Pludselig ekstrem langsom bærbar

(Kenneth Høgh) #1

Hej!

Min gamle Acer bærbar er pludselig fra den ene dag til den andet blevet UFATTELIG langsom. Det drejer sig både om at åbne simple hjemmesider, men også programmer på computeren.

Følgende logs er tilføjet i rækkefølge i kommede indlæg:
AdwCleaner[S00].txt
AdwCleaner[C00].txt
Malware Bytes.txt
FRST.txt
Addition.txt

0 Likes

(Kenneth Høgh) #2

-------------------------------

Malwarebytes AdwCleaner 7.2.7.0

-------------------------------

Build: 01-30-2019

Database: 2019-03-11.1 (Cloud)

Support: https://www.malwarebytes.com/support

-------------------------------

Mode: Scan

-------------------------------

Start: 03-15-2019

Duration: 00:00:25

OS: Windows 10 Home

Scanned: 31892

Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

0 Likes

(Kenneth Høgh) #3

-------------------------------

Malwarebytes AdwCleaner 7.2.7.0

-------------------------------

Build: 01-30-2019

Database: 2019-03-11.1 (Cloud)

Support: https://www.malwarebytes.com/support

-------------------------------

Mode: Clean

-------------------------------

Start: 03-15-2019

Duration: 00:00:01

OS: Windows 10 Home

Cleaned: 0

Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


[+] Delete Tracing Keys
[+] Reset Winsock


AdwCleaner[S00].txt - [1250 octets] - [15/03/2019 14:28:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

0 Likes

(Kenneth Høgh) #4

Malwarebytes

-Logoplysninger-
Scanningsdato: 15/03/2019
Scanningstidspunkt: 15.01
Logfil: c5649502-472a-11e9-94f2-201a0650500b.json

-Softwareoplysninger-
Version: 3.7.1.2839
Komponentversion: 1.0.538
Opdatér pakkeversion: 1.0.9700
Licens: Prøveversion

-Systemoplysninger-
OS: Windows 10 (Build 17763.379)
CPU: x64
Filsystem: NTFS
Bruger: KENNETH-LAPTOP\Kenneth

-Scanningsoversigt-
Scanningstype: Trusselsscanning
Scanning started af: Manuel
Resultat: Fuldført
Scannede objekter: 297883
Registrerede trusler: 0
Trusler i karantæne: 0
Forløbet tid: 9 min, 11 sek.

-Scanningsindstillinger-
Hukommelse: Aktiveret
Start: Aktiveret
Filsystem: Aktiveret
Arkiver: Aktiveret
Rootkits: Aktiveret
Heuristik: Aktiveret
PUP: Registrér
PUM: Registrér

-Scanningsoplysninger-
Proces: 0
(Ingen skadelige elementer registreret)

Modul: 0
(Ingen skadelige elementer registreret)

Registreringsnøgle: 0
(Ingen skadelige elementer registreret)

Registreringsværdi: 0
(Ingen skadelige elementer registreret)

Registreringsdata: 0
(Ingen skadelige elementer registreret)

Datastrøm: 0
(Ingen skadelige elementer registreret)

Mappe: 0
(Ingen skadelige elementer registreret)

Fil: 0
(Ingen skadelige elementer registreret)

Fysisk sektor: 0
(Ingen skadelige elementer registreret)

WMI: 0
(Ingen skadelige elementer registreret)

(end)

0 Likes

(Kenneth Høgh) #5

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by Kenneth (administrator) on KENNETH-LAPTOP (15-03-2019 15:16:24)
Running from C:\Users\Kenneth\Desktop
Loaded Profiles: Kenneth (Available Profiles: Kenneth)
Platform: Windows 10 Home Version 1809 17763.379 (X64) Language: Dansk (Danmark)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(OpenBoxLab -> OpenBoxLab) C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.Service.x64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(OpenBoxLab -> OpenBoxLab) C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM…\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM…\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM…\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32…\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-19…\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20…\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [RaiDrive] => C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.exe [8066248 2019-02-28] (OpenBoxLab -> OpenBoxLab)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18…\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{135cd73e-69c0-445f-8ef2-1a663e22f7b3}: [DhcpNameServer] 192.168.0.1
Tcpip…\Interfaces{2218baeb-6fe9-4b00-a559-b77f982867e7}: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{6382f865-1fb0-4f7e-a6ce-96aa0850dca8}: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{907d48dd-e3e1-4dc2-9fa5-0ea5af8f349f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

HKU\S-1-5-21-581939235-167934049-2457689419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.888casino.dk/spil-nu/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:

CHR Profile: C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default [2019-03-15]
CHR Extension: (Slides) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Docs) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Google Drev) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-01]
CHR Extension: (YouTube) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Clipchamp - convert, compress, record video) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\delkpojpfkkfgmknffmblbhmlamkjioi [2017-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-17]
CHR Extension: (Sheets) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-03-13]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-01-23]
CHR Extension: (Magic Enhancer til YouTube™) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2019-02-27]
CHR Extension: (Linkclump) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-01-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-01]
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13]
CHR HKU\S-1-5-21-581939235-167934049-2457689419-1001\SOFTWARE\Google\Chrome\Extensions…\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation - pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RaiDrive.Service; C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.Service.x64.exe [3739848 2019-02-28] (OpenBoxLab -> OpenBoxLab)
S2 SonosLibraryService; C:\Program Files (x86)\Sonos\SonosLibraryService.exe [26624 2019-01-22] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [99560 2015-09-25] (Broadcom Corporation -> Broadcom Corporation)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-21] (EldoS Corporation -> /n software, Inc.)
S3 CloudFSDisk; C:\WINDOWS\System32\drivers\cloudfs_disk.sys [243304 2017-12-22] (Covecube Inc. -> Covecube Inc.)
S3 CoveFSDisk; C:\WINDOWS\System32\drivers\covefs_disk.sys [56424 2017-09-28] (Covecube Inc. -> Covecube Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-11-01] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 UsbDk; C:\WINDOWS\System32\Drivers\UsbDk.sys [97208 2017-04-18] (Red Hat, Inc. -> Red Hat Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 15:16 - 2019-03-15 15:20 - 000020605 _____ C:\Users\Kenneth\Desktop\FRST.txt
2019-03-15 15:16 - 2019-03-15 15:16 - 000000000 ____D C:\FRST
2019-03-15 14:58 - 2019-03-15 14:58 - 000000000 ____D C:\Users\Kenneth\AppData\Local\mbam
2019-03-15 14:57 - 2019-03-15 14:57 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-15 14:57 - 2019-03-15 14:57 - 000000000 ____D C:\Users\Kenneth\AppData\Local\mbamtray
2019-03-15 14:57 - 2019-03-15 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-15 14:57 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-15 14:56 - 2019-03-15 14:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-15 14:56 - 2019-03-15 14:56 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-15 14:56 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-15 14:34 - 2019-03-15 14:35 - 062165928 _____ (Malwarebytes ) C:\Users\Kenneth\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9682.exe
2019-03-15 14:34 - 2019-03-15 14:34 - 002433536 _____ (Farbar) C:\Users\Kenneth\Desktop\FRST64.exe
2019-03-15 14:24 - 2019-03-15 14:28 - 000000000 ____D C:\AdwCleaner
2019-03-15 14:24 - 2019-03-15 14:25 - 000000000 ____D C:\Program Files\CCleaner
2019-03-15 14:24 - 2019-03-15 14:24 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-15 14:24 - 2019-03-15 14:24 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-15 14:24 - 2019-03-15 14:24 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-15 14:24 - 2019-03-15 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-15 14:22 - 2019-03-15 14:22 - 007316688 _____ (Malwarebytes) C:\Users\Kenneth\Desktop\adwcleaner_7.2.7.0 (1).exe
2019-03-15 14:20 - 2019-03-15 14:23 - 021205512 _____ (Piriform Software Ltd) C:\Users\Kenneth\Desktop\ccsetup555.exe
2019-03-15 14:19 - 2019-03-15 15:11 - 000000000 ____D C:\Users\Kenneth\Desktop\SWF
2019-03-13 17:30 - 2019-03-13 17:30 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 015224320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 008875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007882240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006548168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006069760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005436184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004689408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004588744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 003660288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003551408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003378488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002926904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002871312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002776712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002044416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001697744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001644048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001479480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001468440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001457544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001341880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001294856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001258808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001179168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001072720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2019-03-13 17:30 - 2019-03-13 17:30 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2019-03-13 17:30 - 2019-03-13 17:30 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 17:30 - 2019-03-13 17:30 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000808464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000735760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000726416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000652824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000619832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 17:30 - 2019-03-13 17:30 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000484976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-03-13 17:30 - 2019-03-13 17:30 - 000460304 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 17:30 - 2019-03-13 17:30 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000336744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000322576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-13 17:29 - 2019-03-13 17:30 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 007688088 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 002720768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 002013696 _____ C:\WINDOWS\system32\rdpnano.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001043256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000865568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-09 18:47 - 2019-03-09 18:47 - 000000000 ____D C:\Program Files\Plex
2019-03-08 13:57 - 2019-03-08 13:57 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiDrive 1.5.3.1.lnk
2019-03-08 13:57 - 2019-03-08 13:57 - 000000000 ____D C:\Program Files\OpenBoxLab
2019-03-07 19:22 - 2019-03-07 19:22 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Værktøjer til Microsoft Office
2019-02-24 23:16 - 2019-02-24 23:16 - 000001443 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk
2019-02-24 10:54 - 2019-02-24 10:54 - 000000000 ____D C:\Users\Kenneth.android
2019-02-13 16:55 - 2019-02-13 16:55 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-13 16:54 - 2019-02-13 16:55 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 14:57 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-15 14:54 - 2018-10-04 16:12 - 001372962 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-15 14:54 - 2018-09-15 18:36 - 000466630 _____ C:\WINDOWS\system32\perfh006.dat
2019-03-15 14:54 - 2018-09-15 18:36 - 000079380 _____ C:\WINDOWS\system32\perfc006.dat
2019-03-15 14:54 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 14:51 - 2018-12-29 20:25 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-15 14:51 - 2018-11-24 13:01 - 000000000 ____D C:\Users\Kenneth\AppData\Local\LogMeIn Hamachi
2019-03-15 14:50 - 2018-10-04 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-15 14:50 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-15 14:50 - 2017-11-24 20:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-03-15 14:50 - 2017-11-01 20:27 - 000000180 _____ C:\WINDOWS\system32{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-15 14:50 - 2017-11-01 20:27 - 000000000 __SHD C:\Users\Kenneth\IntelGraphicsProfiles
2019-03-15 14:49 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-03-15 14:30 - 2018-10-03 18:04 - 000000000 ____D C:\Users\Kenneth
2019-03-15 14:26 - 2018-10-03 17:27 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-15 14:26 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-15 14:26 - 2018-03-25 20:52 - 000000000 ____D C:\Users\Kenneth\AppData\Local\CrashDumps
2019-03-15 14:26 - 2018-03-09 19:51 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\FileZilla
2019-03-15 14:26 - 2017-11-24 20:11 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\TeamViewer
2019-03-15 14:18 - 2018-12-29 20:29 - 000001294 _____ C:\Users\Kenneth\Desktop\TreeSize Free.lnk
2019-03-15 14:18 - 2018-06-20 15:58 - 000001136 _____ C:\Users\Kenneth\Desktop\ViewPlayCap.lnk
2019-03-15 14:18 - 2018-05-19 15:56 - 000002007 _____ C:\Users\Kenneth\Desktop\UniFi.lnk
2019-03-15 14:18 - 2017-11-01 20:41 - 000001804 _____ C:\Users\Kenneth\Desktop\Google Drev.lnk
2019-03-15 14:18 - 2017-11-01 20:36 - 000001225 _____ C:\Users\Kenneth\Desktop\Plex Media Player.lnk
2019-03-15 14:17 - 2018-12-15 21:40 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2019-03-15 14:16 - 2018-08-26 11:05 - 000000000 ____D C:\GOG Games
2019-03-15 14:15 - 2017-11-01 20:28 - 000000000 ___RD C:\Users\Kenneth\OneDrive
2019-03-15 14:14 - 2017-11-01 20:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-15 14:02 - 2017-11-01 20:35 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\vlc
2019-03-15 13:55 - 2018-10-04 16:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-14 19:37 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-14 19:04 - 2017-11-01 20:35 - 000000000 ____D C:\Users\Kenneth\AppData\Local\PlexMediaPlayer
2019-03-14 18:42 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-14 18:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-14 17:33 - 2018-12-20 13:05 - 000014168 _____ C:\Users\Kenneth\Desktop\ejerskiftelån.xlsx
2019-03-14 16:43 - 2017-11-01 20:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-14 16:43 - 2017-11-01 20:26 - 000000000 ___RD C:\Users\Kenneth\3D Objects
2019-03-14 16:42 - 2018-10-04 16:03 - 000446552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 17:29 - 2018-10-04 16:03 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-03-13 17:27 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-13 17:27 - 2018-09-15 08:36 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 17:27 - 2017-11-01 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 17:24 - 2017-11-01 20:42 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-10 10:45 - 2019-01-28 14:13 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\Telegram Desktop
2019-03-09 18:47 - 2018-06-15 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Player
2019-03-08 13:57 - 2018-07-08 11:06 - 000001145 _____ C:\Users\Public\Desktop\RaiDrive.lnk
2019-03-07 19:21 - 2018-06-24 19:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-07 19:10 - 2017-11-01 20:32 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-07 19:10 - 2017-11-01 20:32 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-02 19:08 - 2017-11-01 20:45 - 000000000 ____D C:\Users\Kenneth\AppData\Local\PlaceholderTileLogoFolder
2019-03-02 17:15 - 2018-05-19 15:56 - 000000000 ____D C:\Users\Kenneth\Ubiquiti UniFi
2019-02-24 10:44 - 2017-12-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 22:55 - 2018-03-02 07:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-20 23:37 - 2017-11-01 20:26 - 000000000 ____D C:\Users\Kenneth\AppData\Local\Packages
2019-02-16 14:39 - 2018-12-15 21:40 - 000002012 _____ C:\Users\Public\Desktop\Sonos.lnk
2019-02-16 14:39 - 2018-12-15 21:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2019-02-16 14:39 - 2018-12-15 21:40 - 000000000 ____D C:\Program Files (x86)\Sonos
2019-02-16 14:39 - 2018-06-01 14:09 - 000000000 ____D C:\Users\Kenneth\AppData\Local\Downloaded Installations
2019-02-16 11:46 - 2018-01-14 19:32 - 000000600 _____ C:\Users\Kenneth\AppData\Local\PUTTY.RND
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-14 10:37 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-13 20:44 - 2019-02-11 16:11 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-02-13 20:44 - 2019-02-11 16:11 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-02-13 20:34 - 2018-10-04 16:07 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-13 17:27 - 2018-12-09 19:05 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-02-13 17:27 - 2018-12-09 19:05 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk

==================== Files in the root of some directories =======

2018-01-14 19:32 - 2019-02-16 11:46 - 000000600 _____ () C:\Users\Kenneth\AppData\Local\PUTTY.RND
2018-12-23 20:26 - 2018-12-23 20:26 - 000003362 _____ () C:\Users\Kenneth\AppData\Local\recently-used.xbel
2018-06-14 16:53 - 2018-06-14 16:53 - 000007619 _____ () C:\Users\Kenneth\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:

2019-03-15 14:15 - 2019-03-15 14:15 - 000040448 ____N () C:\Users\Kenneth\AppData\Local\Temp\proxy_vole7752765422857759127.dll

Some zero byte size files/folders:

C:\Windows\SysWOW64\lastpass_1337.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by Kenneth (administrator) on KENNETH-LAPTOP (15-03-2019 15:16:24)
Running from C:\Users\Kenneth\Desktop
Loaded Profiles: Kenneth (Available Profiles: Kenneth)
Platform: Windows 10 Home Version 1809 17763.379 (X64) Language: Dansk (Danmark)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(OpenBoxLab -> OpenBoxLab) C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.Service.x64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(OpenBoxLab -> OpenBoxLab) C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM…\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM…\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM…\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32…\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-19…\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20…\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [RaiDrive] => C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.exe [8066248 2019-02-28] (OpenBoxLab -> OpenBoxLab)
HKU\S-1-5-21-581939235-167934049-2457689419-1001…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18…\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{135cd73e-69c0-445f-8ef2-1a663e22f7b3}: [DhcpNameServer] 192.168.0.1
Tcpip…\Interfaces{2218baeb-6fe9-4b00-a559-b77f982867e7}: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{6382f865-1fb0-4f7e-a6ce-96aa0850dca8}: [DhcpNameServer] 192.168.1.1
Tcpip…\Interfaces{907d48dd-e3e1-4dc2-9fa5-0ea5af8f349f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

HKU\S-1-5-21-581939235-167934049-2457689419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.888casino.dk/spil-nu/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:

CHR Profile: C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default [2019-03-15]
CHR Extension: (Slides) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Docs) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Google Drev) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-01]
CHR Extension: (YouTube) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Clipchamp - convert, compress, record video) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\delkpojpfkkfgmknffmblbhmlamkjioi [2017-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-17]
CHR Extension: (Sheets) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-03-13]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-01-23]
CHR Extension: (Magic Enhancer til YouTube™) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2019-02-27]
CHR Extension: (Linkclump) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-01-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-01]
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13]
CHR HKU\S-1-5-21-581939235-167934049-2457689419-1001\SOFTWARE\Google\Chrome\Extensions…\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation - pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RaiDrive.Service; C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.Service.x64.exe [3739848 2019-02-28] (OpenBoxLab -> OpenBoxLab)
S2 SonosLibraryService; C:\Program Files (x86)\Sonos\SonosLibraryService.exe [26624 2019-01-22] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [99560 2015-09-25] (Broadcom Corporation -> Broadcom Corporation)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-21] (EldoS Corporation -> /n software, Inc.)
S3 CloudFSDisk; C:\WINDOWS\System32\drivers\cloudfs_disk.sys [243304 2017-12-22] (Covecube Inc. -> Covecube Inc.)
S3 CoveFSDisk; C:\WINDOWS\System32\drivers\covefs_disk.sys [56424 2017-09-28] (Covecube Inc. -> Covecube Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-15] (Malwarebytes Corporation -> Malwarebytes)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-11-01] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 UsbDk; C:\WINDOWS\System32\Drivers\UsbDk.sys [97208 2017-04-18] (Red Hat, Inc. -> Red Hat Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 15:16 - 2019-03-15 15:20 - 000020605 _____ C:\Users\Kenneth\Desktop\FRST.txt
2019-03-15 15:16 - 2019-03-15 15:16 - 000000000 ____D C:\FRST
2019-03-15 14:58 - 2019-03-15 14:58 - 000000000 ____D C:\Users\Kenneth\AppData\Local\mbam
2019-03-15 14:57 - 2019-03-15 14:57 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-15 14:57 - 2019-03-15 14:57 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-15 14:57 - 2019-03-15 14:57 - 000000000 ____D C:\Users\Kenneth\AppData\Local\mbamtray
2019-03-15 14:57 - 2019-03-15 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-15 14:57 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-15 14:56 - 2019-03-15 14:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-15 14:56 - 2019-03-15 14:56 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-15 14:56 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-15 14:34 - 2019-03-15 14:35 - 062165928 _____ (Malwarebytes ) C:\Users\Kenneth\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9682.exe
2019-03-15 14:34 - 2019-03-15 14:34 - 002433536 _____ (Farbar) C:\Users\Kenneth\Desktop\FRST64.exe
2019-03-15 14:24 - 2019-03-15 14:28 - 000000000 ____D C:\AdwCleaner
2019-03-15 14:24 - 2019-03-15 14:25 - 000000000 ____D C:\Program Files\CCleaner
2019-03-15 14:24 - 2019-03-15 14:24 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-15 14:24 - 2019-03-15 14:24 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-15 14:24 - 2019-03-15 14:24 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-15 14:24 - 2019-03-15 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-15 14:22 - 2019-03-15 14:22 - 007316688 _____ (Malwarebytes) C:\Users\Kenneth\Desktop\adwcleaner_7.2.7.0 (1).exe
2019-03-15 14:20 - 2019-03-15 14:23 - 021205512 _____ (Piriform Software Ltd) C:\Users\Kenneth\Desktop\ccsetup555.exe
2019-03-15 14:19 - 2019-03-15 15:11 - 000000000 ____D C:\Users\Kenneth\Desktop\SWF
2019-03-13 17:30 - 2019-03-13 17:30 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 015224320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 008875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007882240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006548168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 006069760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005436184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004689408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 004588744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 003660288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003551408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 003378488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002926904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002871312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002776712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002044416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001697744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001644048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001479480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001468440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001457544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001341880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001294856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 001258808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-13 17:30 - 2019-03-13 17:30 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001179168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001072720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2019-03-13 17:30 - 2019-03-13 17:30 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2019-03-13 17:30 - 2019-03-13 17:30 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 17:30 - 2019-03-13 17:30 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000808464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000735760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000726416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000652824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000619832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 17:30 - 2019-03-13 17:30 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000484976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-03-13 17:30 - 2019-03-13 17:30 - 000460304 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 17:30 - 2019-03-13 17:30 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000336744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000322576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 17:30 - 2019-03-13 17:30 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
2019-03-13 17:30 - 2019-03-13 17:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 17:30 - 2019-03-13 17:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-13 17:29 - 2019-03-13 17:30 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 007688088 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 002720768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 002013696 _____ C:\WINDOWS\system32\rdpnano.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 001043256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000865568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2019-03-13 17:29 - 2019-03-13 17:29 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 17:29 - 2019-03-13 17:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 17:29 - 2019-03-13 17:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-09 18:47 - 2019-03-09 18:47 - 000000000 ____D C:\Program Files\Plex
2019-03-08 13:57 - 2019-03-08 13:57 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiDrive 1.5.3.1.lnk
2019-03-08 13:57 - 2019-03-08 13:57 - 000000000 ____D C:\Program Files\OpenBoxLab
2019-03-07 19:22 - 2019-03-07 19:22 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 19:22 - 2019-03-07 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Værktøjer til Microsoft Office
2019-02-24 23:16 - 2019-02-24 23:16 - 000001443 _____ C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk
2019-02-24 10:54 - 2019-02-24 10:54 - 000000000 ____D C:\Users\Kenneth.android
2019-02-13 16:55 - 2019-02-13 16:55 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-13 16:55 - 2019-02-13 16:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-13 16:55 - 2019-02-13 16:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-13 16:54 - 2019-02-13 16:55 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-13 16:54 - 2019-02-13 16:54 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-13 16:54 - 2019-02-13 16:54 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 16:54 - 2019-02-13 16:54 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 14:57 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-15 14:54 - 2018-10-04 16:12 - 001372962 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-15 14:54 - 2018-09-15 18:36 - 000466630 _____ C:\WINDOWS\system32\perfh006.dat
2019-03-15 14:54 - 2018-09-15 18:36 - 000079380 _____ C:\WINDOWS\system32\perfc006.dat
2019-03-15 14:54 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 14:51 - 2018-12-29 20:25 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-15 14:51 - 2018-11-24 13:01 - 000000000 ____D C:\Users\Kenneth\AppData\Local\LogMeIn Hamachi
2019-03-15 14:50 - 2018-10-04 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-15 14:50 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-15 14:50 - 2017-11-24 20:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-03-15 14:50 - 2017-11-01 20:27 - 000000180 _____ C:\WINDOWS\system32{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-15 14:50 - 2017-11-01 20:27 - 000000000 __SHD C:\Users\Kenneth\IntelGraphicsProfiles
2019-03-15 14:49 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-03-15 14:30 - 2018-10-03 18:04 - 000000000 ____D C:\Users\Kenneth
2019-03-15 14:26 - 2018-10-03 17:27 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-15 14:26 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-15 14:26 - 2018-03-25 20:52 - 000000000 ____D C:\Users\Kenneth\AppData\Local\CrashDumps
2019-03-15 14:26 - 2018-03-09 19:51 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\FileZilla
2019-03-15 14:26 - 2017-11-24 20:11 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\TeamViewer
2019-03-15 14:18 - 2018-12-29 20:29 - 000001294 _____ C:\Users\Kenneth\Desktop\TreeSize Free.lnk
2019-03-15 14:18 - 2018-06-20 15:58 - 000001136 _____ C:\Users\Kenneth\Desktop\ViewPlayCap.lnk
2019-03-15 14:18 - 2018-05-19 15:56 - 000002007 _____ C:\Users\Kenneth\Desktop\UniFi.lnk
2019-03-15 14:18 - 2017-11-01 20:41 - 000001804 _____ C:\Users\Kenneth\Desktop\Google Drev.lnk
2019-03-15 14:18 - 2017-11-01 20:36 - 000001225 _____ C:\Users\Kenneth\Desktop\Plex Media Player.lnk
2019-03-15 14:17 - 2018-12-15 21:40 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2019-03-15 14:16 - 2018-08-26 11:05 - 000000000 ____D C:\GOG Games
2019-03-15 14:15 - 2017-11-01 20:28 - 000000000 ___RD C:\Users\Kenneth\OneDrive
2019-03-15 14:14 - 2017-11-01 20:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-15 14:02 - 2017-11-01 20:35 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\vlc
2019-03-15 13:55 - 2018-10-04 16:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-14 19:37 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-14 19:04 - 2017-11-01 20:35 - 000000000 ____D C:\Users\Kenneth\AppData\Local\PlexMediaPlayer
2019-03-14 18:42 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-14 18:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-14 17:33 - 2018-12-20 13:05 - 000014168 _____ C:\Users\Kenneth\Desktop\ejerskiftelån.xlsx
2019-03-14 16:43 - 2017-11-01 20:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-14 16:43 - 2017-11-01 20:26 - 000000000 ___RD C:\Users\Kenneth\3D Objects
2019-03-14 16:42 - 2018-10-04 16:03 - 000446552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-13 20:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 17:29 - 2018-10-04 16:03 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-03-13 17:27 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-13 17:27 - 2018-09-15 08:36 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 17:27 - 2017-11-01 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 17:24 - 2017-11-01 20:42 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-10 10:45 - 2019-01-28 14:13 - 000000000 ____D C:\Users\Kenneth\AppData\Roaming\Telegram Desktop
2019-03-09 18:47 - 2018-06-15 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Player
2019-03-08 13:57 - 2018-07-08 11:06 - 000001145 _____ C:\Users\Public\Desktop\RaiDrive.lnk
2019-03-07 19:21 - 2018-06-24 19:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-07 19:10 - 2017-11-01 20:32 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-07 19:10 - 2017-11-01 20:32 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-02 19:08 - 2017-11-01 20:45 - 000000000 ____D C:\Users\Kenneth\AppData\Local\PlaceholderTileLogoFolder
2019-03-02 17:15 - 2018-05-19 15:56 - 000000000 ____D C:\Users\Kenneth\Ubiquiti UniFi
2019-02-24 10:44 - 2017-12-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 22:55 - 2018-03-02 07:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-20 23:37 - 2017-11-01 20:26 - 000000000 ____D C:\Users\Kenneth\AppData\Local\Packages
2019-02-16 14:39 - 2018-12-15 21:40 - 000002012 _____ C:\Users\Public\Desktop\Sonos.lnk
2019-02-16 14:39 - 2018-12-15 21:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2019-02-16 14:39 - 2018-12-15 21:40 - 000000000 ____D C:\Program Files (x86)\Sonos
2019-02-16 14:39 - 2018-06-01 14:09 - 000000000 ____D C:\Users\Kenneth\AppData\Local\Downloaded Installations
2019-02-16 11:46 - 2018-01-14 19:32 - 000000600 _____ C:\Users\Kenneth\AppData\Local\PUTTY.RND
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-14 10:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-14 10:37 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-13 20:44 - 2019-02-11 16:11 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-02-13 20:44 - 2019-02-11 16:11 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-02-13 20:34 - 2018-10-04 16:07 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-13 17:27 - 2018-12-09 19:05 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-02-13 17:27 - 2018-12-09 19:05 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk

==================== Files in the root of some directories =======

2018-01-14 19:32 - 2019-02-16 11:46 - 000000600 _____ () C:\Users\Kenneth\AppData\Local\PUTTY.RND
2018-12-23 20:26 - 2018-12-23 20:26 - 000003362 _____ () C:\Users\Kenneth\AppData\Local\recently-used.xbel
2018-06-14 16:53 - 2018-06-14 16:53 - 000007619 _____ () C:\Users\Kenneth\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:

2019-03-15 14:15 - 2019-03-15 14:15 - 000040448 ____N () C:\Users\Kenneth\AppData\Local\Temp\proxy_vole7752765422857759127.dll

Some zero byte size files/folders:

C:\Windows\SysWOW64\lastpass_1337.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

0 Likes

(Kenneth Høgh) #6

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by Kenneth (15-03-2019 15:22:04)
Running from C:\Users\Kenneth\Desktop
Windows 10 Home Version 1809 17763.379 (X64) (2018-10-04 15:08:01)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-581939235-167934049-2457689419-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581939235-167934049-2457689419-503 - Limited - Disabled)
Gæst (S-1-5-21-581939235-167934049-2457689419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581939235-167934049-2457689419-1003 - Limited - Enabled)
Kenneth (S-1-5-21-581939235-167934049-2457689419-1001 - Administrator - Enabled) => C:\Users\Kenneth
WDAGUtilityAccount (S-1-5-21-581939235-167934049-2457689419-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Dansk (HKLM-x32…{AC76BA86-7AD7-1030-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM…{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM…{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32…{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Apple-programunderstøttelse (32 bit) (HKLM-x32…{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple-programunderstøttelse (64 bit) (HKLM…{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM…\CCleaner) (Version: 5.55 - Piriform)
Command & Conquer Generals (HKLM-x32…{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden
Command & Conquer Generals (HKLM-x32…\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (HKLM-x32…{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32…\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
ELAN Touchpad 11.15.0.18_X64 (HKLM…\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Elevated Installer (HKLM-x32…{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.40.0 (HKLM-x32…\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Garmin Express (HKLM-x32…{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32…{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
GenTool (HKLM-x32…\GenTool) (Version: 7.4 - xezon)
Google Chrome (HKLM-x32…\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP DeskJet 3700 series - basissoftware til enheden (HKLM…{698BC841-FE7D-4AD0-B5CC-52646E2FC256}) (Version: 40.2.1085.16258 - HP Inc.)
Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
iTunes (HKLM…{0DD0E814-3786-4057-A55C-E8DA0AA999B4}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 201 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM…{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32…{1945856D-A68E-43D3-846D-F8DFDE4A69F7}) (Version: 2.2.0.630 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32…\LogMeIn Hamachi) (Version: 2.2.0.630 - LogMeIn, Inc.)
Malwarebytes version 3.7.1.2839 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2019 - da-dk (HKLM…\ProPlus2019Retail - da-dk) (Version: 16.0.11328.20146 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32…{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32…{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32…{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32…{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32…{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyHarmony (HKLM-x32…{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
Notepad++ (64-bit x64) (HKLM…\Notepad++) (Version: 7.5.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0406-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Plex Media Player (HKLM…{FF736E8F-0901-49DB-8346-A0E18A5233AA}) (Version: 2.29.1 - Plex) Hidden
Plex Media Player (HKLM-x32…{515cbef1-30f0-4019-8e31-aa80bf887e68}) (Version: 2.29.1 - Plex)
PuTTY release 0.70 (64-bit) (HKLM…{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Qualcomm Atheros Bluetooth Suite (64) (HKLM…{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32…{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.67 - Qualcomm Atheros)
RaiDrive (HKLM…{44D45B69-D25A-4478-8486-20BA19CEAF7C}) (Version: 1.5.3.1 - OpenBoxLab) Hidden
RaiDrive (HKLM…\RaiDrive 1.5.3.1) (Version: 1.5.3.1 - OpenBoxLab)
SD Card Formatter (HKLM-x32…{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Sonos Controller (HKLM-x32…{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 48.2.61220 - Sonos, Inc.)
Speedtest by Ookla (HKLM…{CFF1450F-71E9-4286-82AE-99E6D797CAD3}) (Version: 1.1.23.001 - Ookla)
Steam (HKLM-x32…\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32…\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.5.8 (HKU\S-1-5-21-581939235-167934049-2457689419-1001…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.8 - Telegram Messenger LLP)
TreeSize Free V4.2.2 (HKLM-x32…\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Ubiquiti UniFi (remove only) (HKLM-x32…\Ubiquiti UniFi) (Version: - )
UsbDk Runtime Libraries (HKLM…{446D7CEA-0B07-44FF-8981-37985CA96C41}) (Version: 1.0.19 - Red Hat, Inc.)
VLC media player (HKLM-x32…\VLC media player) (Version: 3.0.6 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32…{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows 10 IoT Core Dashboard (HKU\S-1-5-21-581939235-167934049-2457689419-1001…\c2fa147d7a65c4f7) (Version: 1.0.1805.22000 - Windows 10 IoT Core)
Windows-driverpakke - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM…\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-driverpakke - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM…\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-bit) (HKLM…\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
ZOC Terminal 7.2 (64-bit) (HKLM…\ZOC7) (Version: 7.22.4 - EmTec Innovative Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-581939235-167934049-2457689419-1001_Classes\CLSID{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Kenneth\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-581939235-167934049-2457689419-1001_Classes\CLSID{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Kenneth\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-581939235-167934049-2457689419-1001_Classes\CLSID{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Kenneth\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\amd64\FileSyncShell64.dll => No File
SSODL: EldosMountNotificator-cbfs6 - {9A09B1D3-95AD-4F6E-8F99-E888850F51BD} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {9A09B1D3-95AD-4F6E-8F99-E888850F51BD} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {9A09B1D3-95AD-4F6E-8F99-E888850F51BD} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {9A09B1D3-95AD-4F6E-8F99-E888850F51BD} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {20F2A73E-FFD2-48D0-B135-F6ADD397FAB3} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {20F2A73E-FFD2-48D0-B135-F6ADD397FAB3} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-10-14] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {117029CF-965B-4DD9-917A-909455764C72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {375B452A-0C8B-4E60-BF7E-C3216DDB0D40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3BC68D39-239F-4100-B4FF-F0F748D45046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4993B2BD-5A9A-4573-AADF-F6C6F61A55FD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5230B818-2BE8-463F-934E-F310B94EEEA9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {58FC4961-AD48-4B2E-AE47-4D87E78D08CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D63B997-4818-4A09-BE86-CBE713FA84F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {61F757A8-16D7-45B6-A0EA-C5249691A298} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {69A32EB0-4CCD-4022-922F-4969ABA74080} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7B137C56-A327-42C2-B7EE-1F0477751EB1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7E67BC8F-637E-4F07-8F4B-E09C92993720} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {909DAF78-7EC2-48D9-A8A3-A979B1DA8093} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A478573E-6818-49E8-91FF-DCDB2D70A8A9} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> )
Task: {AFEE563A-2F75-4AF5-B5ED-AAB40A61C1D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C53C7BE3-6473-430B-99FB-2587A136D482} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D41A9B3E-9C78-4E9C-9D7D-99F3D13D8537} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DF3C9667-2375-4EED-882C-28B857BE2FE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E11328E9-C98E-4445-9667-2A53A2143D5F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F1AB6D80-75B4-4332-A496-54564C33B172} - System32\Tasks\S-1-5-21-581939235-167934049-2457689419-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {F8E4D1C7-314E-4248-99E2-E1CAD4E51E00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) ==============

2018-10-04 16:05 - 2019-03-15 14:50 - 000340480 _____ (/n software, Inc.) [File not signed] C:\WINDOWS\TEMP\b0494a1f-4bd3-owMQN5swJPTJH+ixLIcd2g==\CBFS6Net.dll
2018-12-28 08:16 - 2018-12-28 08:16 - 001655296 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80U.DLL
2017-04-18 04:45 - 2017-04-18 04:45 - 000008192 _____ (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
2017-04-18 04:45 - 2017-04-18 04:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2018-11-28 11:59 - 2018-11-28 11:59 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2018-11-28 11:57 - 2018-11-28 11:57 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-04-18 04:45 - 2017-04-18 04:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-15 14:56 - 2019-02-01 10:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000086016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000037888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2019-03-15 14:56 - 2019-02-01 10:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartBlockSize.Tag.CloudFsDisk [10]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartCacheChunkSize.Tag.CloudFsDisk [18]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartCacheSize.Tag.CloudFsDisk [18]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartCryptKeyValidation.Tag.CloudFsDisk [32]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartCryptKeyValidationIV.Tag.CloudFsDisk [16]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartCryptUid.Tag.CloudFsDisk [16]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartProviderMetadata.Tag.CloudFsDisk [624]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartProviderUid.Tag.CloudFsDisk [16]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartSize.Tag.CloudFsDisk [18]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartStartCount.Tag.CloudFsDisk [18]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartUid.Tag.CloudFsDisk [16]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartWriteCacheFixed.Tag.CloudFsDisk [0]
AlternateDataStreams: C:\CloudPart.7e62a82f-d8a8-4fd3-8157-986a931bfdb7:CloudPartWriteMapMaximumSize.Tag.CloudFsDisk [8]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => “”=“Service”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-09-23 13:30 - 2018-09-23 13:31 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\PuTTY;%SYSTEMROOT%\System32\OpenSSH
HKU\S-1-5-21-581939235-167934049-2457689419-1001\Control Panel\Desktop\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1C953AD-6764-4339-A98C-C342879BF82C}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B4224D58-2CA8-4E55-A1BC-E6963BBB3960}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6398762D-235E-442B-8177-8599030372C8}] => (Allow) C:\Users\Kenneth\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{2FF34407-0D6F-4C5F-A35E-5CCDC21C8324}] => (Allow) C:\Users\Kenneth\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [UDP Query User{3CA6125F-B8D9-49D1-A415-C56CC66AE02C}C:\program files\plex\plex media player\plexmediaplayer.exe] => (Allow) C:\program files\plex\plex media player\plexmediaplayer.exe (Plex, Inc -> )
FirewallRules: [TCP Query User{9ED22373-438D-446E-AFDB-82C41DE5A19E}C:\program files\plex\plex media player\plexmediaplayer.exe] => (Allow) C:\program files\plex\plex media player\plexmediaplayer.exe (Plex, Inc -> )
FirewallRules: [{EE0831DD-0E59-4ED2-9522-4D21D87F94CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86B6B25A-0C3C-448C-BED5-B61E9CD8C839}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{803ACAFD-9A4F-4614-B643-03B31C3851E3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0E14DF5-EE69-4D41-9533-BE0189AFFD49}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB07A2F6-3E67-4F67-9DF4-75F09761CFF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4DCB22D4-E226-4812-BAC2-B076AE07CE9E}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat () [File not signed]
FirewallRules: [UDP Query User{6485FED0-B62F-41EB-9BE7-E7253ECA0B8C}C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat] => (Allow) C:\program files (x86)\ea games\command & conquer generals zero hour\game.dat () [File not signed]
FirewallRules: [{CD700157-EFC9-4CBF-8DD8-921D5F2CE6F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{99A0238A-F185-4D5B-83A1-31D74461654C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3037295A-82C1-4781-B7B2-1D91ACEA9130}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{9A1351CB-5A4C-4F53-B194-F1E15DAB9FB3}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{7793989D-47F1-41DC-BF46-1DEEAB9FF003}] => (Allow) LPort=3445
FirewallRules: [{90146721-5675-4C88-87B2-FE7B0784F1BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FDDD1B0E-DB72-40E9-890A-5EF3EDC477DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CE6FA39C-718A-4B1B-8E34-C106E1E26508}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2C208494-3625-431E-A795-D8A407BA280F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF85F3EB-CA2E-4EBA-81CB-34545D75E0F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CA174468-47C1-4402-A1EB-A9BCBB88A803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16F08C7B-FE9F-4F00-9131-B67821C1828A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{70E13921-BFD1-405F-BECC-EDA64E9F6C14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D842643B-4512-4B4F-AA3E-25F9B5770859}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CF27C129-F24E-4C41-A31D-7962EE703813}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B22F8E05-1522-45C8-B4C2-6F7D0577E179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [{D7DA161C-88BF-4456-8618-5DB471DB95B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [{DC188DF9-BCB0-4694-99C4-43014EFAA81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{09D42D36-A038-4082-B195-2F9B6C30546A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E86950C6-2402-48F6-B5EA-EF243F69F665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8FF2D174-8F5C-4156-9CF6-C1C787BB2C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{B38F9A7E-9A7D-4ABD-B42A-A40C14E587BB}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{6D992722-33B0-4222-AE44-19F3F1287DC2}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{EBAC27C8-CB71-4113-8C51-A7BC5AA8BC75}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{1E58754A-988C-478E-BF32-7EE6CA1AA40C}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{8840664C-577D-4B08-B50C-D919B9581A28}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE04F2CD-89E6-4172-A27A-58B8BB7A6582}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{635AD8D0-202E-4959-800B-F2D4E15FBFA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{63EBCE29-DFDA-46DA-B735-3E9FDC944852}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F6CC66C8-A7D8-4980-A906-8976DFB7D77E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCE82EE0-A519-4A4A-B9E0-B9B6C4C3A0C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F9A066E9-7312-469E-8064-557898E80630}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C94ED536-3836-43D5-9A18-2747CB143E34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C46C6CDE-C9F6-4036-B54A-04F2BFC98D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{1E2E0FBC-502C-4B0C-B6E5-D80D76CC2D10}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{E899C1C6-3165-4E5E-9548-73687187416D}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{FB0EB33B-46B8-40A6-8A8A-93F37AE0C96E}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{9EFBE392-AD5B-4013-A8BE-AFE1EB3BA5FE}C:\program files (x86)\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\java.exe
FirewallRules: [{BF6F3C50-166D-4A6F-838C-E064FF2B1ED2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{B54ADB68-9BE9-4B58-8B6A-A96E003AF6CA}] => (Allow) C:\Program Files\OpenBoxLab\RaiDrive\RaiDrive.Service.x64.exe (OpenBoxLab -> OpenBoxLab)
FirewallRules: [{8648EC22-48B0-49C8-8E15-593C20526256}] => (Allow) C:\Program Files\Plex\Plex Media Player\PlexMediaPlayer.exe (Plex, Inc -> )
FirewallRules: [{7A654708-68AD-4E6F-B25A-802676CA4183}] => (Allow) C:\Program Files\Plex\Plex Media Player\PMPHelper.exe () [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Virtuelt kort til Microsoft Wi-Fi Direct
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

Error: (03/15/2019 02:50:40 PM) (Source: SonosLibraryService) (EventID: 0) (User: )
Description: Tjenesten kan ikke startes. Handlen er ikke gyldig

Error: (03/15/2019 02:31:42 PM) (Source: SonosLibraryService) (EventID: 0) (User: )
Description: Tjenesten kan ikke startes. Handlen er ikke gyldig

Error: (03/15/2019 01:55:47 PM) (Source: SonosLibraryService) (EventID: 0) (User: )
Description: Tjenesten kan ikke startes. Handlen er ikke gyldig

Error: (03/14/2019 07:16:42 PM) (Source: SonosLibraryService) (EventID: 0) (User: )
Description: Tjenesten kan ikke startes. Handlen er ikke gyldig

Error: (03/14/2019 04:42:21 PM) (Source: SonosLibraryService) (EventID: 0) (User: )
Description: Tjenesten kan ikke startes. Handlen er ikke gyldig

Error: (03/13/2019 05:12:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31172

Error: (03/13/2019 05:12:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31172

Error: (03/13/2019 05:12:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:

Error: (03/15/2019 02:52:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscBrokerManager
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:52:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscDataProtection
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:52:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.SecurityAppBroker
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:51:30 PM) (Source: DCOM) (EventID: 10016) (User: KENNETH-LAPTOP)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
og APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
for brugeren KENNETH-LAPTOP\Kenneth SID (S-1-5-21-581939235-167934049-2457689419-1001) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:51:16 PM) (Source: DCOM) (EventID: 10016) (User: KENNETH-LAPTOP)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Aktivering adgang til COM-serverprogrammet med CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
og APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
for brugeren KENNETH-LAPTOP\Kenneth SID (S-1-5-21-581939235-167934049-2457689419-1001) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.SecurityAppBroker
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscBrokerManager
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Error: (03/15/2019 02:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Adgangsindstillingerne programspecifikke giver ikke Lokal Start adgang til COM-serverprogrammet med CLSID
Windows.SecurityCenter.WscDataProtection
og APPID
Ikke tilgængelig
for brugeren NT AUTHORITY\SYSTEM SID (S-1-5-18) fra adressen LocalHost (via LRPC), der kører i programbeholderen Ikke tilgængelig SID (Ikke tilgængelig). Denne sikkerhedstilladelse kan redigeres ved hjælp af administrationsværktøjet til komponenttjenester.

Windows Defender:

Date: 2019-03-15 15:15:27.378
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {C2F6B9DE-B625-4766-8F68-0A41F252637B}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-03-14 18:56:58.621
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {20B8AD05-6F3D-4C78-BF23-CA752A953974}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-03-10 10:54:24.118
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {58055015-D12A-4777-9984-2CC2B1B9D797}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-03-07 19:46:24.370
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {1D947BED-E7C7-4D6B-BC0E-BFBC64CF8F8C}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-03-07 19:40:05.356
Description:
Windows Defender Antivirus-scanning er blevet stoppet, før den er gennemført.
Scannings-id: {7CB727D6-9C65-4DE4-9F6A-FE40668FE6F4}
Scanningstype: AntiMalware
Scanningsparametre: Hurtig scanning
Bruger: NT AUTHORITY\SYSTEM

Date: 2019-02-10 11:50:14.393
Description:
Windows Defender Antivirus har registreret en fejl under forsøget på at opdatere signaturer.
Ny signaturversion:
Tidligere signaturversion:1.285.1211.0
Opdateringskilde:Microsoft Update-server
Signaturtype:AntiVirus
Opdateringstype:Fuld
Bruger:NT AUTHORITY\SYSTEM
Nuværende programversion:
Tidligere programversion:1.1.15600.4
Fejlkode:0x80240438
Fejlbeskrivelse:Der opstod et uventet problem under søgning efter opdateringer. Se Hjælp og support for at få oplysninger om opdateringer om installation eller fejlfinding.

==================== Memory info ===========================

Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 51%
Total physical RAM: 8076.36 MB
Available physical RAM: 3900.34 MB
Total Virtual: 9356.36 MB
Available Virtual: 5121.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:39.33 GB) NTFS

\?\Volume{2677c2c7-0000-0000-0000-100000000000}\ (Reserveret til systemet) (Fixed) (Total:0.54 GB) (Free:0.11 GB) NTFS
\?\Volume{7406a732-81c4-11e8-bd53-a4db30c98a55}\ (Google Drive) (Removable) (Total:8589934592 GB) (Free:8589872725.56 GB) NTFS
\?\Volume{3bd74241-89d0-11e8-bd57-201a0650500b}\ (Google Team Drive) (Removable) (Total:8589934592 GB) (Free:8589934592 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 2677C2C7)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

0 Likes

(f-arn) #7

Hej :slight_smile:

Har du selv slået Systemgendannelse fra :question:

Der er flere ting jeg ikke ka’ li’ i de logs, så vil du godt køre denne ->

Fjern Alle USB nøgler og Externe Harddiske før du kører programmet.

Hent og gem RogueKiller på dit skrivebord.

Den kan også hentes her

Husk at vælge den rigtige version. (32 eller 64 bit)

Deaktiver dit sikkerhedprogram, mens du kører den :exclamation:

Luk alle vinduer og kør “RogueKiller” (Hvis den blokeres, kør den flere gange)

Hvis den slet ikke vil køre, prøv at omdøbe den til winlogon.exe

Mht.: Vista/Windows 7/8 og 10 - Højreklik på filen - Kør som Administrator.

Lad det indledende scan køre.

Tryk SCAN.

Når den har scannet færdig, klikker du på report,gemmer den og kopierer den herind.

Du skal ikke fjerne noget :exclamation:

0 Likes

(Kenneth Høgh) #8

Hej.

Nej det har jeg ikke selv pillet ved.

Her er logfilen:

RogueKiller Anti-Malware V13.1.8.0 (x64) [Mar 12 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : Kenneth [Administrator]
Started from : C:\Users\Kenneth\Desktop\RogueKiller_portable64.exe
Signatures : 20190304_123840, Driver : Loaded
Mode : Standard Scan, Scan – Date : 2019/03/17 08:39:22 (Duration : 00:07:07)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.HPDefender (Potentially Malicious)] (folder) KiTTY – C:\Users\Kenneth\AppData\Roaming\KiTTY -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

0 Likes

(f-arn) #9

Deaktiver dine Sikkerheds programmer, mens “Fixet” kører.

Jeg vedhæfter Fixlist.txt (659 Bytes) Gem den på Skrivebordet ved siden af Farbar Recovery Scan Tool/Farbar Recovery Scan Tool x64 (FRST/FRST64).

Den skal ligge ved siden af FRST/FRST64 :exclamation:

Dette Fix blev skrevet specielt til denne bruger og til brug på denne PC.
Køres dette på en anden PC, kan det forårsage skade, og i værste fald vil PCen ikke starte
.

Start FRST/FRST64 (Farbar Recovery Scan Tool/Farbar Recovery Scan Tool x64) og klik på FIX (og vent til den er færdig)

Luk FRST/FRST64, og lad PCen genstarte.

Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg.

0 Likes

(Kenneth Høgh) #10

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Kenneth (18-03-2019 20:08:16) Run:1
Running from C:\Users\Kenneth\Desktop
Loaded Profiles: Kenneth (Available Profiles: Kenneth)
Boot Mode: Normal

fixlist content:


start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
VirusTotal: C:\WINDOWS\system32\DrtmAuth8.bin;C:\WINDOWS\system32\DrtmAuth7.bin;C:\WINDOWS\system32\DrtmAuth6.bin;C:\WINDOWS\system32\DrtmAuth1.bin;C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-15 14:15 - 2019-03-15 14:15 - 000040448 ____N () C:\Users\Kenneth\AppData\Local\Temp\proxy_vole7752765422857759127.dll
C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Ubiquiti Device Discovery Tool.lnk
C:\WINDOWS\TEMP\b0494a1f-4bd3-owMQN5swJPTJH+ixLIcd2g==\CBFS6Net.dll
cmd: netsh advfirewall reset
EmptyTemp:
end


Error: (0) Failed to create a restore point.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
VirusTotal: C:\WINDOWS\system32\DrtmAuth8.bin => https://www.virustotal.com/file/1fc0d4706a08bc265447ed015d7fec694c3fab6fd8f348a5381d1ff124861ba3/analysis/1552936096/
VirusTotal: C:\WINDOWS\system32\DrtmAuth7.bin => https://www.virustotal.com/file/89d1651afa56a5c5a0d24f8d14a9dc51a836489f88dca586abd90be4d8fd8457/analysis/1552936097/
VirusTotal: C:\WINDOWS\system32\DrtmAuth6.bin => https://www.virustotal.com/file/2a259ac018653aa5fba48dc4657948a3a56be241471226ab96987b9ba8eb6d97/analysis/1552936097/
VirusTotal: C:\WINDOWS\system32\DrtmAuth1.bin => https://www.virustotal.com/file/68d90a5ae9cf16f9eb831f1701b9ccb0185b9db9177f8582bc79812b24c91fb7/analysis/1552936098/
VirusTotal: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll => https://www.virustotal.com/file/c134e088b60ef2ddb016d7790896b7fc3a5660c1a30882816b4fd1db5dd08ee5/analysis/1552936100/
C:\Users\Kenneth\AppData\Local\Temp\proxy_vole7752765422857759127.dll => moved successfully
C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Ubiquiti Device Discovery Tool.lnk => moved successfully
C:\WINDOWS\TEMP\b0494a1f-4bd3-owMQN5swJPTJH+ixLIcd2g==\CBFS6Net.dll => moved successfully

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108804824 B
Java, Flash, Steam htmlcache => 18503275 B
Windows/system/drivers => 5148528 B
Edge => 79360 B
Chrome => 396140324 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 7758 B
NetworkService => 0 B
Kenneth => 7525687 B

RecycleBin => 0 B
EmptyTemp: => 521.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:08:41 ====

0 Likes

(f-arn) lukket #11

Dette emne blev automatisk lukket 7 dage efter det seneste svar. Nye svar er ikke længere tilladt.

0 Likes