcor Micro Corp.) Hidden
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.4 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.22 - ASUSTek COMPUTER INC.)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0057 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.50 - ICEpower a/s)
BleachBit 2.2 (current user) (HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\BleachBit) (Version: 2.2 - BleachBit)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.95.69 - Conexant)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
ELAN SPI FingerPrint Driver (HKLM\...\ElanFP) (Version: 2.5.8.1101 - ELAN Microelectronic Corp.)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version:  - Eusing Software)
Fast Duplicate File Finder 5.0.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 5.0.0.1 - MindGems, Inc.)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.451 - Google LLC) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DeskJet 2600 series Basissoftware van het apparaat (HKLM\...\{F1013F70-E83D-4A00-A267-85503E695C70}) (Version: 43.3.2478.18107 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{360EA3DD-5188-4C03-99E9-BBC9299C37A8}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{148228B0-B9BA-4EB3-8DEA-33704CB28906}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{77B95CFA-1BAC-486A-938B-11CABDF6B0EA}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{48357ADA-F41C-4F80-B679-A70EBE2A4324}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{83A20A36-8760-48EF-B1E5-5B66C24AA4A1}) (Version: 36.0.100.66344 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{69BB1A4A-E852-4E68-AD57-EF25981198D7}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{F0CAE304-6FA4-4F90-BE44-B5E8BFA16B11}) (Version: 43.0.0.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Imo Messenger (HKLM-x32\...\{F1A9580D-B854-4289-8BBF-FE9FF1F3A291}) (Version: 1.2.70 - PageBites, Inc)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intelģ PROSet/Wireless Software (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 2016 voor Thuisgebruik en Studenten - nl-nl (HKLM\...\HomeStudentRetail - nl-nl) (Version: 16.0.12827.20268 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 77.0.1 (x64 nl)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.12827.20268 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Opera Stable 68.0.3618.125 (HKLM-x32\...\Opera 68.0.3618.125) (Version: 68.0.3618.125 - Opera Software)
Prey Anti-Theft (x32 Version: 1.7.3 - Prey, Inc.) Hidden
Productverbeteringsonderzoek voor HP DeskJet 2600 series (HKLM\...\{4AC91880-2E3B-4A5D-B854-66A9BC07168A}) (Version: 43.3.2478.18107 - HP Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SnailDriver 2 Lite version 2.1.2.0 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 2.1.2.0 - Snailsuite)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpywareBlaster 5.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.6.0 - BrightFort LLC)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TrayStatus 4.2 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 4.2.0.0 - Binary Fortress Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - ASUSTek COMPUTER INC. (AsusPTPDrv) HIDClass  (08/02/2017 11.0.0.18) (HKLM\...\E90A37D273EA609437C18750E3A7AB5C391A4E33) (Version: 08/02/2017 11.0.0.18 - ASUSTek COMPUTER INC.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-932849357-2366556874-2288096604-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\John \AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {024FC62B-810E-4059-9AF8-5A7E4AC9B23A} - System32\Tasks\S-1-5-21-932849357-2366556874-2288096604-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2019-03-19] (Microsoft Corporation)
Task: {077E5437-53AB-4AA9-B7D9-D681E02C7715} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-05-22] (Piriform Software Ltd)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\WINDOWS\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0AB0518B-1597-43E9-9E32-2A16F4718E95} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {0B013970-C1A8-4004-A927-AF04E38E6A0E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2020-02-14] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {19096475-8815-4B4E-8CE9-35C68EECE6B5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-03-19] (Microsoft Corporation)
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2020-01-17] (Microsoft Corporation)
Task: {1E0BB5CF-77FB-4A9B-92A9-1B96DF67F8DA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-12] (ASUS)
Task: {2250D074-1C0A-4F4F-A245-316B14F39997} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Task: {246B948C-CC48-416A-836E-26E669FA14AA} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe
Task: {25790EB6-322F-4588-9B1F-768D2CDF849F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-02-25] (Adobe Systems)
Task: {386346A0-6290-45EB-87E4-A5E08F8D6950} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2020-02-17] (Easeware)
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2019-03-19] (Microsoft Corporation)
Task: {40378C7B-CE71-41E6-9B6F-EDE9D47789DE} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {45A14D5D-F785-48A7-9699-EF7D087F0CED} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2020-06-09] (Microsoft Corporation)
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4848606D-03B4-4696-845E-0C8704DB7A47} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2019-12-20] (Microsoft Corporation)
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {4A61BCE1-02FC-4F8D-AD7D-06CC80F2C130} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {4B995B36-628F-4240-B291-AC23750EE207} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2020-05-29] (Microsoft Corporation)
Task: {4DDF305C-E963-45BE-A8F0-DB2A76C9E03C} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {4ED5A3CB-D09D-4D6A-A165-CBBE6DB4020A} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {500F327A-83BB-4977-9535-EBB93D06AAF1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2020-05-29] (Microsoft Corporation)
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {57D4362F-CF9F-4372-9872-D14078CBB763} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-05] (Google Inc.)
Task: {5B9ED762-FF93-4860-86F9-5FC5DCEB20FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-05] (Google Inc.)
Task: {60FD6E02-E0DD-41D4-A23B-B014ED39249C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [2020-06-09] (Microsoft Corporation)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2019-12-20] (Microsoft Corporation)
Task: {6B1E2347-EA59-43A2-AFCD-D3A40BF0F86C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {74347069-2AE5-4DF4-A80F-EB3A4A085C68} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-28] (ASUSTek Computer Inc.)
Task: {7768DBBA-6943-4F64-B312-80A876B35C28} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [2020-06-09] (Microsoft Corporation)
Task: {7C76025D-54A1-40A6-A4EA-FA6960F14418} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [2020-06-04] (Microsoft Corporation)
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {83FC2E5D-D59A-472B-97C9-D8B7FF080A96} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [2018-04-17] (HP Inc.)
Task: {84705464-887E-4FE3-9E8B-C77BA0B716F7} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-03-19] (Microsoft Corporation)
Task: {84CD1775-BC0F-49DF-8332-0CB5D0FAF0B3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {9688ADF3-FC44-42AF-93FC-A8751A6499BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [2020-06-04] (Microsoft Corporation)
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-02-14] ()
Task: {BFC406F1-D199-45E3-A1E6-2A8592EBF342} - System32\Tasks\Opera scheduled Autoupdate 1518334949 => c:\program files\opera\launcher.exe [2020-05-19] (Opera Software)
Task: {BFFBF079-6C55-4A50-A0CB-24E0642E1BBA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Task: {C6B9A196-B428-4719-9B52-4525F8B47FE5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {C905EDB2-98F5-4C97-A3F2-4089A01AF23E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Task: {C9F7C9E2-2BA7-4DB8-8D35-31D548661870} - System32\Tasks\Opera scheduled assistant Autoupdate 1582736646 => c:\program files\opera\launcher.exe [2020-05-19] (Opera Software)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-11-09] (ASUSTek COMPUTER INC.)
Task: {CC896B90-5050-48E2-823D-53A133401B8C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [2020-06-04] (Microsoft Corporation)
Task: {D1FAFE96-BEBA-41F3-9FD2-B0C3F7B5AEB2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {D55AF740-4D53-49A8-888F-D11539B93AA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [2020-06-04] (Microsoft Corporation)
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D8D78F67-9993-4930-9E21-3503F38D797F} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc)
Task: {DA82DE73-5EB7-4E89-9645-BD0C49AA1A35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2020-05-22] (Piriform Software Ltd)
Task: {DD8744D8-B53B-4607-B598-7FCC9577F14C} - System32\Tasks\SnailDriver2_Lite_SkipUAC => C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\SnailDriver.exe [2018-07-26] (Snail)
Task: {DF52C9B8-3EBB-4246-B3EE-59E9F89B9909} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-11-14] (ASUSTek Computer Inc.)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E1454B37-0E32-4701-A411-1FA7A42B7314} - System32\Tasks\SnailDriver2_Lite_Launch => C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\SnailLaunch.exe [2018-07-26] (SnailDrivers)
Task: {E4AEB720-7F18-419F-A20E-6E0B5C4ED968} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E8DABD8E-92E4-49F9-A1FE-F5D594B6BEB3} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: {EAD42DC4-E72D-452F-9EFD-C7A66BD8CE4A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-12-11] (McAfee, Inc.)
Task: {EB597180-18C3-4AA4-80A3-451A7FE7C7EF} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {EEA98C76-FFAB-41CE-909A-AAEEACAAAC8E} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [2016-07-05] (Conexant Systems, Inc.)
Task: {FEA8382C-9CC0-4DC6-88B3-8109CE5C4A4E} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [2017-06-07] (Conexant Systems, Inc.)
Task: {FFBE4C66-9487-4AD1-A8B6-F65611CC4CEA} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-28] (ASUSTek Computer Inc.)

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\WebReg HP PSC 1310 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\sjonniewalker - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\John \AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel

==================== Geladen Modules (gefilterd) ==============

2019-03-19 06:43 - 2019-03-19 06:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2020-03-27 10:18 - 2019-10-30 05:16 - 00145488 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdinfo64.dll
2019-03-19 06:43 - 2019-03-19 06:43 - 00453632 _____ () c:\windows\system32\SSDM.dll
2020-02-14 17:28 - 2020-02-14 17:28 - 00602688 _____ () C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL
2019-11-24 07:21 - 2020-04-17 12:08 - 03636944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtANGLE.dll
2020-02-14 17:27 - 2020-02-14 17:27 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-03-19 06:59 - 2019-03-19 14:35 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 06:43 - 2019-03-19 06:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-12-20 23:14 - 2019-12-20 23:14 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2020-04-15 11:02 - 2020-04-15 11:02 - 00943928 _____ () C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-04-15 11:03 - 2020-04-15 11:03 - 01798144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2020-02-08 18:25 - 2020-02-08 18:26 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2020-02-08 18:25 - 2020-02-08 18:26 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-11-28 02:45 - 2017-01-04 03:55 - 01044480 _____ () C:\Program Files (x86)\TrayStatus\x64\e_sqlite3.dll
2020-05-22 13:22 - 2020-05-22 13:22 - 00121680 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
2020-06-07 17:09 - 2020-06-07 17:09 - 19770880 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\YourPhone.Views.dll
2020-06-07 17:09 - 2020-06-07 17:09 - 09341440 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-04-12 12:37 - 2020-04-12 12:38 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-06-07 17:09 - 2020-06-07 17:09 - 02549248 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\ScreenMirroring.dll
2020-06-07 17:09 - 2020-06-07 17:09 - 05283840 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-06-07 17:09 - 2020-06-07 17:09 - 00872960 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20051.93.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll
2018-10-04 03:34 - 2018-10-04 03:59 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2020-02-08 18:25 - 2020-02-08 18:25 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2020-02-08 18:25 - 2020-02-08 18:25 - 10471936 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2020-02-08 18:25 - 2020-02-08 18:26 - 03742208 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\skypert.dll
2020-02-08 18:25 - 2020-02-08 18:25 - 00676352 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-02-15 04:00 - 2019-02-15 04:30 - 02362096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\Processing.NDI.Lib.UWP.x64.dll
2019-12-20 23:14 - 2019-12-20 23:14 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-06-07 17:09 - 2020-06-07 17:10 - 01490720 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2020-03-27 10:18 - 2019-10-30 05:16 - 00128016 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdinfo32.dll
2017-06-06 01:23 - 2017-06-06 01:23 - 01244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 00033280 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 00125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-08-31 13:57 - 2016-08-31 13:57 - 00899584 _____ () \\?\C:\Windows\Prey\versions\1.7.3\node_modules\sqlite3\lib\binding\node-v46-win32-ia32\node_sqlite3.node

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\1001movie.com -> 1001movie.com

Er zijn 6091 Meer websites.


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2017-03-18 23:03 - 2019-01-04 13:24 - 00000827 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-932849357-2366556874-2288096604-1001\Control Panel\Desktop\\Wallpaper -> c:\users\john \appdata\local\microsoft\windows\themes\transcodedwallpaper
DNS Servers: 192.168.2.254 - 213.75.63.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\StartupApproved\Run: => "SnailDriver"
HKU\S-1-5-21-932849357-2366556874-2288096604-1001\...\StartupApproved\Run: => "FBackup 7 Tray Agent"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{16171FF8-22C8-4DD9-A65B-738F08977377}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{12CD0739-33C5-45D7-883D-940AD1B03605}] => (Allow) C:\Windows\Prey\versions\1.7.3\bin\node.exe
FirewallRules: [{A1A466D6-EA55-4E11-9AD7-5E0D3FDE49BA}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ZenSync_1.0.7.0_x86__qmba6cd70vzyy\AppService\AppService_NotificationHost.exe
FirewallRules: [{C72791C9-6958-44B1-A44E-D4B45A524C9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{781BA94B-4FAE-4195-9D79-E187A8257563}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8D0023EB-E9DD-4BFA-8A28-9DB9A268142C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{AC0789D2-23B5-44AF-AB3A-AD95EF3F3A96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{32791B00-5739-449F-A054-D54EDEBA333D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C4675230-B54D-4FC7-AFFB-2C97EF61F267}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EC537C06-26F7-4D3F-93C9-18FAAF9A2018}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{33D46F4E-4877-4004-A274-AFC4CED09A47}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FD65A8EE-EEA3-45C1-B47D-1F3285A36E97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{415C0F70-A297-4F98-B3F7-418BA65873FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{138A4DC5-B31D-494D-88CF-B0201397E741}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F4598E06-42AE-4806-8E7F-4E5BB4BDE6BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{57AA83CF-4D0D-4B0E-8CDA-10BA2B8901C1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FC5C36DA-C657-41FD-AE6C-90D5B0D7ED11}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1890B76F-E3BF-40DB-9373-FBB7C9D8A4F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{DEE29324-8E51-4C03-AF28-4CD8F3CBF405}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{AEBF8DAB-DF36-4C50-95A5-0D4F1318C3F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CD97CCDB-3AE1-4628-AD91-F1D98101599B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{C8412228-20E0-4CF7-A8F9-3858BE2C29EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{32599C18-C7F5-4D83-8915-0A8B02B6B1F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E084A8AD-10B1-4FB7-A5B3-4F90C4EA90A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5A1075B0-372A-4A76-889D-BB39D4CB1644}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{E27734DC-D576-4711-A6EA-FDCEA41F0AC8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8AE3B19F-5BC2-4993-B3B8-EE4F750AB5EF}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe
FirewallRules: [{5FD82811-1271-4FAA-93CC-4806F55FE5E6}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe
FirewallRules: [{1689BEBF-DC40-4E0A-A666-4131C2095519}] => (Allow) LPort=5357
FirewallRules: [{C4884771-1A4A-48D4-8A8B-0D4F7A8CC3AA}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{500C0F86-F374-4969-BADE-942581CB9D94}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{D714AC6F-F73D-4B50-9026-AAB7B62FDCFF}] => (Allow) c:\program files\opera\68.0.3618.104\opera.exe
FirewallRules: [{B0EC0DE1-3071-4AA2-B082-90E1FD0A0BAD}] => (Allow) c:\program files\opera\68.0.3618.125\opera.exe
FirewallRules: [{1DE5A4DC-4CC1-4CA9-ADDE-CF8ACA1641B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

13-05-2020 11:21:03 Windows Update
22-05-2020 13:29:46 Windows Update
04-06-2020 21:38:37 Gepland controlepunt
11-06-2020 20:17:23 Windows Update

==================== Defecte Apparaatbeheer Apparaten =============

Name: USB2.0 VGA UVC WebCam
Description: USB-videoapparaat
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (06/12/2020 03:27:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6212,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 02:36:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8388,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 01:18:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8184,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 01:11:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13332,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 11:47:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12072,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 10:56:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9472,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 10:49:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6860,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 10:37:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9052,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 10:10:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1956,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/12/2020 09:47:59 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10552,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Systeemfouten:
=============
Error: (06/12/2020 10:24:34 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-HJ2FD4E)
Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding
"2147942767"
 is opgetreden bij het uitvoeren van de opdracht
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/11/2020 09:41:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 09:41:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 09:40:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 08:50:57 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-HJ2FD4E)
Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding
"2147942767"
 is opgetreden bij het uitvoeren van de opdracht
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/11/2020 08:29:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 08:13:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 07:39:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 06:59:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.

Error: (06/11/2020 06:58:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE.


CodeIntegrity:
===================================
  Date: 2020-03-25 09:14:52.720
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:52.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:52.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:52.425
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:52.408
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:52.378
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:51.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-03-25 09:14:51.366
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-02-12 15:03:55.016
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2020-02-12 15:03:55.010
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage geheugen in gebruik: 60%
Totaal fysiek RAM-geheugen: 8078.79 MB
Beschikbaar fysiek RAM-geheugen: 3228.77 MB
Totaal Virtueel geheugen: 9102.79 MB
Beschikbaar Virtual geheugen: 3962.88 MB

==================== Schijven ================================

Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:182.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:768.85 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 22030716)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 394EDACF)

Partition: GPT.

==================== Eind van Addition.txt ============================

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #4 Gepost op: 13 juni 2020, 14:37:38 »
Hallo,

Een echte virus is nog niet echt zichtbaar, via FRST laat ik lege bestanden verwijderen.
Daarna nog een controle met Eset.

Stap 1.
De tool FRST.exe staat in de dik gedrukte map: D:\Downloads <== Sleep de FRST.exe vanuit deze map naar je bureaublad.


Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Klik Windows knop plus R tegelijk in.
"Uitvoeren" opent vul daar Notepad in en klik daarna op "OK", Kladblok opent.
Kopieer onderstaande code en plak dat in "Kladblok"

start
CreateRestorePoint:
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
BHO: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
BHO-x32: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Geen bestand
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Geen bestand
Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
CHR Extension: (Avast SafePrice
CHR Extension: (Avast Online Security) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-03]
R2 ibtsiva; %SystemRoot%\System32\ibtsiva [X]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-11-17] (Zemana Ltd.)
2020-06-12 15:25 - 2018-11-17 07:05 - 00191328 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\sjonniewalker - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\John \AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]
EmptyTemp:
Reboot:
end

Ga naar Bestand - Opslaan als.
Kies als locatie bureaublad.
Bij "Bestandsnaam" zet je:fixlist.txt
Bij "Opslaan als type" selecteer je: Alle bestanden.

Als het goed is staat er nu een text bestand op je bureaublad?

Start de Farbar Recovery Scan Tool.
Als het programma is geopend klik Yes (Ja) bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Kopieer en plak de inhoud van de logbestanden in je het volgende bericht.(als de inhoud te groot is voor ťťn bericht plaats het in meerdere berichten)



Stap 2.
Lees de handleiding eerst door (vooral hoe je een logje krijgt) en voer het dan uiot.
Neem ook de tijd want het kan uren duren voor Eset klaar is.

Download ESET Online Scanner en sla deze op het bureaublad op.

  • Klik met de rechtermuisknop op eset online scanner_enu.exe en kies voor de optie Als administrator uitvoeren.[/*]
  • Wanneer het hulpprogramma wordt geopend, klikt je op Aan de slag.[/*]
  • Lees en accepteer de licentieovereenkomst.[/*]
  • Klik in het venster 'Welkom bij ESET Online Scanner op Aan de slag.[/*]
  • Selecteer of u anonieme gegevens naar ESET wilt verzenden.[/*]
  • Opmerking: als u het scherm "Welkom terug bij ESET Online Scanner " ziet, klikt je op Computerscan > Volledige scan.[/*]
  • Klik op de optie Volledige scan.[/*]
  • Selecteer ESET potentieel ongewenste toepassingen laten detecteren en deze in quarantaine laten plaatsen en klik vervolgens op Scan starten.[/*]
  • ESET begint nu met het scannen van uw computer. Dit kan wat tijd kosten.[/*]
  • Wanneer de scan is voltooid en bedreigingen zijn gedetecteerd, selecteert je Scanlog opslaan. Bewaar het op je bureaublad als eset.txt. Klik op Doorgaan.[/*]
  • ESET Online Scanner kan vragen of je de functie Periodieke scan wilt inschakelen. Klik op Doorgaan.[/*]
  • Op het volgende scherm kunt je feedback over het programma achterlaten als je dat wilt. Vink het vakje aan voor het verwijderen van applicatiegegevens bij het sluiten.
    Als je feedback hebt achtergelaten, klikt je op Verzenden en doorgaan. Zo niet, sluit dan zonder feedback.[/*]
  • Kopieer en plak het (eset.txt) bestand wat je heb gemaakt in het volgende bericht.[/*]

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #5 Gepost op: 13 juni 2020, 15:35:25 »
Hierbij een kopie van het fixlog.txt bestand. Nadat de Eset scan is voltooid zal ik dat log bestand ook plaatsen.
Mijn dank voor alles wat je tot nutoe hebt gedaan.
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01
Gestart door John  (13-06-2020 15:22:08) Run:1
Gestart vanaf C:\Users\John \Desktop
Geladen Profielen: John  (Beschikbare Profielen: John )
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start
CreateRestorePoint:
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
BHO: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
BHO-x32: Geen Naam -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Geen bestand
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Geen bestand
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Geen bestand
Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-03-19]
Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-03-19]
CHR Extension: (Avast SafePrice
CHR Extension: (Avast Online Security) - C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-03]
R2 ibtsiva; %SystemRoot%\System32\ibtsiva [X]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-11-17] (Zemana Ltd.)
2020-06-12 15:25 - 2018-11-17 07:05 - 00191328 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\sjonniewalker - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\John \AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]
EmptyTemp:
Reboot:
end
*****************

Herstelpunt is succesvol gemaakt.
C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst.
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst.
HKLM\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => sleutel is succesvol verwijderd.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => sleutel is succesvol verwijderd.
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => sleutel niet gevonden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => sleutel niet gevonden.
HKCR\PROTOCOLS\Handler\sacore => sleutel niet gevonden.
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => sleutel niet gevonden.
HKCR\PROTOCOLS\Filter\application/x-mfe-ipt => sleutel niet gevonden.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => sleutel niet gevonden.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => sleutel is succesvol verwijderd.
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions => is succesvol verplaatst.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => sleutel is succesvol verwijderd.
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets => is succesvol verplaatst.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => sleutel is succesvol verwijderd.
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions => niet gevonden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => sleutel is succesvol verwijderd.
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions => niet gevonden
CHR Extension: (Avast SafePrice => niet gevonden
C:\Users\John \AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki => niet gevonden
ibtsiva => Kon service niet stoppen.
HKLM\System\CurrentControlSet\Services\ibtsiva => sleutel is succesvol verwijderd.
ibtsiva => dienst is succesvol verwijderd.
ZAM_Guard => Kon service niet stoppen.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => sleutel is succesvol verwijderd.
ZAM_Guard => dienst is succesvol verwijderd.
C:\WINDOWS\ZAM_Guard.krnl.trace => is succesvol verplaatst.
C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\sjonniewalker - Chrome.lnk => niet gevonden.
C:\Users\John \AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk => niet gevonden.
C:\ProgramData\TEMP => ":5C321E34" ADS is succesvol verwijderd..

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9642100 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 2663849 B
Edge => 2689195 B
Chrome => 1469343 B
Firefox => 22967758 B
Opera => 347638 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 2454 B
NetworkService => 0 B
John  => 40424829 B

RecycleBin => 0 B
EmptyTemp: => 86.8 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 15:22:56 ====

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #6 Gepost op: 13 juni 2020, 17:49:00 »
Idd, die scan duurde ff. Hierbij het eset.txt bestand. Toch wel enigszins verbaasd dat het recovery app en die andere app, van dezelfde makers als Ccleaner, potentieel onveilig worden beschouwd.
13-6-2020 17:38:25
Gescande bestanden: 428953
Gedetecteerde bestanden: 2
Opgeschoonde bestanden: 2
Totale scantijd 01:30:08
Scanstatus: Voltooid


D:\Downloads\rcsetup153.exe   Win32/Bundled.Toolbar.Google.D potentieel onveilige toepassing   opgeschoond door te verwijderen
D:\Downloads\spsetup131.exe   Win32/Bundled.Toolbar.Google.D potentieel onveilige toepassing   opgeschoond door te verwijderen

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #7 Gepost op: 13 juni 2020, 18:10:42 »
Hallo,

Dat zijn de installatie bestanden, hierin zit vaak een toolbar verborgen zoals het al word aangegeven (niks ernstigs dus).

Doen we nog ťťn test en dan weten we zeker dat het een Hoax mail was.

Download de Emsisoft Emergency Kit naar het bureaublad.
Klik hier voor de complete / uitgebreide handleiding van de Emsisoft Emergency Kit.

  • Dubbelklik op "EmsisoftEmergencyKit.exe".
  • Klik vervolgens op de knop "Install" en de bestanden worden nu automatisch uitgepakt naar de systeemschijf "C:\EEK".
  • Wanneer het uitpakken gereed is opent de map "C:\EEK" dubbelklik op "Start Emergency Kit Scanner".
  • "Emsisoft Emergency Kit" opent, wanneer u de melding "Wilt u nu updaten?" krijgt klikt u op "Ja".
  • Wanneer de update gereed is klikt u op "Malware scan" wanneer u de melding "om PUP's mee scannen" krijgt klikt u op "Ja".
  • Het scannen begint, gebruik bij voorkeur de computer niet voor andere bezigheden tijdens de scan.
  • BELANGRIJK: Wanneer de scan gereed is verwijder niks en plaats ook niks in "Quarantaine".
  • Klik vervolgens op de knop "Rapport bekijken" sla dit bestand op b.v. je bureaublad en sluit EmsisoftEmergencyKit.
  • Plaats nu het gemaakte logje in je volgende antwoord.

(Het logbestand is teven terug te vinden op de systeemschijf (C:\EEK\Run\Reports) met de naam scan_xxxx.txt).[/list]


Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #8 Gepost op: 13 juni 2020, 19:38:44 »
Hierbij het logje van Emsisoft:
Emsisoft Emergency Kit - Versie 2020.5
Laatste Update: N/A
Mijn eigen DESKTOP-HJ2FD4E\John
 DESKTOP-HJ2FD4E
 Windows 10x64

Scaninstellingen:

Scanmodus: Malware Scan
Objecten: Rootkits, Geheugen, Sporen, Bestanden

Detecteer PUPs: AAN
Scan archieven: UIT
Scan email data bestanden: UIT
ADS Scan: AAN
Directe schijftoegang: UIT

Scan gestart:   13-6-2020 19:17:52
C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\free registry cleaner    Gedetecteerd: Application.AdStart (A) [224398]

Gescand:   84589
Gevonden:   1

Scan geŽindigd:   13-6-2020 19:31:39
Scantijd:   0:13:47

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #9 Gepost op: 14 juni 2020, 09:03:41 »
Hallo,

Het gevonden item mag je gaan verwijderen.
Scan nogmaals met "EmsisoftEmergencyKit" en doe een "Malware scan.
Wanneer de scan gereed is zorg dat alle items staan aangevinkt en klik op de knop "Geselecteerde in quarantaine".

Als dat is gelukt hoef je het logje niet te plaatsen, en vertel of je nog problemen ondervind zo nee mag je de laatste stap doen.

Met het onderstaande tool ruim je de meeste tools op die we hebben gebruikt:

Download   KpRm van Kernel-panik en sla deze op uw bureaublad op.
  • Klik met de rechtermuisknop op KpRm.exe en kies voor de optie Als administrator uitvoeren.
  • Zet een vinkje bij:
- Gereedschap verwijderen
- CreŽer een herstelpunt

  • Klik op de knop "Run"en wacht geduldig tot de tool gereed is.
  • Wanneer de tool gereed is wordt er een logbestand aangemaakt, dit kan je als bijlage posten.
Note: Start je pc hierna opnieuw op, mochten er nog programma's of log bestanden aanwezig zijn mag je die handmatig verwijderen.

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #10 Gepost op: 14 juni 2020, 12:52:29 »
Goede middag Ben,
Het duurde weer even alvorens die Eset scan was beŽindigd, maar alles bleek ok te zijn. Van de kprm scan vind je bijgaand het scan resultaat.
# Run at 14-6-2020 12:38:49
# KpRm (Kernel-panik) version 2.8
# Website https://kernel-panik.me/tool/kprm/
# Run by John  from D:\Downloads
# Computer Name: DESKTOP-HJ2FD4E
# OS: Windows 10 X64 (18363)
# Number of passes: 1

- Checked options -

    ~ Delete Tools
    ~ Create Restore Point

- Delete Tools -


  ## ESET Online Scanner
     [OK] C:\Users\John \Desktop\ESET Online Scanner.lnk deleted
     [OK] C:\Users\John \Desktop\esetonlinescanner.exe deleted

  ## FRST
     [OK] C:\Users\John \Desktop\Fixlog.txt deleted
     [OK] C:\Users\John \Desktop\FRST64(1).exe deleted

- Other Lines -


  ## Quarantines keeped
    ~ C:\EEK (Emisoft Emergency Kit)
    ~ C:\Users\John \AppData\Local\ESET\ESETOnlineScanner (ESET Online Scanner)
    ~ C:\FRST (FRST)

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ RP named Windows Update created at 06/11/2020 18:17:23
   ~ RP named Restore Point Created by FRST created at 06/13/2020 13:22:11
   ~ RP named KpRm created at 06/14/2020 10:38:52

-- KPRM finished in 19.50s --

Wat ik nog als input kan toevoegen. Mijn internet werkt weer als vanouds met de snelheid die ik gewend was. Dus jouw conclusie dat de email een hoax was, blijkt juist te zijn.
De alarmbelletjes gingen bij mij rinkelen toen ik de vertraging opmerkte, de provider telefonisch raadpleegde en die meldde dat er in mijn postcode gebied geen problemen waren. Achteraf dus een toevallige samenloop van omstandigheden als gevolg van die ontvangen email.
Ik ga later, na de herstart, de diverse mappen nog eens nalopen of er nog wat van allerhande achter is gebleven van de apps enz. die zijn gebruikt.
Mocht ik toch iets hebben na gelaten, wijs me er graag op.
Rest me je bij deze te bedanken voor al hetgeen je hebt gedaan mij te helpen.
Een fijne zondag verder met wat beter weer als hier waar het nog steeds regent.

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #11 Gepost op: 14 juni 2020, 13:51:09 »
Hallo,

Je heb Eset uitgevoerd maar ik had gevraagd "EmsisoftEmergencyKit" die had nog 1 item gevonden die weg mocht. ;)

Voor de rest schrijf je dat het goed is en dat is  :goed

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #12 Gepost op: 14 juni 2020, 14:45:38 »
Was ik blijkbaar toch nog niet helemaal goed wakker. Die Emergrncy kit scan ga ik alsnog doen.

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #13 Gepost op: 14 juni 2020, 15:11:29 »
Scan zojuist beŽindigd. Heeft niks gevonden. Ik zie dat in mijn map downloads de 2 exe bestanden nog staan van de emergency kit en eset. Misschien handig dat ik die laat staan en als aanvulling op de apps die al aanwezig zijn als extra af en to laten scannen of gaat dat conflicteren?
Als online av scanner gebruikte ik tot dusver Trend Micro Housecall. Komt me voor dat Eset nog grondigere te werk gaat of heb ik het mis.

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #14 Gepost op: 14 juni 2020, 16:13:01 »
Hallo,

Beide scanners zijn  portabele, dat wil zeggen ze worden niet geÔnstalleerd waardoor ze weinig ruimte innemen.

Deze mappen zou je ook wel vinden, die blijven staan als er toch wat verwijderd werd wat niet hoefden. (die kan je na twee weken verwijderen als er niks fout is gegaan).
## Quarantines keeped
    ~ C:\EEK (Emisoft Emergency Kit)
    ~ C:\Users\John \AppData\Local\ESET\ESETOnlineScanner (ESET Online Scanner)
    ~ C:\FRST (FRST)


Toevallig gebruik ik Eset, Trend Micro Housecall is ook goed. Het is net wat je wil  ;)

Offline john

  • Super Member
  • *****
  • Berichten: 552
Re: Hidden Remote Desktop Protocol
« Reactie #15 Gepost op: 14 juni 2020, 16:35:22 »
Hallo Ben, voor zover het al was opgelost ook nog bedankt voor de beantwoording van mijn laatste vragen.
Voor Han, als ik voor mezelf spreek, mag er een slotje op.

Offline abbs

  • Doorstarter
  • **
  • Berichten: 95
  • Geslacht: Man
Re: Hidden Remote Desktop Protocol
« Reactie #16 Gepost op: 14 juni 2020, 16:48:17 »
Hallo Ben, voor zover het al was opgelost ook nog bedankt voor de beantwoording van mijn laatste vragen.
Voor Han, als ik voor mezelf spreek, mag er een slotje op.

Voor mij ook  :)

Offline Han

  • Admin
  • Super Member
  • *****
  • Berichten: 29,724
  • Geslacht: Vrouw
  • PC-vragen worden alleen via 't forum beantwoord!
    • Han's Kattekids
Re: Hidden Remote Desktop Protocol
« Reactie #17 Gepost op: 16 juni 2020, 02:46:04 »
Okido, ..............gaat ie   :slotje
Als de PCN-server down is, dan moeten we 'm opvrolijken!!