sfc found corrupt files but "was unable to fix Attach are the FRST scan results

M

Masterrood

Member
Joined
Jul 16, 2020
Posts
23
I am a new member and started my first topic yesterday and explained a litlle who my pc problems started.
I have reading the instruction to fix a infected computer and download FRST.exe and attacht scan results below.
 

Attachments

Hello,

The computer in my home are infected with very smart undetectable malware running legit Windows app and programming and have taken control over all devices that are connected to my home network. I can help myself with problem that occur on a clean Windows computer. But if it comes to network setups and all what can go wrong with it am a layman.(probably not the correct word usage, English was not my best subject at school)
I have run a lot of anti malware program, but all the scan end up saying my system is clean.
My problem is that I can not really a point my finger to wat is going on. All devices in my have have been infected, Windows is completely corrupt. I is running in developer mode as a stand allone work station protected by TrustedInstaller!
I don't now anything about programming and sure I do not want by a develper !!!
Android Phone are running a custom kernel and IPhone are running a Darwin kernel! All the devices were bought new by my family and we did not fash any costum kernel.
I sure the modem/router is one of the main problem at the moment. It is port forwarding to a remote host 0.0.0.0 and my firewall use one of the phone (most of the time my wifes Iphone 6s) on the network as a DMZ host.

Here are the results from recent scan i runt. The sfc / scannow only find corrupted files when running in safe mode. The CBS result is to large to post here, in is attacht aldoys is the CBS result:

I runt the SFCfix.exe tool but it crasht: something went terribly wrong. Here are the result:

SFCFix version 3.0.2.1 by niemiro.
Start time: 2020-07-17 06:46:37.604
Microsoft Windows 10 Build 18363 - amd64
Not using a script file.


SFCFix version 3.0.2.1 by niemiro has encountered an unhandled exception.
Currently storing 0 datablocks.
Finish time: 2020-07-17 06:46:42.682
----------------------EOF-----------------------



Frst scan results: This is the scan from my desktop HP 8200 I5-2400


InternetURL: C:\Users\Ingeltje\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
==================== Einde van Shortcut.txt =============================
extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 08-07-2020 01
Gestart door Ingeltje (17-07-2020 23:16:27)
Gestart vanaf C:\Users\Ingeltje\Desktop\First
Windows 10 Pro Versie 1909 18363.900 (X64) (2020-04-22 09:51:31)
Boot Modus: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-3835658026-2499684190-248120123-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3835658026-2499684190-248120123-503 - Limited - Disabled)
Gast (S-1-5-21-3835658026-2499684190-248120123-501 - Limited - Disabled)
Ingeltje (S-1-5-21-3835658026-2499684190-248120123-1001 - Administrator - Enabled) => C:\Users\Ingeltje
WDAGUtilityAccount (S-1-5-21-3835658026-2499684190-248120123-504 - Limited - Disabled)
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Geïnstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)
HP Support Assistant (HKLM-x32\...\{3A9A2791-8BBE-4DBE-A97D-F249A2C50B83}) (Version: 8.8.26.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{1A9CB727-5F87-44FC-BEF6-FCE75D72F61C}) (Version: 12.16.22.11 - HP Inc.)
Packages:
=========
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.5.0_x64__v10z8vjag6ke6 [2020-07-14] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
==================== Aangepaste CLSID (gefilterd): ==============
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-3835658026-2499684190-248120123-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3835658026-2499684190-248120123-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3835658026-2499684190-248120123-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (gefilterd) ====================
==================== Snelkoppelingen & WMI ========================
==================== Geladen Modules (gefilterd) =============
==================== Alternate Data Streams (gefilterd) ========
(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]
==================== Veilige Modus (gefilterd) ==================
==================== Bestandskoppeling (gefilterd) =================
==================== Internet Explorer vertrouwde/beperkte toegang ==========
==================== Hosts inhoud: =========================
(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Andere gebieden ===========================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-3835658026-2499684190-248120123-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 195.238.2.21 - 195.238.2.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqcaslwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKU\S-1-5-21-3835658026-2499684190-248120123-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall regels (gefilterd) ================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [AllJoyn-Router-Out-TCP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [AllJoyn-Router-Out-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Microsoft-Windows-Troubleshooting-HTTP-HTTPS-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Block) C:\Windows\system32\proximityuxhost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Block) C:\Windows\system32\dmcertinst.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Block) C:\Windows\system32\deviceenroller.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [CoreNet-DHCP-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CoreNet-DHCPV6-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CoreNet-Teredo-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CoreNet-IPHTTPS-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CoreNet-DNS-Out-UDP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CDPSvc-Out-TCP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [CDPSvc-WFD-Out-TCP] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [MDNS-Out-UDP-Domain-Active] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [NVS-FrameServer-Out-TCP-NoScope] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Microsoft-Windows-WLANSvc-ASP-CP-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [Microsoft-Windows-PeerDist-WSD-Out] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{B5C6F431-1D1C-453B-A776-D606147C5FB1}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{7ABC276B-A262-4A74-AF66-018A9D66CD5E}] => (Block) C:\Windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
==================== Herstelpunten =========================
07-07-2020 16:36:44 Gepland controlepunt
09-07-2020 17:16:22 Installed Radmin Viewer 3.5.2.
15-07-2020 22:05:22 Removed Radmin Viewer 3.5.2.
==================== Defecte Apparaatbeheer Apparaten ============
Name: Microsoft-muis (PS/2)
Description: Microsoft-muis (PS/2)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standaard PS/2-toetsenbord
Description: Standaard PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Eventlog fouten: ========================
Applicatiefouten:
==================
Error: (07/17/2020 09:23:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-P4941OP)
Description: Kan het prestatieobject voor de Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (07/17/2020 09:22:08 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-P4941OP)
Description: Kan het prestatieobject voor de Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (07/17/2020 09:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.18362.1, tijdstempel: 0xceb8cbe1
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000409
Foutmarge: 0x0000000000000204
Id van proces met fout: 0x1a18
Starttijd van toepassing met fout: 0x01d65c6f074902fa
Pad naar toepassing met fout: C:\Windows\System32\MicrosoftEdgeCP.exe
Pad naar module met fout: unknown
Rapport-id: 8523a0dc-1c2f-4c1d-9dbd-dae679ffa5c6
Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe
Relatieve toepassings-id van pakket met fout: MicrosoftEdge
Error: (07/17/2020 08:19:04 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-P4941OP)
Description: Kan het prestatieobject voor de Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (07/17/2020 08:15:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.18362.1, tijdstempel: 0xceb8cbe1
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000409
Foutmarge: 0x0000000000000204
Id van proces met fout: 0x8ec
Starttijd van toepassing met fout: 0x01d65c01968703ed
Pad naar toepassing met fout: C:\Windows\System32\MicrosoftEdgeCP.exe
Pad naar module met fout: unknown
Rapport-id: 1a570568-0e96-4338-a27c-f202235c046b
Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe
Relatieve toepassings-id van pakket met fout: MicrosoftEdge
Error: (07/17/2020 06:45:14 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-P4941OP)
Description: Kan het prestatieobject voor de Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (07/17/2020 06:40:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.18362.1, tijdstempel: 0xceb8cbe1
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000409
Foutmarge: 0x0000000000000204
Id van proces met fout: 0x1648
Starttijd van toepassing met fout: 0x01d65bf41d363f43
Pad naar toepassing met fout: C:\Windows\System32\MicrosoftEdgeCP.exe
Pad naar module met fout: unknown
Rapport-id: c555e9c3-bd6f-4862-9b9b-6f1ad529d694
Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe
Relatieve toepassings-id van pakket met fout: MicrosoftEdge
Error: (07/16/2020 11:59:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: De service Cryptografische services kan het object van VSS-back-up 'System Writer' niet initialiseren.
Details:
Could not query the status of the EventSystem service.
System Error:
Systeem wordt afgesloten.
.

Systeemfouten:
=============
Error: (07/17/2020 06:33:58 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de ShellHWDetection-service met de argumenten Niet beschikbaar om de server
{DD522ACC-F821-461A-A407-50B198B896DC} te starten
Error: (07/17/2020 06:32:04 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de ShellHWDetection-service met de argumenten Niet beschikbaar om de server
{DD522ACC-F821-461A-A407-50B198B896DC} te starten
Error: (07/17/2020 06:31:51 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de WSearch-service met de argumenten Niet beschikbaar om de server
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} te starten
Error: (07/17/2020 06:31:51 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de TokenBroker-service met de argumenten Niet beschikbaar om de server
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal te starten
Error: (07/17/2020 06:31:50 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de TokenBroker-service met de argumenten Niet beschikbaar om de server
Windows.Internal.Security.Authentication.Web.WamProviderRegistration te starten
Error: (07/17/2020 06:31:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de WSearch-service met de argumenten Niet beschikbaar om de server
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} te starten
Error: (07/17/2020 06:31:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de WSearch-service met de argumenten Niet beschikbaar om de server
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} te starten
Error: (07/17/2020 06:31:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-P4941OP)
Description: DCOM heeft de foutmelding 1084 gekregen bij het starten van de WSearch-service met de argumenten Niet beschikbaar om de server
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} te starten

Windows Defender:
===================================
Date: 2020-07-14 10:47:56.962
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {E26D72B5-FBAA-4333-955B-D32AC1A87417}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2020-07-04 15:34:33.325
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {2D67E459-4780-4C9C-A7B3-40C55F21564D}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2020-05-07 10:22:38.369
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {AAF00EE0-87BB-44F0-8FB6-DFAC85DBCBFC}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2020-05-07 10:19:57.118
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {2D5BF20E-B96A-4133-BAD5-2EE38A2E6559}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2020-07-17 06:19:50.143
Description:
Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.319.1410.0
Updatebron: Microsoft-updateserver
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.17200.2
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Date: 2020-07-17 06:09:42.838
Description:
Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten.
Date: 2020-07-16 22:09:23.807
Description:
Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.319.1410.0
Updatebron: Microsoft Centrum voor beveiliging tegen malware
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\NETWORK SERVICE
Huidige engineversie:
Vorige engineversie: 1.1.17200.2
Foutcode: 0x80072ee7
Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet
Date: 2020-07-16 22:09:23.806
Description:
Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.319.1410.0
Updatebron: Microsoft Centrum voor beveiliging tegen malware
Type beveiligingsinformatie: AntiSpyware
Updatetype: Volledig
Gebruiker: NT AUTHORITY\NETWORK SERVICE
Huidige engineversie:
Vorige engineversie: 1.1.17200.2
Foutcode: 0x80072ee7
Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet
Date: 2020-07-16 22:09:23.806
Description:
Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.319.1410.0
Updatebron: Microsoft Centrum voor beveiliging tegen malware
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\NETWORK SERVICE
Huidige engineversie:
Vorige engineversie: 1.1.17200.2
Foutcode: 0x80072ee7
Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet
==================== Geheugen info ===========================
BIOS: Hewlett-Packard J01 v02.15 11/10/2011
Moederbord: Hewlett-Packard 1495
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage geheugen in gebruik: 23%
Totaal fysiek RAM-geheugen: 10128.14 MB
Beschikbaar fysiek RAM-geheugen: 7729.24 MB
Totaal Virtueel geheugen: 11664.14 MB
Beschikbaar Virtueel geheugen: 9454.33 MB
==================== Schijven ================================
Drive c: () (Fixed) (Total:148.42 GB) (Free:118.16 GB) NTFS
Drive d: (Muziek; iTunes) (Fixed) (Total:232.87 GB) (Free:93.52 GB) NTFS
\\?\Volume{aa9bf641-8469-44a8-8f3f-4ba261919f5a}\ (Herstel) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{1de370bc-802e-47b7-80ab-ebd0463048e8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitietabel ====================
==========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 02E30586)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0C7828EF)
Partition: GPT
==================== Einde van Addition.txt =======================


Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 08-07-2020 01
Gestart door Ingeltje (Beheerder) op DESKTOP-P4941OP (Hewlett-Packard HP Compaq 8200 Elite SFF PC) (17-07-2020 23:14:49)
Gestart vanaf C:\Users\Ingeltje\Desktop\First
Geladen Profielen: Ingeltje
Platform: Windows 10 Pro Versie 1909 18363.900 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Edge
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
==================== Register (gefilterd) ===================
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKU\S-1-5-21-3835658026-2499684190-248120123-1001\...\MountPoints2: {74ca8f7f-c39b-11ea-a2e0-082e5f090e3e} - "E:\SENER.exe"
==================== Geplande Taken (gefilterd) ============
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {1D64EDFB-E537-470D-8F42-A5C5FBCE6AFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24A80AEA-030A-4523-8101-3CA3FEF673E5} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3835658026-2499684190-248120123-1001 => C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {2C26CE8B-6B61-442C-B352-F08B64B3DE77} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {40028C12-8EF4-4AE9-A40F-F1229A868DC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {5EA35D85-D0E3-4DEE-BD9C-63AE194C6874} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86BC3990-D1D3-4434-B2A9-2336329DA049} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {8BFEB377-CF45-43F6-BDDD-DEFF3E5E2C5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {9516AC41-C0CF-4D28-8EA6-7042A13041E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9ACBB549-5C18-46E6-A268-57E2CB5AE2C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-05-20] (HP Inc. -> HP Inc.)
Task: {CC5AD314-922E-4A1A-91C0-D1E705D84C4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-05-20] (HP Inc. -> HP Inc.)
Task: {CD20D3E3-01CB-4254-88B9-75FC1F779224} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-05-20] (HP Inc. -> HP Inc.)
Task: {EA2C218D-963A-4297-811A-C165A4FD0D99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
Tcpip\..\Interfaces\{914dc3a6-031d-4315-bf9c-5334190e335e}: [NameServer] 195.238.2.21,195.238.2.22
Internet Explorer:
==================
HKU\S-1-5-21-3835658026-2499684190-248120123-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-05-20] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-05-20] (HP Inc. -> HP Inc.)
Edge:
======
DownloadDir: C:\Users\Ingeltje\Downloads
==================== Services (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

==================== Een maand (aangemaakt) ===================
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
2020-07-17 23:14 - 2020-07-17 23:15 - 000000000 ____D C:\FRST
2020-07-17 23:13 - 2020-07-17 23:14 - 000000000 ____D C:\Users\Ingeltje\Desktop\First
2020-07-17 08:26 - 2020-07-17 22:10 - 000000253 _____ C:\Users\Ingeltje\Documents\new replyt.txt
2020-07-17 08:15 - 2020-07-17 08:15 - 000313625 _____ C:\Users\Ingeltje\Desktop\CBS.zip
2020-07-17 06:48 - 2020-07-17 06:48 - 000000688 _____ C:\Users\Ingeltje\Desktop\SFCFix1.txt
2020-07-17 06:46 - 2020-07-17 06:46 - 002315928 _____ (niemiro) C:\Users\Ingeltje\Desktop\SFCFix.exe
2020-07-17 06:22 - 2020-07-17 06:47 - 000000688 _____ C:\Users\Ingeltje\Desktop\SFCFix.txt
2020-07-17 06:19 - 2020-07-17 06:47 - 000000000 ____D C:\SFCFix
2020-07-17 06:15 - 2020-07-17 08:17 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\niemiro
2020-07-17 06:15 - 2020-07-17 06:15 - 002315928 _____ (niemiro) C:\Users\Ingeltje\Downloads\SFCFix.exe
2020-07-16 23:57 - 2020-07-16 23:59 - 000001809 _____ C:\Users\Ingeltje\Documents\PROBLEMEN UITLEG.txt
2020-07-16 21:55 - 2020-07-16 21:55 - 000000000 ____D C:\Windows\pss
2020-07-15 22:06 - 2020-07-15 22:06 - 000000000 ____D C:\Windows\system32\appmgmt
2020-07-15 14:21 - 2020-07-15 14:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-07-12 10:16 - 2020-07-12 10:17 - 000221827 _____ C:\Users\Ingeltje\Downloads\IAWDiag_V0.48.zip
2020-07-12 10:15 - 2020-07-12 10:15 - 000191302 _____ C:\Users\Ingeltje\Downloads\GuzziDiag_V0.48.zip
2020-07-12 10:07 - 2020-07-12 10:07 - 000072201 _____ C:\Users\Ingeltje\Downloads\Reassign COMNo Utility.zip
2020-07-12 10:05 - 2020-07-12 10:05 - 002083283 _____ C:\Users\Ingeltje\Downloads\CDM21224_Setup.zip
2020-07-11 16:06 - 2020-07-11 16:06 - 000000000 ____D C:\Users\Ingeltje\Desktop\Nieuwe map (2)
2020-07-11 16:06 - 2020-07-11 16:06 - 000000000 ____D C:\Users\Ingeltje\Desktop\Nieuwe map
2020-07-11 16:05 - 2020-07-11 16:06 - 000000000 ____D C:\Users\Ingeltje\Desktop\hp hard diag
2020-07-10 18:54 - 2020-07-10 18:55 - 000000000 ____D C:\Users\Ingeltje\Downloads\HP Downloads
2020-07-10 18:38 - 2020-07-10 18:38 - 000000765 _____ C:\Users\Ingeltje\Desktop\Documenten - Snelkoppeling.lnk
2020-07-10 17:43 - 2020-07-10 17:44 - 019468312 _____ (Microsoft Corporation) C:\Users\Ingeltje\Downloads\MediaCreationTool2004 (2).exe
2020-07-10 17:43 - 2020-07-10 17:43 - 006260552 _____ (Microsoft Corporation) C:\Users\Ingeltje\Downloads\Windows10Upgrade9252.exe
2020-07-09 22:06 - 2020-07-09 22:06 - 000000000 ____D C:\Users\Ingeltje\AppData\Roaming\Hewlett-Packard
2020-07-09 22:06 - 2020-07-09 22:06 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\Hewlett-Packard
2020-07-09 22:01 - 2020-07-09 22:01 - 000002300 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2020-07-09 22:01 - 2020-07-09 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-07-09 22:00 - 2020-07-09 22:01 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2020-07-09 22:00 - 2020-07-09 22:00 - 000000000 ____D C:\Users\Ingeltje\AppData\Roaming\hpqLog
2020-07-09 22:00 - 2020-07-09 22:00 - 000000000 ____D C:\Program Files (x86)\HP
2020-07-09 21:59 - 2020-07-10 18:56 - 000000000 ____D C:\SWSetup
2020-07-09 21:59 - 2020-07-09 22:00 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-07-09 21:59 - 2020-07-09 21:59 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2020-07-09 21:59 - 2020-07-09 21:59 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\HP
2020-07-09 21:59 - 2020-07-09 21:59 - 000000000 ____D C:\system.sav
2020-07-09 21:59 - 2020-07-09 21:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-07-09 21:56 - 2020-07-09 21:57 - 143957048 _____ (HP Inc.) C:\Users\Ingeltje\Downloads\sp105523.exe
2020-07-09 21:52 - 2020-07-09 21:52 - 000000404 _____ C:\Users\Ingeltje\advanced_ip_scanner_MAC.bin
2020-07-09 21:52 - 2020-07-09 21:52 - 000000015 _____ C:\Users\Ingeltje\advanced_ip_scanner_Comments.bin
2020-07-09 21:52 - 2020-07-09 21:52 - 000000015 _____ C:\Users\Ingeltje\advanced_ip_scanner_Aliases.bin
2020-07-09 17:25 - 2020-07-09 17:25 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\famatech
2020-07-09 16:46 - 2020-07-09 16:46 - 020385120 _____ (Famatech Corp. ) C:\Users\Ingeltje\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2020-07-07 16:08 - 2020-07-07 16:08 - 000000000 ___HD C:\$WINDOWS.~BT
2020-07-06 00:38 - 2020-07-06 00:38 - 019468312 _____ (Microsoft Corporation) C:\Users\Ingeltje\Downloads\MediaCreationTool2004.exe
2020-07-06 00:38 - 2020-07-06 00:38 - 019468312 _____ (Microsoft Corporation) C:\Users\Ingeltje\Downloads\MediaCreationTool2004 (1).exe
2020-07-06 00:38 - 2020-07-06 00:38 - 000000000 ___HD C:\$Windows.~WS
2020-07-06 00:14 - 2020-07-06 00:14 - 000000000 ___HD C:\$WinREAgent
2020-07-05 08:51 - 2020-07-05 08:51 - 000000000 ___RD C:\Users\Ingeltje\AppData\Roaming\Brother
2020-07-05 08:51 - 2020-07-05 08:51 - 000000000 ____D C:\Users\Ingeltje\AppData\LocalLow\Brother
2020-07-05 08:35 - 2020-07-15 21:28 - 000000000 ____D C:\Users\Ingeltje\Documents\marco
2020-07-05 08:28 - 2020-07-15 22:06 - 000000000 ____D C:\ProgramData\WinISD
2020-07-05 08:28 - 2020-07-15 22:06 - 000000000 ____D C:\Program Files (x86)\WinISD
2020-07-05 08:28 - 2020-07-05 08:28 - 000001088 _____ C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD.lnk
2020-07-05 08:28 - 2020-07-05 08:28 - 000000000 ____D C:\Users\Ingeltje\Documents\WinISD
2020-07-05 08:26 - 2020-07-05 08:26 - 002367234 _____ C:\Users\Ingeltje\Downloads\winisd-07x.exe
2020-07-03 08:20 - 2020-07-17 08:35 - 069206016 _____ C:\Windows\system32\config\SOFTWARE
2020-07-03 07:54 - 2020-07-03 08:20 - 000000000 ____D C:\Windows\Microsoft Antimalware
2020-07-02 22:32 - 2020-07-03 05:59 - 000001024 _____ C:\.rnd
2020-07-02 22:32 - 2020-07-02 22:32 - 000000000 ____D C:\ProgramData\Paessler
2020-07-02 22:31 - 2020-07-03 08:56 - 000000000 ____D C:\Program Files\Npcap
2020-07-02 22:30 - 2020-07-02 22:30 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\pip
2020-07-02 22:28 - 2020-07-03 08:51 - 000000000 ____D C:\Program Files (x86)\PRTG Network Monitor
2020-07-02 22:27 - 2020-07-03 05:56 - 000000000 ____D C:\ProgramData\TEMP
2020-07-02 22:23 - 2020-07-02 22:23 - 292852176 _____ (Paessler AG (www.paessler.com) ) C:\Users\Ingeltje\Downloads\prtg_installer_with_trial_key_000014-0B8KFM-8FFKEQ-5BTUPF-P2EMG4-PV28M9-W30U74-D3RKEZ-BVW8MU-X61V8D.exe
2020-07-01 10:28 - 2020-07-01 10:28 - 001420485 _____ C:\Users\Ingeltje\Documents\EBOOK-Hoogbegaafdheid-Gifted-People-versie-3.5.pdf
2020-07-01 10:26 - 2020-07-01 10:26 - 001425069 _____ C:\Users\Ingeltje\Downloads\EBOOK-Hoogbegaafdheid-Gifted-People-versie-3.5.pdf
2020-07-01 09:37 - 2020-07-01 09:38 - 119979440 _____ (Microsoft Corporation) C:\Users\Ingeltje\Downloads\MSERT.exe
2020-07-01 08:39 - 2020-07-01 08:39 - 000000000 ____D C:\Program Files\Common Files\Services
2020-07-01 08:39 - 2020-04-27 10:37 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
2020-06-30 18:59 - 2020-06-30 18:59 - 000000000 _____ C:\Windows\system32\rd
2020-06-30 16:54 - 2020-07-17 06:10 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-30 16:36 - 2020-07-17 06:15 - 000859468 _____ C:\Windows\ntbtlog.txt
2020-06-30 16:04 - 2020-06-30 16:04 - 000000000 ____D C:\Users\Ingeltje\Apple
2020-06-30 15:09 - 2020-06-30 15:09 - 025902080 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 019851776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 018029056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 011608064 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 009712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 008015360 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 007760384 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 007268864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 007012864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 006292480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 005909504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 004610560 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 003515392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 003398656 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-06-30 15:09 - 2020-06-30 15:09 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-06-30 15:09 - 2020-06-30 15:09 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002281472 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002204160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002190648 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 002184504 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001704448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001539072 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001497400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001410048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001344512 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001193984 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001151824 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001099608 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000994304 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000992256 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\tapi3.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000940544 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000920064 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi3.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000747832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000668672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000619008 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000575488 _____ (Microsoft® Windows® Operating System) C:\Windows\system32\wvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000567808 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2020-06-30 15:09 - 2020-06-30 15:09 - 000564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2020-06-30 15:09 - 2020-06-30 15:09 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000478208 _____ (Microsoft® Windows® Operating System) C:\Windows\SysWOW64\wvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000426496 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000423424 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000398336 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000398336 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassdo.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000323584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2020-06-30 15:09 - 2020-06-30 15:09 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\FileHistory.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2020-06-30 15:09 - 2020-06-30 15:09 - 000204008 _____ (Microsoft Corporation) C:\Windows\system32\SecurityCenterBroker.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000166912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\wkspbrokerAx.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000099712 _____ (Microsoft Corporation) C:\Windows\system32\FsIso.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkspbrokerAx.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000093448 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\WwanRadioManager.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-06-30 15:09 - 2020-06-30 15:09 - 000083600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-06-30 15:09 - 2020-06-30 15:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2020-06-30 15:09 - 2020-06-30 15:09 - 000041864 _____ (Microsoft Corporation) C:\Windows\system32\SecurityCenterBrokerPS.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000028368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-06-30 15:09 - 2020-06-30 15:09 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-06-30 15:08 - 2020-06-30 15:09 - 005765144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 009931576 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 007604592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 006435840 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 006091048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 005195432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 005111808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 005004344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 003368104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 002831872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 002798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-06-30 15:08 - 2020-06-30 15:08 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001654960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001649152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001416224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001393952 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001283072 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001261568 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001260744 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001100288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001055184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 001003832 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000932256 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000894024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000892048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000881664 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000797464 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000760296 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000740664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkObjCore.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000684856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000651776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000614400 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000593424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-06-30 15:08 - 2020-06-30 15:08 - 000557056 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000522240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000518456 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000508720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000508216 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000467952 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000453944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000451864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000407864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000405936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000357176 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000325120 _____ (Microsoft Corporation) C:\Windows\system32\rdpviewerax.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-06-30 15:08 - 2020-06-30 15:08 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-06-30 15:08 - 2020-06-30 15:08 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Preview.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000280376 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpviewerax.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000223544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000221496 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000199992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psr.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000183808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-06-30 15:08 - 2020-06-30 15:08 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\msaatext.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000165832 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000165296 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000165192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000150328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000132424 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000129600 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaatext.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000108856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000090952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000089344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\RpcEpMap.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-06-30 15:08 - 2020-06-30 15:08 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-06-30 15:08 - 2020-06-30 15:08 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 007911176 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 007266080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 006066808 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 005283264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 004012032 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 003726848 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 003187200 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 002656256 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 002289664 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 002235520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001583104 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001486336 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001447424 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001155944 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 001073664 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 001007104 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000931840 _____ (Microsoft Corporation) C:\Windows\system32\InkObjCore.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntime.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000716320 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntimewindows.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000650752 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 000548984 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-06-30 15:07 - 2020-06-30 15:07 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000441152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-06-30 15:07 - 2020-06-30 15:07 - 000427008 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000425056 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000394752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000264192 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\psr.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000209216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\AarSvc.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\WlanRadioManager.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\XboxGipRadioManager.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\NfcRadioMedia.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnosticsTool.exe
2020-06-30 15:07 - 2020-06-30 15:07 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2020-06-30 15:07 - 2020-06-30 15:07 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2020-06-30 15:06 - 2020-06-30 15:06 - 000000000 ____D C:\ProgramData\Apple Computer
2020-06-30 15:06 - 2020-06-30 15:06 - 000000000 ____D C:\ProgramData\Apple
2020-06-29 22:33 - 2020-07-11 19:29 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\D3DSCache
2020-06-29 22:29 - 2020-06-05 23:03 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-29 22:29 - 2020-06-05 23:03 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-29 16:30 - 2020-06-29 16:30 - 002510856 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-06-29 16:29 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-06-29 16:29 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-06-29 15:42 - 2020-06-29 15:42 - 000000000 ____D C:\Program Files\UNP
==================== Een maand (gewijzigd) ==================
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
2020-07-17 21:21 - 2020-04-22 11:54 - 001681094 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-17 21:21 - 2019-03-19 14:34 - 000748518 _____ C:\Windows\system32\perfh013.dat
2020-07-17 21:21 - 2019-03-19 14:34 - 000146390 _____ C:\Windows\system32\perfc013.dat
2020-07-17 21:21 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-07-17 21:17 - 2020-04-22 11:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-17 21:17 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-17 08:35 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-07-16 21:59 - 2020-04-22 16:04 - 000000000 ____D C:\Users\Ingeltje
2020-07-16 21:59 - 2020-04-22 11:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-07-16 16:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\NDF
2020-07-16 08:58 - 2020-05-18 11:26 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-15 22:12 - 2020-04-22 16:05 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\Packages
2020-07-15 22:12 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-15 22:12 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-07-15 22:07 - 2020-05-18 11:26 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\Google
2020-07-11 19:26 - 2020-04-22 11:43 - 000267448 _____ C:\Windows\system32\FNTCACHE.DAT
2020-07-11 13:42 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-07-10 18:56 - 2020-04-22 16:22 - 000000000 ____D C:\ProgramData\Packages
2020-07-07 16:09 - 2020-04-22 12:43 - 000000000 ____D C:\Windows\Panther
2020-07-05 22:56 - 2020-05-18 11:16 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\PlaceholderTileLogoFolder
2020-07-03 05:08 - 2020-05-07 10:08 - 000000000 ___RD C:\Users\Ingeltje\3D Objects
2020-07-03 05:08 - 2020-04-22 16:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-02 22:53 - 2019-03-19 14:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-07-02 22:53 - 2019-03-19 14:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\F12
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Dism
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Com
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-07-02 22:53 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-07-02 13:53 - 2020-04-22 11:44 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-07-01 10:29 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-07-01 10:10 - 2020-04-27 10:21 - 000000000 ___RD C:\Users\Ingeltje\OneDrive
2020-06-30 15:07 - 2020-04-22 11:46 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-06-30 15:05 - 2020-04-22 16:06 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\Publishers
2020-06-30 14:55 - 2020-04-27 10:28 - 000000000 ____D C:\Users\Ingeltje\AppData\Local\ElevatedDiagnostics
2020-06-29 22:25 - 2019-03-19 14:36 - 000000000 ___SD C:\Windows\system32\AppV
2020-06-29 22:25 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-06-29 22:25 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\TextInput
2020-06-29 22:25 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Provisioning
2020-06-29 22:25 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-06-29 22:25 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs
2020-06-29 15:39 - 2020-04-22 16:08 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3835658026-2499684190-248120123-1001
==================== SigCheck ============================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

==================== BCD ================================
Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{4f86def4-8485-11ea-b73c-dab44690fa24}
{a27bf5e5-847e-11ea-a2d1-806e6f6e6963}
{4f86def6-8485-11ea-b73c-dab44690fa24}
{4f86def8-8485-11ea-b73c-dab44690fa24}
{4f86def7-8485-11ea-b73c-dab44690fa24}
timeout 0
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale nl-NL
inherit {globalsettings}
default {current}
resumeobject {4f86def9-8485-11ea-b73c-dab44690fa24}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmware Application (101fffff)
-------------------------------
identifier {4f86def3-8485-11ea-b73c-dab44690fa24}
description CD/DVD Drive
Firmware Application (101fffff)
-------------------------------
identifier {4f86def4-8485-11ea-b73c-dab44690fa24}
description USB Floppy/CD
Firmware Application (101fffff)
-------------------------------
identifier {4f86def6-8485-11ea-b73c-dab44690fa24}
description USB Floppy/CD
Firmware Application (101fffff)
-------------------------------
identifier {4f86def7-8485-11ea-b73c-dab44690fa24}
description IBA GE Slot 00C8 v1376
Firmware Application (101fffff)
-------------------------------
identifier {4f86def8-8485-11ea-b73c-dab44690fa24}
description Hard Drive
Firmware Application (101fffff)
-------------------------------
identifier {a27bf5e5-847e-11ea-a2d1-806e6f6e6963}
description USB Hard Drive
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale nl-NL
inherit {bootloadersettings}
recoverysequence {4f86defb-8485-11ea-b73c-dab44690fa24}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4f86def9-8485-11ea-b73c-dab44690fa24}
nx OptIn
bootmenupolicy Standard
bootlog No
Windows Boot Loader
-------------------
identifier {4f86defb-8485-11ea-b73c-dab44690fa24}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4f86defc-8485-11ea-b73c-dab44690fa24}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale nl-nl
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4f86defc-8485-11ea-b73c-dab44690fa24}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Resume from Hibernate
---------------------
identifier {4f86def9-8485-11ea-b73c-dab44690fa24}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale nl-NL
inherit {resumeloadersettings}
recoverysequence {4f86defb-8485-11ea-b73c-dab44690fa24}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Geheugencontrole
locale nl-NL
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems No
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {4f86defc-8485-11ea-b73c-dab44690fa24}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Einde van FRST.txt ========================



Gebruikers snelkoppeling scan resultaat (x64) Versie: 08-07-2020 01
Gestart door Ingeltje (17-07-2020 23:17:26)
Gestart vanaf C:\Users\Ingeltje\Desktop\First
Boot Modus: Normal
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Geen bestand)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Ingeltje\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Geen bestand)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\Links\Desktop.lnk -> C:\Users\Ingeltje\Desktop ()
Shortcut: C:\Users\Ingeltje\Links\Downloads.lnk -> C:\Users\Ingeltje\Downloads ()
Shortcut: C:\Users\Ingeltje\Desktop\Documenten - Snelkoppeling.lnk -> C:\Users\Ingeltje\Documents ()
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD.lnk -> C:\Program Files (x86)\WinISD\winisd.exe (Geen bestand)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\SendTo\Bestandsoverdracht via Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc.) -> /p 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Ingeltje\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc.) -> /p 2

InternetURL: C:\Users\Ingeltje\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
==================== Einde van Shortcut.txt =============================
 

Attachments

Hi, Masterrood. Welcome to Sysnative.

I have merged the two threads you posted in this forum as well as the two threads in the Windows Update forum. In addition to not seeing anything pointing to malware in the FRST logs posted here, the only installed programs showing are HP. After following instructions provided by the Windows Update experts, if you are still having problems, please post fresh FRST logs here and we'll take another look.

You can find your merged threads in the Windows Update forum here: Windows Resource Protection found corrupt files but was unable to fix some of them.
 
Hello Corrine,

Sorry i did not react on your reply and I really appreciate that you made time to look at the FRST logs.
I also look at the Fsrt log and am pretty sure the corruption is located in the BCD.
Would you like to take a closer look at them. I think the corruping is in the identifiers? If I google Firmware Application (101fffff) the result are not reassuring.

At this moment I commit to follow the action the Peter works out for me in the update forum.

But I appreciate i you could make some time to look in to this!

==================== BCD ================================
Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{4f86def4-8485-11ea-b73c-dab44690fa24}
{a27bf5e5-847e-11ea-a2d1-806e6f6e6963}
{4f86def6-8485-11ea-b73c-dab44690fa24}
{4f86def8-8485-11ea-b73c-dab44690fa24}
{4f86def7-8485-11ea-b73c-dab44690fa24}
timeout 0
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale nl-NL
inherit {globalsettings}
default {current}
resumeobject {4f86def9-8485-11ea-b73c-dab44690fa24}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmware Application (101fffff)
-------------------------------
identifier {4f86def3-8485-11ea-b73c-dab44690fa24}
description CD/DVD Drive
Firmware Application (101fffff)
-------------------------------
identifier {4f86def4-8485-11ea-b73c-dab44690fa24}
description USB Floppy/CD
Firmware Application (101fffff)
-------------------------------
identifier {4f86def6-8485-11ea-b73c-dab44690fa24}
description USB Floppy/CD
Firmware Application (101fffff)
-------------------------------
identifier {4f86def7-8485-11ea-b73c-dab44690fa24}
description IBA GE Slot 00C8 v1376
Firmware Application (101fffff)
-------------------------------
identifier {4f86def8-8485-11ea-b73c-dab44690fa24}
description Hard Drive
Firmware Application (101fffff)
-------------------------------
identifier {a27bf5e5-847e-11ea-a2d1-806e6f6e6963}
description USB Hard Drive
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale nl-NL
inherit {bootloadersettings}
recoverysequence {4f86defb-8485-11ea-b73c-dab44690fa24}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4f86def9-8485-11ea-b73c-dab44690fa24}
nx OptIn
bootmenupolicy Standard
bootlog No
Windows Boot Loader
-------------------
identifier {4f86defb-8485-11ea-b73c-dab44690fa24}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4f86defc-8485-11ea-b73c-dab44690fa24}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale nl-nl
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4f86defc-8485-11ea-b73c-dab44690fa24}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Resume from Hibernate
---------------------
identifier {4f86def9-8485-11ea-b73c-dab44690fa24}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale nl-NL
inherit {resumeloadersettings}
recoverysequence {4f86defb-8485-11ea-b73c-dab44690fa24}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Geheugencontrole
locale nl-NL
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems No
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {4f86defc-8485-11ea-b73c-dab44690fa24}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Einde van FRST.txt ========================
At the moment I commit my to follow the action
 
Masterrood said:
At this moment I commit to follow the action the Peter works out for me in the update forum.

But I appreciate i you could make some time to look in to this!
Click to expand...
As I indicated previously, when the Windows Update thread has been completed, if it appears your computer is still infected, please post fresh FRST los.

Thank you.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top