Last van een virus, malware, spam of storende pop-ups tijdens het internetten? HijackThis helpt je graag verder.

Welkom op HijackThis, op dit forum kan je terecht voor gratis hulp bij het verwijderen van virussen, malware en andere schadelijke software. Als gast kan je alleen het forum bekijken en meelezen met de verschillende discussies. Klik op de onderstaande link om geheel gratis een gebruikersaccount op ons forum te registreren.

Klik hier om een gratis account te registreren!

Donaties

Ben je tevreden over de manier waarop onze medewerkers je geholpen hebben op HijackThis.nl? Of wil je HijackThis.nl een hart onder de riem steken om dit vrijwilligerswerk verder te kunnen blijven doen? Overweeg dan eens of je een (vrijblijvende) donatie aan ons forum kan doen. Met dank bij voorbaat voor de donatie die je aan HijackThis.nl hebt gedaan!

donaties

ZHP cleaner vind besmetting

Opgeloste topics en/of topics waarop geen respons meer is.
Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

ZHP cleaner vind besmetting

Bericht door Fredjeans » 23 jan 2019 21:08

ZHP heeft besmetting gevonden. Ik had last van steeds uitvallenden Wifi signaal ook de taakbalk licht steeds op

ZHP log
~ ZHPCleaner v2019.1.21.10 by Nicolas Coolman (2019/01/21)
~ Run by fredj (Administrator) (23/01/2019 20:33:41)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Versie OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\fredj\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\fredj\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17763)

---\ Alternate Data Stream (ADS). (0)
~ Geen schadelijk of onnodig element gevonden. (ADS)

---\ Services (0)
~ Geen schadelijk of onnodig element gevonden. (Service)

---\ Browser internet (0)
~ Geen schadelijk of onnodig element gevonden. (Browser)

---\ Hosts bestand (1)
~ The hosts file is rechtmatig (21)

---\ Scheduled automatic tasks. (0)
~ Geen schadelijk of onnodig element gevonden. (Taak)

---\ Explorer ( Bestand, Map) (5)
GEVONDEN bestand: C:\Users\fredj\AppData\Local\Temp\aria-debug-41012.log =>.SUP.Temporary.OneDrive
GEVONDEN bestand: C:\Users\fredj\AppData\Local\Temp\wctF3EB.tmp =>.SUP.Temporary.Office
GEVONDEN bestand: C:\Users\fredj\AppData\Local\Temp\wctF890.tmp =>.SUP.Temporary.Office
GEVONDEN bestand: C:\Users\fredj\AppData\Local\Temp\{1998F067-3646-422B-8B00-8629466A75C8} - OProcSessId.dat =>.SUP.Temporary.Empty
GEVONDEN bestand: C:\Users\fredj\AppData\Local\Temp\{52821F88-41F5-4FEE-9EB0-D03E37E8A6F9} - OProcSessId.dat =>.SUP.Temporary.Empty

---\ Register ( Sleutel, Waarde, Data) (0)
~ Geen schadelijk of onnodig element gevonden. (Register)

---\ Samenvatting van elementen gevonden op uw werkstation (3)
https://nicolascoolman.eu/2017/01/20/lo ... superflus/ =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/lo ... superflus/ =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/lo ... superflus/ =>.SUP.Temporary.Empty
---\Resultaat van reparaties
~ Gerepareerd
~ Browser niet gevonden (Google Chrome)
~ Browser niet gevonden (Opera Software)
---\Statistics
~ Items gescand : 101135
~ Items gevonden : 5
~ Items gecancelled : 0
~ Items opties : 12/12
~ Ruimtebesparend (bytes) : 12559
~ End of search in 00h06mn51s

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 23 jan 2019 21:10

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.01.2019
Gestart door fredj (Beheerder) op LAPTOP-HCCIQO7Q (23-01-2019 20:45:00)
Gestart vanaf C:\Users\fredj\Desktop
Geladen Profielen: fredj (Beschikbare Profielen: fredj)
Platform: Windows 10 Home Versie 1809 17763.253 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Edge
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
() C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor)
HKU\S-1-5-21-1395059822-1781606211-3057377939-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0896a5ff-48dc-46dc-a458-f99a82cdc47c}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4a8f955d-4d95-490b-b83a-290eb8186383}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{eb47c924-bcb8-49b6-aab3-27f153431fd6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKU\S-1-5-21-1395059822-1781606211-3057377939-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-01-08] (Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-03] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-12-01] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-03] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: qdpjtf2g.default
FF ProfilePath: C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default [2019-01-23]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2018-05-20] [Verouderd]
FF Extension: (Mozilla Partner Defaults) - C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default\Extensions\partnerdefaults@mozilla.com [2017-12-11] [Verouderd]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-04-13] [Verouderd]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-04-13] [Verouderd]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-12-03]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-09] <==== AANDACHT (Gericht op * .cfg bestand)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-09] <==== AANDACHT

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Windows (R) Win 7 DDK provider)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2018-11-08] (ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Bestand niet getekend]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2018-01-11] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Bestand niet getekend]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2018-12-03] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [301872 2018-01-10] (acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-25] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-25] (Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-09-28] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-09-28] (AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-09-28] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [219744 2018-12-03] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-09-28] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [190784 2018-11-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113696 2018-12-03] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-09-28] (AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-09] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-01] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-09] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [176976 2018-12-03] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-04] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-09-25] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-09-25] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-25] (Microsoft Corporation)

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 23 jan 2019 21:12

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.01.2019
Gestart door fredj (Beheerder) op LAPTOP-HCCIQO7Q (23-01-2019 20:45:00)
Gestart vanaf C:\Users\fredj\Desktop
Geladen Profielen: fredj (Beschikbare Profielen: fredj)
Platform: Windows 10 Home Versie 1809 17763.253 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Edge
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
() C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor)
HKU\S-1-5-21-1395059822-1781606211-3057377939-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0896a5ff-48dc-46dc-a458-f99a82cdc47c}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4a8f955d-4d95-490b-b83a-290eb8186383}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{eb47c924-bcb8-49b6-aab3-27f153431fd6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKU\S-1-5-21-1395059822-1781606211-3057377939-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-01-08] (Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-03] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-12-01] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-03] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: qdpjtf2g.default
FF ProfilePath: C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default [2019-01-23]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2018-05-20] [Verouderd]
FF Extension: (Mozilla Partner Defaults) - C:\Users\fredj\AppData\Roaming\Mozilla\Firefox\Profiles\qdpjtf2g.default\Extensions\partnerdefaults@mozilla.com [2017-12-11] [Verouderd]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-04-13] [Verouderd]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-04-13] [Verouderd]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-12-03]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-09] <==== AANDACHT (Gericht op * .cfg bestand)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-09] <==== AANDACHT

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Windows (R) Win 7 DDK provider)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2018-11-08] (ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Bestand niet getekend]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2018-01-11] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Bestand niet getekend]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2018-12-03] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [301872 2018-01-10] (acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-25] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-25] (Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-09-28] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-09-28] (AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-09-28] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [219744 2018-12-03] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-09-28] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [190784 2018-11-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113696 2018-12-03] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-09-28] (AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-09] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-01] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-01] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-09] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [176976 2018-12-03] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-04] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-09-25] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-09-25] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-25] (Microsoft Corporation)

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 23 jan 2019 21:13

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2019-01-23 20:45 - 2019-01-23 20:45 - 000019454 _____ C:\Users\fredj\Desktop\FRST.txt
2019-01-23 20:44 - 2019-01-23 20:45 - 000000000 ____D C:\FRST
2019-01-23 20:44 - 2019-01-23 20:44 - 002428416 _____ (Farbar) C:\Users\fredj\Desktop\FRST64.exe
2019-01-23 20:22 - 2019-01-23 20:22 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5555E6CE.sys
2019-01-23 20:21 - 2019-01-23 20:33 - 000000000 ____D C:\Users\fredj\Desktop\mbar
2019-01-23 20:21 - 2019-01-23 20:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-01-23 20:21 - 2019-01-23 20:21 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2019-01-23 20:16 - 2019-01-23 20:17 - 000030447 _____ C:\Users\fredj\Desktop\MTB.txt
2019-01-23 20:11 - 2019-01-23 20:12 - 014178840 _____ (Malwarebytes Corp.) C:\Users\fredj\Desktop\mbar-1.10.3.1001.exe
2019-01-23 20:10 - 2019-01-23 20:10 - 000892416 _____ (Farbar) C:\Users\fredj\Desktop\MiniToolBox.exe
2019-01-23 18:06 - 2019-01-23 18:06 - 000001789 _____ C:\Users\fredj\Desktop\^spx_d.csv
2019-01-22 20:30 - 2019-01-22 20:31 - 000002933 _____ C:\Users\fredj\Desktop\FSS.txt
2019-01-22 20:28 - 2019-01-23 20:40 - 000002561 _____ C:\Users\fredj\Desktop\ZHPCleaner.txt
2019-01-22 20:17 - 2019-01-23 20:33 - 000000879 _____ C:\Users\fredj\Desktop\ZHPCleaner.lnk
2019-01-22 20:16 - 2019-01-22 20:16 - 003303808 _____ C:\Users\fredj\Desktop\ZHPCleaner.exe
2019-01-22 20:10 - 2019-01-22 20:10 - 000899584 _____ (Farbar) C:\Users\fredj\Desktop\FSS.exe
2019-01-19 18:55 - 2019-01-19 18:55 - 000349247 _____ C:\Users\fredj\Desktop\Coolblue_Factuur_66019603.pdf
2019-01-19 18:43 - 2019-01-19 18:43 - 000079221 _____ C:\Users\fredj\Desktop\indesit_cashback_nl.pdf
2019-01-17 21:19 - 2019-01-17 21:19 - 002047316 _____ C:\Users\fredj\Desktop\PLG-UU-boekje-croquis-DEF-web.pdf
2019-01-17 18:41 - 2019-01-17 18:41 - 000000000 ____D C:\Users\fredj\AppData\Local\ElevatedDiagnostics
2019-01-15 19:15 - 2019-01-15 19:15 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-01-15 19:14 - 2019-01-23 18:13 - 001773644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-15 19:14 - 2019-01-15 19:14 - 000000020 ___SH C:\Users\fredj\ntuser.ini
2019-01-15 19:13 - 2019-01-23 18:07 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2019-01-15 19:13 - 2019-01-23 18:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-15 19:13 - 2019-01-17 18:50 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-15 19:13 - 2019-01-15 19:13 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2019-01-15 19:13 - 2019-01-15 19:13 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2019-01-15 19:13 - 2019-01-15 19:13 - 000003692 _____ C:\WINDOWS\System32\Tasks\AcerCMUpdateTask2.1.16258
2019-01-15 19:13 - 2019-01-15 19:13 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-15 19:13 - 2019-01-15 19:13 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1395059822-1781606211-3057377939-1001
2019-01-15 19:13 - 2019-01-15 19:13 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
2019-01-15 19:13 - 2019-01-15 19:13 - 000002762 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2019-01-15 19:13 - 2019-01-15 19:13 - 000002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2019-01-15 19:13 - 2019-01-15 19:13 - 000002630 _____ C:\WINDOWS\System32\Tasks\Acer Collection Monitor Application
2019-01-15 19:13 - 2019-01-15 19:13 - 000002596 _____ C:\WINDOWS\System32\Tasks\Acer Collection Application
2019-01-15 19:13 - 2019-01-15 19:13 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-01-15 19:13 - 2019-01-15 19:13 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2019-01-15 19:13 - 2019-01-15 19:13 - 000002256 _____ C:\WINDOWS\System32\Tasks\Power Button
2019-01-15 19:13 - 2019-01-15 19:13 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-15 19:13 - 2019-01-15 19:13 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2019-01-15 19:13 - 2019-01-15 19:13 - 000002042 _____ C:\WINDOWS\System32\Tasks\FubToolByPLD
2019-01-15 19:13 - 2019-01-15 19:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-01-15 19:13 - 2019-01-15 19:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Oem
2019-01-15 19:13 - 2019-01-15 19:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2019-01-15 19:11 - 2019-01-15 19:13 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-01-15 19:11 - 2019-01-15 19:13 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-01-15 19:06 - 2019-01-15 19:06 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-15 19:05 - 2019-01-15 19:14 - 000000000 ____D C:\Users\fredj
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\Sjablonen
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\Netwerkprinteromgeving
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\Mijn documenten
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\Menu Start
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 _SHDL C:\Users\fredj\AppData\Local\Geschiedenis
2019-01-15 19:05 - 2019-01-15 19:05 - 000000000 ____D C:\ProgramData\USOShared
2019-01-15 19:05 - 2018-09-15 08:29 - 000001105 _____ C:\Users\fredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-15 19:04 - 2019-01-15 19:04 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
2019-01-15 19:04 - 2017-02-07 21:47 - 000122384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-01-15 19:04 - 2017-02-07 21:47 - 000113176 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-01-15 19:03 - 2019-01-23 18:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-15 19:03 - 2019-01-15 19:07 - 000437400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-15 19:03 - 2018-09-15 08:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-01-15 19:02 - 2019-01-15 19:14 - 000000000 ____D C:\Windows.old
2019-01-15 17:19 - 2019-01-15 19:02 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-01-15 17:14 - 2019-01-15 17:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-01-15 17:06 - 2019-01-15 17:06 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-15 17:06 - 2019-01-15 17:06 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-15 17:06 - 2019-01-15 17:06 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-01-15 17:06 - 2019-01-15 17:06 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-01-15 17:06 - 2019-01-15 17:06 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-15 17:06 - 2019-01-15 17:06 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-01-15 17:06 - 2019-01-15 17:06 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-01-15 17:06 - 2019-01-15 17:06 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-01-15 17:06 - 2019-01-15 17:06 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-01-15 17:06 - 2019-01-15 17:06 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-01-15 17:06 - 2019-01-15 17:06 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-15 17:05 - 2019-01-15 17:05 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-15 17:05 - 2019-01-15 17:05 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-01-15 17:05 - 2019-01-15 17:05 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-01-15 17:05 - 2019-01-15 17:05 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-15 17:04 - 2019-01-15 17:04 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-15 17:04 - 2019-01-15 17:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-15 17:04 - 2019-01-15 17:04 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-01-15 17:04 - 2019-01-15 17:04 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-01-15 17:03 - 2019-01-15 17:03 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-01-15 17:03 - 2019-01-15 17:03 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-15 17:03 - 2019-01-15 17:03 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-14 20:13 - 2019-01-14 20:13 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2019-01-14 20:13 - 2019-01-14 20:13 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2019-01-14 20:13 - 2019-01-14 20:13 - 005489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2019-01-14 20:13 - 2019-01-14 20:13 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2019-01-14 20:12 - 2019-01-14 20:12 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-01-14 20:12 - 2019-01-14 20:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-01-14 20:12 - 2019-01-14 20:12 - 000000000 ____D C:\Program Files\MSBuild
2019-01-14 20:12 - 2019-01-14 20:12 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-01-14 20:12 - 2019-01-14 20:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-01-14 20:11 - 2019-01-14 20:11 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-01-14 20:11 - 2019-01-14 20:11 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-01-14 20:11 - 2019-01-14 20:11 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-14 20:11 - 2019-01-14 20:11 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-14 20:11 - 2019-01-14 20:11 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-01-14 20:11 - 2019-01-14 20:11 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-01-14 20:08 - 2019-01-14 20:08 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-01-14 20:08 - 2019-01-14 20:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-01-14 20:08 - 2019-01-14 20:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-01-14 20:08 - 2019-01-14 20:08 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-01-14 20:08 - 2019-01-14 20:08 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-01-14 20:08 - 2019-01-14 20:08 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-01-14 19:46 - 2019-01-14 19:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-01-13 18:11 - 2019-01-15 19:14 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-13 16:32 - 2019-01-16 20:56 - 000014210 _____ C:\Users\fredj\Desktop\Iris kosten overzicht.xlsx
2019-01-09 19:11 - 2019-01-09 19:11 - 000359358 _____ C:\Users\fredj\Desktop\joyce.pdf
2019-01-09 19:08 - 2019-01-09 19:09 - 000360349 _____ C:\Users\fredj\Desktop\joyce1.jpeg
2019-01-05 21:32 - 2019-01-05 21:32 - 000455244 _____ C:\Users\fredj\Desktop\Transactieoverzicht.pdf
2019-01-04 18:37 - 2019-01-04 18:37 - 000480111 _____ C:\Users\fredj\Desktop\MatrixMindset_AddedInfo2018.pdf
2019-01-02 17:07 - 2019-01-15 19:04 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-12-29 17:45 - 2018-12-29 17:45 - 009592393 _____ C:\Users\fredj\Desktop\Permacultuur-Wat-is-dat__eboek__Maranke-Spoor.pdf
2018-12-29 12:30 - 2018-12-29 12:30 - 000003583 _____ C:\Users\fredj\Desktop\^spx_w.csv

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2019-01-23 20:40 - 2018-01-28 19:21 - 000000000 ____D C:\Users\fredj\AppData\Roaming\ZHP
2019-01-23 20:22 - 2018-12-08 13:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-23 20:12 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-23 20:11 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-23 20:01 - 2017-12-07 18:05 - 000000000 ___RD C:\Users\fredj\OneDrive
2019-01-23 20:00 - 2018-07-26 15:50 - 000000000 ____D C:\Users\fredj\Desktop\Nieuwe map
2019-01-23 19:45 - 2017-12-07 19:40 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-23 19:36 - 2018-01-07 12:11 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-23 19:21 - 2017-12-07 19:49 - 000001233 _____ C:\Users\fredj\Desktop\Gannalyst Professional 5.0.lnk
2019-01-23 18:13 - 2018-09-15 17:42 - 000787226 _____ C:\WINDOWS\system32\perfh013.dat
2019-01-23 18:13 - 2018-09-15 17:42 - 000154208 _____ C:\WINDOWS\system32\perfc013.dat
2019-01-23 18:13 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-23 18:05 - 2017-12-07 18:02 - 000000000 __SHD C:\Users\fredj\IntelGraphicsProfiles
2019-01-22 21:13 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-22 21:11 - 2018-01-07 12:05 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-01-22 20:15 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-22 20:15 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-22 19:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-21 20:54 - 2018-12-22 22:27 - 000054262 _____ C:\Users\fredj\Desktop\aandelen2019.xlsx
2019-01-20 12:45 - 2017-12-11 16:25 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-20 12:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-01-16 16:51 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-16 16:51 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-15 19:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-01-15 19:31 - 2018-07-10 19:38 - 000000000 ____D C:\ProgramData\Packages
2019-01-15 19:31 - 2017-12-23 15:23 - 000000000 ____D C:\Users\fredj\AppData\Local\Packages
2019-01-15 19:18 - 2018-01-03 20:02 - 000000000 ____D C:\Users\fredj\AppData\Local\PlaceholderTileLogoFolder
2019-01-15 19:14 - 2017-12-07 22:13 - 000000000 ___RD C:\Users\fredj\3D Objects
2019-01-15 19:14 - 2017-12-07 18:16 - 000000000 ____D C:\Users\fredj\AppData\Local\PackageStaging
2019-01-15 19:14 - 2017-12-07 18:02 - 000000000 ____D C:\Users\fredj\AppData\Local\ConnectedDevicesPlatform
2019-01-15 19:14 - 2017-04-13 00:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-15 19:13 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-15 19:13 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\windows nt
2019-01-15 19:13 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-01-15 19:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2019-01-15 19:09 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-01-15 19:08 - 2017-12-07 19:16 - 000023076 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-01-15 19:06 - 2018-01-23 19:50 - 000000000 ____D C:\Users\fredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUNNER24
2019-01-15 19:06 - 2017-12-07 19:55 - 000000000 ____D C:\Users\fredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VisionLITE
2019-01-15 19:05 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-01-15 19:04 - 2017-12-07 19:10 - 000000000 ____D C:\ProgramData\rtkSSTSetting
2019-01-15 19:04 - 2017-12-07 19:10 - 000000000 ____D C:\Program Files\Elantech
2019-01-15 19:04 - 2017-12-07 19:09 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-01-15 19:04 - 2017-12-07 19:09 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-01-15 19:04 - 2017-12-07 19:09 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-01-15 19:04 - 2017-12-07 19:09 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-01-15 19:02 - 2018-10-16 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-15 19:02 - 2018-10-04 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's
2019-01-15 19:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-01-15 19:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-01-15 19:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 19:02 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-15 19:02 - 2018-09-15 08:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-01-15 19:02 - 2018-05-30 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-01-15 19:02 - 2018-05-27 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2019-01-15 19:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-01-15 19:02 - 2018-04-11 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-01-15 19:02 - 2018-01-07 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-01-15 19:02 - 2017-12-11 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's
2019-01-15 19:02 - 2017-12-07 21:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-15 19:02 - 2017-12-07 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gannalyst Professional 5.0
2019-01-15 19:02 - 2017-12-07 19:09 - 000000000 ____D C:\Program Files\Intel
2019-01-15 19:02 - 2017-12-07 17:59 - 000000000 ____D C:\WINDOWS\oem
2019-01-15 19:02 - 2017-04-13 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2019-01-15 19:02 - 2017-04-13 01:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2019-01-15 19:02 - 2017-04-13 01:05 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2019-01-15 19:02 - 2017-04-13 00:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-15 17:42 - 2018-09-15 08:36 - 000000000 ____D C:\WINDOWS\Setup
2019-01-15 17:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-01-15 17:31 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-15 17:22 - 2018-04-11 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\spool
2019-01-15 17:21 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-01-15 17:19 - 2018-09-15 17:43 - 000000000 ____D C:\WINDOWS\OCR
2019-01-15 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Resources
2019-01-15 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Help
2019-01-15 17:19 - 2017-12-07 19:09 - 000000000 ____D C:\Program Files\Realtek
2019-01-15 17:10 - 2018-09-15 17:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-15 17:10 - 2018-09-15 17:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-01-15 17:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-01-14 20:29 - 2018-09-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-01-14 20:29 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-01-14 20:29 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-01-14 20:12 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-01-14 20:12 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-01-14 20:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-01-09 19:08 - 2018-04-11 18:20 - 000000000 ___RD C:\Users\fredj\OneDrive\Documenten\Scanned Documents
2019-01-09 17:29 - 2017-12-07 21:21 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-30 20:32 - 2018-01-31 19:09 - 000078336 _____ C:\Users\fredj\Desktop\gann_-_enthios_calculator.xls
2018-12-30 15:21 - 2018-04-11 18:20 - 000000000 ____D C:\Users\fredj\OneDrive\Documenten\Fax

==================== Bestanden in de root van sommige mappen =======

2018-03-27 12:47 - 2018-04-06 11:43 - 003107200 _____ () C:\Users\fredj\ZHPCleaner.exe
2018-06-29 20:45 - 2018-10-07 18:55 - 003169664 _____ () C:\Users\fredj\ZHPDiag3.exe

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\dllhost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\dllhost.exe => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

==================== Eind van FRST.txt ============================

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 23 jan 2019 21:22

Sorry voor de lap tekst! Heb ze nu als bijlage toegevoegd
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
abbs
Site Admin
Berichten: 6430
Lid geworden op: 18 jan 2011 18:27
Besturingssysteem: windows 10 Pro 64-bit
Bescherming: Emsisoft Anti-Malware

Re: ZHP cleaner vind besmetting

Bericht door abbs » 24 jan 2019 09:23

Hallo,

Wat is gevonden door ZHP zijn tijdelijke bestanden die opgeslagen zijn in een Temp map niks raars.
Ik zie nog lege regels die weg kunnen:

Afbeelding
Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.

Afbeelding
Fixlist.txt
  • Klik met de rechtermuisknop op FRST.exe en kies voor de optie Afbeelding Als administrator uitvoeren.
  • Druk op de Fixen knop.
  • Er zal u een logbestand aangemaakt worden (Fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg dit logbestand als bijlage toe aan het volgende bericht.
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 24 jan 2019 18:36

Hierbij het log bestandje
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
abbs
Site Admin
Berichten: 6430
Lid geworden op: 18 jan 2011 18:27
Besturingssysteem: windows 10 Pro 64-bit
Bescherming: Emsisoft Anti-Malware

Re: ZHP cleaner vind besmetting

Bericht door abbs » 25 jan 2019 13:32

Hallo,

Kijk of ZHP nog wat vind.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 25 jan 2019 17:27

Hallo,

ZHP blijft alleen maar de temp aangeven. Ik heb mijn virusscanner Kaspersky eraf gegooid en windows defender aangezet.
Wifi is wat stabieler maar kan zowel via wifi als ethernet de modem niet aanroepen!
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
abbs
Site Admin
Berichten: 6430
Lid geworden op: 18 jan 2011 18:27
Besturingssysteem: windows 10 Pro 64-bit
Bescherming: Emsisoft Anti-Malware

Re: ZHP cleaner vind besmetting

Bericht door abbs » 25 jan 2019 18:32

Fredjeans schreef:
25 jan 2019 17:27
Wifi is wat stabieler maar kan zowel via wifi als ethernet de modem niet aanroepen!
Doe je dat via Edge?

Download Afbeelding TFC en sla deze op je Bureaublad op.
  • Dubbelklik op TFC.exe om het programma te openen.
  • Het programma zal alle andere programma's sluiten, zorg er dus voor dat je al je werk hebt opgeslagen voordat je verder gaat.
  • Klik op de knop Start om het programma te starten. Hoe lang het programma nodig heeft, kan verschillen. Dit kan kan slechts een paar seconden zijn, maar ook 5 minuten. Laat het programma gewoon ongestoord zijn werk doen totdat het klaar is.
  • Als het programma klaar is, dan zal het je computer opnieuw opstarten. Als dit niet gebeurt, start dan je computer handmatig opnieuw op.
Als het goed is moeten nu de Temp mappen leeg zijn.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 25 jan 2019 19:44

Ik heb het uitgevoerd. Heb een nieuw log toegevoegd

Ik doe het inderdaad via Edge
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
abbs
Site Admin
Berichten: 6430
Lid geworden op: 18 jan 2011 18:27
Besturingssysteem: windows 10 Pro 64-bit
Bescherming: Emsisoft Anti-Malware

Re: ZHP cleaner vind besmetting

Bericht door abbs » 26 jan 2019 10:23

Hallo,

Dat ziet er goed uit, je blijft bestanden vinden in de temp map(pen) omdat die steeds we3er worden aangemaakt dor gebruik van programma's.

Dan over Edge die had een probleem om een router te benaderen: https://www.computeridee.nl/nieuws/rout ... indows-10/
Gebruik eens een andere brouwser.

Verder zie ik geen rare problemen hoe is het nu?
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 26 jan 2019 12:27

Hallo,

Ik heb de patch verwijderd en router is weer bereikbaar!
Wifi is stabiel dus het werkt weer zonder problemen.

Dank voor de hulp

Groet Fred

Gebruikersavatar
abbs
Site Admin
Berichten: 6430
Lid geworden op: 18 jan 2011 18:27
Besturingssysteem: windows 10 Pro 64-bit
Bescherming: Emsisoft Anti-Malware

Re: ZHP cleaner vind besmetting

Bericht door abbs » 26 jan 2019 14:39

Hallo,

Dat is mooi, dan kan je de laatste stap doen:

Met het onderstaande tool ruim je de tools op die we hebben gebruikt:

Download Afbeelding Delfix - Alternatieve downloadlink by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet een vinkje voor het volgende item:
  • Remove disinfection tools
Afbeelding
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Note: Start je pc hierna opnieuw op, mochten er nog programma's of log bestanden aanwezig zijn mag je die handmatig verwijderen.
Maak indien nodig ook een nieuw herstelpunt (als je die aan heb staan) Handleiding.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Goed geholpen hier overweeg een donatie: of plaats hier een bedankje.

Fredjeans
Lid
Berichten: 44
Lid geworden op: 06 nov 2005 18:09
Contacteer:

Re: ZHP cleaner vind besmetting

Bericht door Fredjeans » 26 jan 2019 18:18

Hallo,

Laatste ook uitgevoerd!
Nogmaals enorm bedankt!

Groet Fred

Gesloten