Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Eacht time MBAM start scanning , pc shuts down.

Started by HaraMo , Feb 06 2021 01:48 PM

Please log in to reply

#1
HaraMo

Posted 06 February 2021 - 01:48 PM

Member

Member
456 posts

Dear

windows 7 SP1

After second time, starting MBAM and a minute or so, at the same moment, the pc shuts down without a warning.

Googling I found an article maybe it's a file that makes the processor goes high.... heating.

Before I start to scan, even first time with MBAM, I cleaned the pc: the C partition was full, as a result no windows updates were done uninstalling unwanted programms, disk cleanup, ... updating windows update(some) , moving data to other partition. installed cloud apps as onedrive, google drive and dropbox.

Now pc is running better. I have no issue using pc whole day.

But only each time I want to run a MBAM scan, it shutsdown and I do receive a windows message, when the pc starts up.

I can send the dump file if needed.

Logs : after following the steps how to prepari the logs, there is a difference on the photo 's about FRST, in the newest download there is an extra marked as one month. I left it checked, , so in case you need more , I need to rescan with FRST.

Please help.

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 04-02-2021

Gestart door omar (Beheerder) op OMAR-PC (06-02-2021 20:33:50)

Gestart vanaf D:\OneDrive\Bureaublad

Geladen Profielen: omar

Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)

Standaardbrowser: Chrome

Boot Modus: Normal

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

() [Bestand niet getekend] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE

(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE

(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>

(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\115.4.601\QtWebEngineProcess.exe <2>

(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe

(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe <3>

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\omar\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>

(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe

(My Digital Life Forums) [Bestand niet getekend] C:\Windows\KMSServerService\KMS Server Service.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Register (gefilterd) ===================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2012-07-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [Bestand niet getekend]

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\MountPoints2: {4483c628-afb5-11e8-a3d4-f46d041e5c85} - F:\HiSuiteDownLoader.exe

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-07-11] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Bestand niet getekend]

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-06] (Google LLC -> Google LLC)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe [2021-02-06] (Avast Software s.r.o. -> AVAST Software)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

GroupPolicy\User: Restrictie ? <==== AANDACHT

GroupPolicyUsers\S-1-5-21-2521950895-1173571020-801938669-1001\User: Restrictie <==== AANDACHT

Policies: C:\Users\Kinderen\NTUSER.pol: Restrictie <==== AANDACHT

Policies: C:\Users\omar\NTUSER.pol: Restrictie <==== AANDACHT

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT

HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) ============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {037AB38F-BAEB-40B5-9891-F60FDDB89407} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {0F745097-745B-43BF-86F4-5C2A0181507A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {1A1FF87A-F5EE-41BE-829F-42E00F76D7AB} - System32\Tasks\Opera scheduled assistant Autoupdate 1592385696 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kinderen\AppData\Local\Programs\Opera\assistant" $(Arg0)

Task: {265B9C08-7D6B-4ACC-AC3E-707AFC535A11} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)

Task: {29BEC3A8-7547-4418-A76F-9E9967B800C9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)

Task: {32F9CBDE-9125-4850-AA2A-D54AFF6F7080} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

Task: {3E1E100C-DC99-4861-92CC-B8EFC369E552} - System32\Tasks\Opera scheduled Autoupdate 1592385690 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)

Task: {46BCB8ED-64F6-4B26-83A4-46FC008516C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {4A9F0D65-63D6-41FB-A605-ABA047901873} - System32\Tasks\{9F67EE0A-00CD-45CA-A529-456094761FC6} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)

Task: {5ADD07EF-3455-4A49-95C5-4691FE3D6BB5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)

Task: {644E54AD-0E1F-4637-BEBA-8A67F5C6D611} - System32\Tasks\{8D412A4D-0566-4F0C-9826-F2C1B216DF91} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)

Task: {715CECEE-2B0E-492C-9387-A8C3A53CC672} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)

Task: {7E70D8E3-B3AE-4EA1-9AAE-9DB3FA4AA049} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)

Task: {8A56C8FB-DD96-46C1-B722-49C490267D6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)

Task: {8CB36807-0D33-4102-809C-63139B3B22CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)

Task: {9D750327-7C04-4377-9D12-259FD7B6081D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {A2D5E7E3-1463-4BE5-8FCA-DE36CE23AF56} - System32\Tasks\{EB3F6C63-C24F-431E-A3D4-C761C6B3B67F} => C:\Windows\system32\pcalua.exe -a D:\TL-WN821N_V5_driver\Setup.exe -d D:\TL-WN821N_V5_driver

Task: {A5BDB1D9-0E96-4C10-B786-81D1E2FC82C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {ADDC02E0-825A-40F7-973A-3770059AAFF3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)

Task: {BD17B7B7-3CFE-44C3-A1BF-756F2EA720CE} - System32\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {BE0D889B-BDF0-4E97-A330-C87AE551E46F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {CF62986A-9A57-4387-95FA-3E19CFAAF147} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038168 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {D556888A-B55F-4CE4-82F0-681C6A303B45} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3732480 2017-07-05] () [Bestand niet getekend]

Task: {D8EF6D04-D19B-45DC-84B5-CF7E6C5765EA} - System32\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {EE740833-7979-4F9F-8E8A-CB6A2761A1A5} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe

Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3

Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [NameServer] 208.67.222.222,208.67.220.220

Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [DhcpNameServer] 195.130.131.3 195.130.130.3

FireFox:

========

FF DefaultProfile: ni1z7hs4.default-1612611984064

FF ProfilePath: C:\Users\omar\AppData\Roaming\Mozilla\Firefox\Profiles\ni1z7hs4.default-1612611984064 [2021-02-06]

FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Bestand niet getekend]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]

FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)

FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)

Chrome:

=======

CHR DefaultProfile: Profile 2

CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default [2021-02-06]

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Session Restore: Default -> is ingeschakeld.

CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]

CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]

CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]

CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-31]

CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]

CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]

CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]

CHR Extension: (AdBlock - de beste advertentieblokker) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-15]

CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-15]

CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]

CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]

CHR Extension: (SiteBlock) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2018-10-06]

CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]

CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-05]

CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-06]

CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png

CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]

CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]

CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]

CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]

CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-02-06]

CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]

CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]

CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]

CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]

CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]

CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]

CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]

CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]

CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]

CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-06]

CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]

CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]

CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]

CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]

CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]

CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]

CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]

CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]

CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]

CHR Extension: (Connective signing extension) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-02-06]

CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]

CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]

CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]

CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]

CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-06]

CHR HKU\S-1-5-21-2521950895-1173571020-801938669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)

S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\elevation_service.exe [1234712 2021-01-26] (Avast Software s.r.o. -> AVAST Software)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe [73200 2020-12-03] (Google LLC -> Google Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44064 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )

R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2017-07-05] (My Digital Life Forums) [Bestand niet getekend]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> )

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)

R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-10] (Avast Software s.r.o. -> AVAST Software)

R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)

R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-08-11] (Malwarebytes Corporation -> Malwarebytes)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [130592 2021-02-06] (Malwarebytes Inc -> Malwarebytes)

R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2012-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)

S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [802920 2020-08-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)

S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [572632 2020-12-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)

S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1995624 2017-10-20] (Mixlr Ltd -> ShiningMorning Inc.)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

==================== Een maand (aangemaakt) (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2021-02-06 20:32 - 2021-02-06 20:34 - 000000000 ____D C:\FRST

2021-02-06 20:19 - 2021-02-06 20:20 - 000415696 _____ C:\Windows\Minidump\020621-60512-01.dmp

2021-02-06 18:44 - 2021-02-06 18:44 - 000001960 _____ C:\ProgramData\Bureaublad\Google Slides.lnk

2021-02-06 18:44 - 2021-02-06 18:44 - 000001958 _____ C:\ProgramData\Bureaublad\Google Sheets.lnk

2021-02-06 18:44 - 2021-02-06 18:44 - 000001948 _____ C:\ProgramData\Bureaublad\Google Docs.lnk

2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\Program Files\Google

2021-02-06 18:43 - 2021-02-06 18:43 - 001304160 _____ (Google LLC) C:\Users\omar\Downloads\installbackupandsync.exe

2021-02-06 18:26 - 2021-02-06 18:26 - 000000000 ____D C:\Users\omar\AppData\Local\OneDrive

2021-02-06 17:57 - 2021-02-06 20:22 - 000130592 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2021-02-06 17:57 - 2021-02-06 17:57 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys

2021-02-06 17:57 - 2021-02-06 17:57 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2021-02-06 17:53 - 2021-02-06 17:53 - 000003680 ____N C:\bootsqm.dat

2021-02-06 13:01 - 2021-02-06 13:02 - 000415600 _____ C:\Windows\Minidump\020621-70949-01.dmp

2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ C:\Users\omar\AppData\Local\Resmon.ResmonCfg

2021-02-06 12:37 - 2021-02-06 12:37 - 000000831 _____ C:\ProgramData\Bureaublad\VLC media player.lnk

2021-02-06 12:25 - 2021-02-06 12:25 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk

2021-02-06 12:25 - 2021-02-06 12:25 - 000001031 _____ C:\ProgramData\Bureaublad\TeamViewer.lnk

2021-02-06 12:22 - 2021-02-06 12:22 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\omar\Downloads\TeamViewer_Setup.exe

2021-02-06 12:16 - 2021-02-06 12:16 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2021-02-06 12:12 - 2021-02-06 12:12 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

2021-02-06 12:06 - 2021-02-06 12:06 - 000000000 ____D C:\ProgramData\Google

2021-02-06 12:03 - 2021-02-06 12:04 - 017412096 _____ C:\Users\omar\Downloads\chromeremotedesktophost.msi

2021-02-06 12:03 - 2021-02-06 12:03 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps

2021-02-06 11:21 - 2021-02-06 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2021-02-06 11:18 - 2021-02-06 11:18 - 000000000 ____D C:\Users\omar\AppData\Roaming\Dropbox

2021-02-06 11:17 - 2021-02-06 20:24 - 000001006 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

2021-02-06 11:17 - 2021-02-06 20:22 - 000001010 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job

2021-02-06 11:17 - 2021-02-06 11:21 - 000000000 ____D C:\Program Files (x86)\Dropbox

2021-02-06 11:17 - 2021-02-06 11:17 - 000004006 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA

2021-02-06 11:17 - 2021-02-06 11:17 - 000003754 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore

2021-02-06 11:16 - 2021-02-06 20:12 - 000000000 ____D C:\Users\omar\AppData\Local\Dropbox

2021-02-06 11:16 - 2021-02-06 11:16 - 000000000 ____D C:\ProgramData\Dropbox

2021-02-06 11:15 - 2021-02-06 11:15 - 000673400 _____ (Dropbox, Inc.) C:\Users\omar\Downloads\DropboxInstaller.exe

2021-02-06 10:29 - 2021-02-06 10:29 - 000002281 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk

2021-02-06 10:29 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Roaming\Teams

2021-02-06 10:23 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Local\SquirrelTemp

2021-02-06 08:36 - 2021-02-06 08:36 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Teams

2021-02-06 08:34 - 2021-02-06 08:37 - 000000000 ____D C:\Users\Kinderen\AppData\Local\SquirrelTemp

2021-02-06 01:44 - 2021-02-06 18:29 - 000000000 ___RD C:\Users\omar\OneDrive

2021-02-06 01:44 - 2021-02-06 18:26 - 000003170 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2521950895-1173571020-801938669-1000

2021-02-06 01:44 - 2021-02-06 18:25 - 000002154 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

2021-02-06 01:43 - 2021-02-06 01:43 - 000000000 ____D C:\Program Files (x86)\Teams Installer

2021-02-06 01:42 - 2021-02-06 01:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2021-02-06 01:38 - 2021-02-06 18:27 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype voor Bedrijven.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk

2021-02-06 01:38 - 2021-02-06 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's

2021-02-06 01:32 - 2021-02-06 01:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER

2021-02-06 01:27 - 2021-02-06 10:34 - 000000000 ____D C:\Windows\system32\MRT

2021-02-06 00:57 - 2021-02-06 00:57 - 000000000 ____D C:\Program Files\Microsoft Office 15

2021-02-06 00:42 - 2021-02-06 00:42 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Foxit

2021-02-06 00:41 - 2021-02-06 00:41 - 000001351 _____ C:\ProgramData\Bureaublad\Foxit Reader.lnk

2021-02-06 00:40 - 2021-02-06 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

2021-02-06 00:32 - 2021-02-06 00:34 - 100142384 _____ (Foxit Software Inc. ) C:\Users\omar\Downloads\FoxitReader1011_L10N_Setup_Prom.exe

2021-02-05 23:53 - 2021-02-06 12:27 - 000000000 ____D C:\Users\omar\AppData\Local\TeamViewer

2021-02-05 23:52 - 2021-02-05 23:52 - 019228952 _____ (TeamViewer) C:\Users\omar\Downloads\TeamViewerQS.exe

2021-02-05 23:48 - 2021-02-05 23:48 - 006240742 _____ (TeamViewer) C:\Users\omar\Downloads\Niet bevestigd 103651.crdownload

2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys

2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys

2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys

2021-02-03 12:50 - 2021-02-03 12:50 - 000044064 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe

2021-02-03 11:45 - 2021-02-03 11:45 - 000092590 _____ C:\Users\Kinderen\Downloads\Uittreksel strafregister - 82020321474.pdf

2021-02-03 11:33 - 2021-02-03 11:33 - 000032588 _____ C:\Users\Kinderen\Downloads\FW__attesten.zip

2021-02-03 11:25 - 2021-02-03 11:25 - 000066165 _____ C:\Users\Kinderen\Downloads\202101_MB_28202031893.pdf

2021-02-03 11:02 - 2021-02-03 11:02 - 000006294 _____ C:\Users\Kinderen\Downloads\2021-01-29-1756-attest-quarantaine-covid-19-omar-arfala.pdf

2021-02-02 13:30 - 2021-02-02 13:33 - 475384967 _____ C:\Users\Kinderen\Downloads\y2mate.com - I Became a BOXING LEGEND Roblox_1080pFHR (1).mp4

2021-02-01 20:20 - 2021-02-01 20:21 - 150993828 _____ C:\Users\Kinderen\Downloads\movvie moussa 2.mp4

2021-02-01 20:07 - 2021-02-01 20:07 - 000001114 _____ C:\Users\Kinderen\Downloads\Afbeeldingen - Snelkoppeling.lnk

2021-02-01 20:06 - 2021-02-01 20:08 - 356672339 _____ C:\Users\Kinderen\Downloads\movie.moussa.mp4

2021-02-01 00:04 - 2021-02-01 00:04 - 000124010 _____ C:\Users\Kinderen\Downloads\Excel-woordpakketten-5de-2.xlsx

2021-01-28 19:49 - 2021-01-28 19:49 - 000043008 _____ C:\Users\Kinderen\Downloads\Arfala Iessa.xls

2021-01-27 09:32 - 2021-01-27 09:32 - 000387372 _____ C:\Users\Kinderen\Downloads\berichten1088588 (1).zip

2021-01-27 09:31 - 2021-01-27 09:31 - 000387372 _____ C:\Users\Kinderen\Downloads\berichten1088588.zip

2021-01-27 08:43 - 2021-01-27 08:47 - 001049697 _____ C:\Users\Kinderen\Downloads\berichten1088646.zip

2021-01-23 21:37 - 2021-01-23 21:37 - 000071025 _____ C:\Users\Kinderen\Downloads\script_whiteboard_stob.pdf

2021-01-19 15:33 - 2021-01-19 15:33 - 000073529 _____ C:\Users\Kinderen\Downloads\barista-eform-4416a2c65469459819835561946.pdf

2021-01-18 17:38 - 2021-01-18 17:38 - 000436736 _____ C:\Users\Kinderen\Downloads\toets_Belgie.pub

2021-01-18 17:38 - 2021-01-18 17:38 - 000436736 _____ C:\Users\Kinderen\Downloads\toets_Belgie (1).pub

2021-01-16 07:36 - 2021-02-06 11:36 - 000000000 ____D C:\Windows\system32\appmgmt

2021-01-16 07:11 - 2021-01-16 07:11 - 000000000 _____ C:\Users\Kinderen\Downloads\Niet bevestigd 198196.crdownload

2021-01-16 07:06 - 2021-01-16 07:07 - 001588208 _____ (Roblox Corporation) C:\Users\Kinderen\Downloads\RobloxPlayerLauncher (6).exe

2021-01-09 07:50 - 2021-01-09 07:50 - 001588208 _____ (Roblox Corporation) C:\Users\Kinderen\Downloads\RobloxPlayerLauncher (5).exe

==================== Een maand (gewijzigd) ==================

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2021-02-06 20:32 - 2017-07-05 22:07 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeraCopy

2021-02-06 20:22 - 2017-07-05 22:04 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update

2021-02-06 20:22 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2021-02-06 20:20 - 2017-07-05 22:15 - 000000000 ____D C:\ProgramData\NVIDIA

2021-02-06 20:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2021-02-06 20:19 - 2019-02-03 08:57 - 000000000 ____D C:\Windows\Minidump

2021-02-06 19:28 - 2019-02-15 09:31 - 000000000 ____D C:\Users\omar\AppData\Roaming\Skype

2021-02-06 19:26 - 2019-02-15 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2021-02-06 19:24 - 2017-07-08 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK

2021-02-06 19:24 - 2017-07-05 21:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2021-02-06 19:23 - 2017-07-05 22:25 - 000000000 ____D C:\Users\omar\AppData\Local\CrashDumps

2021-02-06 19:14 - 2017-07-05 21:47 - 000000000 ____D C:\Users\omar

2021-02-06 18:44 - 2017-12-31 13:04 - 000000000 ____D C:\Users\omar\AppData\Local\Google

2021-02-06 18:40 - 2017-07-05 22:02 - 000000000 ____D C:\ProgramData\AVAST Software

2021-02-06 18:35 - 2018-03-26 13:16 - 000000000 ____D C:\Users\omar\AppData\Local\AVAST Software

2021-02-06 18:04 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2021-02-06 18:04 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2021-02-06 16:12 - 2017-07-05 22:02 - 000110768 _____ C:\Users\omar\AppData\Local\GDIPFONTCACHEV1.DAT

2021-02-06 13:02 - 2009-07-14 05:45 - 000432616 _____ C:\Windows\system32\FNTCACHE.DAT

2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2021-02-06 12:53 - 2017-07-05 22:00 - 000001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk

2021-02-06 12:53 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\TeraCopy

2021-02-06 12:53 - 2017-07-05 21:53 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Mozilla

2021-02-06 12:38 - 2017-09-04 19:04 - 000000000 ____D C:\Users\omar\AppData\Roaming\vlc

2021-02-06 12:17 - 2020-08-11 22:22 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

2021-02-06 12:17 - 2019-11-17 15:41 - 000001908 _____ C:\ProgramData\Bureaublad\Malwarebytes.lnk

2021-02-06 12:16 - 2020-08-16 11:50 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys

2021-02-06 12:12 - 2020-01-28 18:46 - 000000000 ____D C:\Users\omar\AppData\Roaming\Zoom

2021-02-06 12:04 - 2017-12-31 13:03 - 000000000 ____D C:\Program Files (x86)\Google

2021-02-06 11:44 - 2017-07-05 23:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-02-06 11:44 - 2017-07-05 23:13 - 000000000 ____D C:\Program Files\Microsoft Office

2021-02-06 11:44 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared

2021-02-06 11:42 - 2009-07-14 10:57 - 000000000 ____D C:\Windows\ShellNew

2021-02-06 11:39 - 2020-03-25 18:00 - 000000000 ____D C:\Program Files (x86)\Mixlr

2021-02-06 11:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf

2021-02-06 11:38 - 2017-07-24 21:48 - 000000000 ____D C:\Program Files (x86)\Athan

2021-02-06 11:32 - 2020-08-13 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software

2021-02-06 11:32 - 2020-08-13 10:33 - 000000000 ____D C:\Users\omar\AppData\Roaming\Tencent

2021-02-06 11:31 - 2020-03-22 16:36 - 000000000 ____D C:\Users\omar\AppData\Local\Roblox

2021-02-06 11:23 - 2019-11-17 15:42 - 000000000 ____D C:\Users\omar\AppData\Local\cache

2021-02-06 10:35 - 2017-07-05 22:00 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeamViewer

2021-02-06 09:03 - 2020-01-05 17:44 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2021-02-06 08:59 - 2019-11-17 16:39 - 000000000 ____D C:\Users\Kinderen\AppData\Local\CrashDumps

2021-02-06 08:40 - 2020-06-28 08:04 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-02-06 08:40 - 2020-06-28 08:04 - 000002192 _____ C:\ProgramData\Bureaublad\Microsoft Edge.lnk

2021-02-06 08:37 - 2019-11-17 16:36 - 000112712 _____ C:\Users\Kinderen\AppData\Local\GDIPFONTCACHEV1.DAT

2021-02-06 03:19 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\WinRAR

2021-02-06 03:00 - 2017-12-31 13:03 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2021-02-06 02:47 - 2018-03-26 13:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk

2021-02-06 02:46 - 2019-04-12 06:00 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)

2021-02-06 02:03 - 2019-11-17 16:36 - 000001074 _____ C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2021-02-06 02:03 - 2017-07-05 21:47 - 000001074 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2021-02-06 00:42 - 2017-08-28 13:14 - 000000000 ____D C:\ProgramData\Foxit Software

2021-02-06 00:34 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\system32\Macromed

2021-02-06 00:33 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2021-02-06 00:27 - 2018-01-02 12:37 - 000000000 ____D C:\ProgramData\Cold Turkey

2021-02-06 00:00 - 2020-11-01 16:36 - 000003446 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b05e61539d0e

2021-02-06 00:00 - 2020-06-28 08:03 - 000003574 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2021-02-06 00:00 - 2017-12-31 13:03 - 000003490 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA

2021-02-06 00:00 - 2017-12-31 13:03 - 000003362 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

2021-02-06 00:00 - 2017-12-07 07:44 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software

2021-02-05 08:16 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen\AppData\Local\Greenshot

2021-02-02 14:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF

2021-02-02 08:50 - 2018-01-09 11:33 - 000000000 ____D C:\ProgramData\CanonIJPLM

2021-02-01 20:11 - 2009-07-14 10:16 - 000745748 _____ C:\Windows\system32\perfh013.dat

2021-02-01 20:11 - 2009-07-14 10:16 - 000153700 _____ C:\Windows\system32\perfc013.dat

2021-02-01 20:11 - 2009-07-14 06:13 - 001670888 _____ C:\Windows\system32\PerfStringBackup.INI

2021-02-01 00:08 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen

2021-01-29 09:12 - 2020-02-25 11:21 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\vlc

2021-01-24 21:22 - 2020-01-05 17:44 - 000000256 _____ C:\Users\Kinderen\AppData\LocalLow\rbxcsettings.rbx

2021-01-16 08:14 - 2020-02-25 09:28 - 000000000 ____D C:\found.003

2021-01-14 20:19 - 2020-06-17 10:21 - 000004074 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1592385690

2021-01-09 08:18 - 2020-01-05 17:44 - 000000000 ____D C:\Users\Kinderen\AppData\Local\Roblox

2021-01-08 12:38 - 2017-07-05 22:03 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2021-01-07 16:38 - 2020-12-10 00:38 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2021-01-07 12:38 - 2017-07-05 22:03 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys

==================== Bestanden in de root van sommige mappen ========

2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ () C:\Users\omar\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

LastRegBack: 2021-02-01 08:49

==================== Einde van FRST.txt ========================

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 04-02-2021

Gestart door omar (06-02-2021 20:39:11)

Gestart vanaf D:\OneDrive\Bureaublad

Windows 7 Professional Service Pack 1 (X64) (2017-07-05 20:46:57)

Boot Modus: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2521950895-1173571020-801938669-500 - Administrator - Disabled)

Gast (S-1-5-21-2521950895-1173571020-801938669-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2521950895-1173571020-801938669-1003 - Limited - Enabled)

Kinderen (S-1-5-21-2521950895-1173571020-801938669-1001 - Limited - Enabled) => C:\Users\Kinderen

omar (S-1-5-21-2521950895-1173571020-801938669-1000 - Administrator - Enabled) => C:\Users\omar

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)

Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.0.7844.104 - De auteurs van Avast Secure Browser)

Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden

Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)

Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)

Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)

Chrome Remote Desktop Host (HKLM-x32\...\{16044E2C-5ADC-4C34-B2FB-5A2E0B6908F6}) (Version: 88.0.4324.33 - Google Inc.)

Dropbox (HKLM-x32\...\Dropbox) (Version: 115.4.601 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)

Gebruikersregistratie voor Canon MG5700 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5700 series) (Version: - ‭Canon Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)

GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.5 - Intel)

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)

Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)

Microsoft .NET Framework 4.8 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.8.03761 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)

Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )

Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.12527.21504 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft Teams (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Mozilla Firefox 72.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 72.0.2 (x64 nl)) (Version: 72.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)

NVIDIA 3D Vision controllerstuurprogramma 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)

NVIDIA Grafisch stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)

NVIDIA HD Audio-stuurprogramma 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)

NVIDIA PhysX Systeem Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden

OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )

Pokémon Trading Card Game Online (HKLM-x32\...\{F72A85B1-30EA-4555-B45D-C5CE169ACA4D}) (Version: 2.74.0 - The Pokémon Company International)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)

Skype versie 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)

Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)

TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)

TeraCopy version 3.5 (HKLM\...\TeraCopy_is1) (Version: 3.5 - Code Sector)

TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Zoom (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\ZoomUMX) (Version: 5.5.1 (12488.0202) - Zoom Video Communications, Inc.)

==================== Aangepaste CLSID (gefilterd): ==============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)

ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )

ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)

ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )

==================== Codecs (gefilterd) ====================

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

ShortcutWithArgument: C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Geladen Modules (gefilterd) =============

2021-02-06 20:25 - 2021-02-06 20:25 - 000114176 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_ctypes.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000172544 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_elementtree.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 002255872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_hashlib.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000032256 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_multiprocessing.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000046080 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_psutil_windows.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000047616 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_socket.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 002824704 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_ssl.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000026112 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_yappi.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000080896 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\bz2.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000015872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\common.time34.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000007680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\hashobjs_ext.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000301568 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\PIL._imaging.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000168448 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pyexpat.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 001084416 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pysqlite2._sqlite.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000548864 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pythoncom27.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 000137728 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pywintypes27.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 000010752 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\select.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000020992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\thumbnails_ext.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000689664 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\unicodedata.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000119808 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\usb_ext.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000128512 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32api.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000438784 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32com.shell.shell.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000011776 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32crypt.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000023040 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32event.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000149504 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32file.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000223232 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32gui.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000048128 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32inet.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000029696 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32pdh.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000027648 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32pipe.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000044032 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32process.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000020480 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32profile.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000136192 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32security.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000026624 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32ts.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000034304 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.conditional.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000037888 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.connectivity.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000071680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.device_monitor.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000103936 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.volumes.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000019968 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.winwrap.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 001325056 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._controls_.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 001489408 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._core_.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 001007104 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._gdi_.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000103424 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._html2.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 000916992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._misc_.pyd

2021-02-06 20:25 - 2021-02-06 20:25 - 001039872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._windows_.pyd

2018-11-05 21:07 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll

2018-11-05 21:07 - 2015-01-09 08:45 - 000008704 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_NLD.DLL

2018-01-09 11:33 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJPLM\cnmpu2.dll

2018-11-05 21:13 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll

2018-11-05 21:13 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll

2018-01-09 11:42 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [Bestand niet getekend] C:\Windows\System32\CNMN6PPM.DLL

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\ucrtbase.DLL

2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\VCRUNTIME140.dll

2021-02-06 11:35 - 2021-02-06 11:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020600\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\MSVCP140.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\ucrtbase.DLL

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140.dll

2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140_1.dll

2021-02-06 01:05 - 2021-02-06 01:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll

2021-02-06 01:05 - 2021-02-06 01:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

2017-12-10 03:03 - 2017-10-27 17:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

2017-12-10 03:04 - 2017-10-27 17:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 003043328 _____ (Python Software Foundation) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\python27.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 000202240 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxbase30u_net_vc90_x64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 002831872 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxbase30u_vc90_x64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 001654784 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_adv_vc90_x64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 006542336 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_core_vc90_x64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 000773632 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_html_vc90_x64.dll

2021-02-06 20:25 - 2021-02-06 20:25 - 000137216 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (gefilterd) ========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]

==================== Veilige Modus (gefilterd) ==================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) =================

==================== Internet Explorer (Versie 11) (gefilterd) ==========

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\sharepoint.com -> hxxps://adite-files.sharepoint.com

==================== Hosts inhoud: =========================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 03:34 - 2019-01-04 08:43 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere gebieden ===========================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-2521950895-1173571020-801938669-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\omar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 208.67.222.222 - 208.67.220.220

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

==================== Firewall regels (gefilterd) ================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B7C7F1E6-B620-40B2-AD7C-6EFCCA078229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{E9470E03-8635-4FDB-ADED-5F54D179152F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand

FirewallRules: [{4F2217C1-A417-4E2F-9BD7-DCBB09921A01}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand

FirewallRules: [{767CDB33-2270-47EE-BD24-3571170D0B40}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand

FirewallRules: [{CA1160CD-1267-47ED-A78C-C590AC179E42}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand

FirewallRules: [TCP Query User{B3E1862B-4074-491B-8C6A-ED135629DCF3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [UDP Query User{C365B3E4-B724-4003-A3A9-01AF44D8484A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{80CD056E-E4D1-4DC0-8940-4679EBAC8287}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand

FirewallRules: [{A681F3AC-0DC7-4EF0-A144-B3118666DC40}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand

FirewallRules: [{823424AC-9A49-4197-8DD6-8727F4BF493F}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand

FirewallRules: [{0DB1FA5E-3C05-4B75-AC38-225389E4C966}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand

FirewallRules: [{ACAACD1A-3E98-47F7-A253-74F981FC1832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{56E0F94C-B504-4241-8085-786D0D5CD7EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{B63DB91E-9599-4DD6-B856-D15997DDF085}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{9D323FF3-F0C9-466B-8551-2E5DD86AFF8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{8BBD55AA-46D4-4743-9652-ABFB38F03210}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{7AFAFE3C-427C-43C1-B606-E4C704533D81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{DF000D1D-6B2E-423F-8658-F4836589BD52}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{FC9F0179-8212-4AAC-B07E-20CD401F2265}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\airhost.exe => Geen bestand

FirewallRules: [TCP Query User{E7D6F5E5-5CE3-4FCD-8B4E-6ABA06F04F15}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand

FirewallRules: [UDP Query User{9DDBC3AA-15F2-4CCA-9311-E44AB1C8A79C}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand

FirewallRules: [TCP Query User{CD3A8046-EA56-49C4-87A6-8DB7AAC8B232}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand

FirewallRules: [UDP Query User{EBB4B77A-6118-48FE-ACBF-7431650140FA}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand

FirewallRules: [TCP Query User{9BA05B6A-E323-438D-9FD6-476D87F12EE0}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand

FirewallRules: [UDP Query User{3DE2CB83-A80D-4260-88ED-075C79A797B2}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand

FirewallRules: [TCP Query User{91AC7EC7-2440-4C63-8977-E5EF2BE5F5CE}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand

FirewallRules: [UDP Query User{AA669EE6-01D1-489A-B61F-9D10A058B94F}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand

FirewallRules: [{6B99CF14-C115-4EEC-90DC-9E5B8B180DAC}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{F4A19A33-9173-4071-BDBE-F558240BE4B5}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{F1E31BE7-D448-45C9-8F3A-ADB8B0864EF6}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{65332082-D127-4139-ADE9-65445B6E6010}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [{1402D348-4727-49D0-9ED0-F3FA2CAFF746}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [{23579066-29A1-4889-A238-6AE83E3C9ADE}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [{5D12AAB6-D7A8-4254-85C3-B084B9AE6140}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [{E6D5F7A0-F146-458C-9353-5C065EA3EFF3}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [TCP Query User{3D99CB92-CA78-476A-854E-B19C7481D9C4}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand

FirewallRules: [UDP Query User{139EBA71-5F02-4C3B-9894-E9386D57D40A}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand

FirewallRules: [{5B63A12B-25C5-4180-BC3C-540EA5A6839A}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [{22CAB938-A578-4E08-9479-680FAA8051CB}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand

FirewallRules: [TCP Query User{334DD5F7-BF0B-42D0-8F0A-853ACA790155}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand

FirewallRules: [UDP Query User{0B43D609-4274-4124-9701-C3F94BF7935E}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand

FirewallRules: [{69281D11-81AC-4D09-B709-0D55FE6C51B9}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Geen bestand

FirewallRules: [TCP Query User{201B0D92-CAE8-4F94-BD3B-D5BC1FB4AA46}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand

FirewallRules: [UDP Query User{5FDFB8A5-7294-48C5-A85A-E1DE7341C40C}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand

FirewallRules: [TCP Query User{77F4C424-74F7-4BEE-A1F1-7EF9CBD94EF0}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand

FirewallRules: [UDP Query User{B8E13F95-2D96-4FBB-90B3-DF8259DBFCBD}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand

FirewallRules: [{C836DECF-176A-464A-94EE-CEF6CD93BA91}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{BCAD8BC0-A475-419B-865E-B204E8A99D43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{DE0E4F9B-463D-4CC0-B066-EFDE90D4075D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{CC900573-5D4F-473E-8E6D-21EF930DBDBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3DBD019B-6563-450E-8866-0A53519E0AA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{09B394C0-0755-4AB0-A99A-394533B67FD3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{4CD53674-1BC2-436F-839E-540049ECBEA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{86932603-17E4-4EF8-81A7-AC37DB155DA8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{13801A05-9309-422F-BA2B-5D8792338FE7}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe (Google LLC -> Google Inc.)

FirewallRules: [{C0483B50-45EB-4235-9E12-1A1EAE381A79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{8E105023-0F0C-44BE-B2B4-73105D002729}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{8FC1C608-AA1A-408C-9637-C37069D34463}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{16066DD5-608F-4C01-93F3-54DA79B4494C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{D8469D98-01D4-4B1B-9299-8D28B6551E5A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{3BD7DCBC-A937-4ED8-BCD1-DAB7740A19F4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Herstelpunten =========================

06-02-2021 15:28:53 Gepland controlepunt

06-02-2021 19:24:20 Removed TP-LINK Wireless Configuration Utility

==================== Defecte Apparaatbeheer Apparaten ============

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications-controller

Description: PCI Simple Communications-controller

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Eventlog fouten: ========================

Applicatiefouten:

==================

Error: (02/06/2021 07:23:32 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x00000000

Id van proces met fout: 0x27b0

Starttijd van toepassing met fout: 0x01d6fcb52951a457

Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

Pad naar module met fout: unknown

Rapport-id: 6a70f7b9-68a8-11eb-ac40-f46d041e5c85

Error: (02/06/2021 06:14:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x00000000

Id van proces met fout: 0x20a8

Starttijd van toepassing met fout: 0x01d6fcab7d0e775c

Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

Pad naar module met fout: unknown

Rapport-id: bcde47e4-689e-11eb-ac40-f46d041e5c85

Error: (02/06/2021 06:13:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x00000000

Id van proces met fout: 0x1a48

Starttijd van toepassing met fout: 0x01d6fcab7131566b

Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

Pad naar module met fout: unknown

Rapport-id: b2b8c87e-689e-11eb-ac40-f46d041e5c85

Error: (02/06/2021 06:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x00000000

Id van proces met fout: 0x1674

Starttijd van toepassing met fout: 0x01d6fcaa07ed4bf1

Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

Pad naar module met fout: unknown

Rapport-id: 52e846ea-689d-11eb-ac40-f46d041e5c85

Error: (02/06/2021 04:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x00000000

Id van proces met fout: 0x15c8

Starttijd van toepassing met fout: 0x01d6fc9f83ea8f9a

Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

Pad naar module met fout: unknown

Rapport-id: d9ef35e4-6892-11eb-8627-f46d041e5c85

Error: (02/06/2021 04:46:20 PM) (Source: chromoting) (EventID: 3) (User: )

Description: Toegang geweigerd voor client: [email protected]/chromoting_ftl_f53c0687-b2b7-4e5b-be44-1c8e270e1d12.

Error: (02/06/2021 04:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Naam van toepassing met fout: GoogleUpdate.exe, versie: 1.3.30.3, tijdstempel: 0x57107cd1

Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000

Uitzonderingscode: 0xc0000005

Foutoffset: 0x02f97584

Id van proces met fout: 0x1444

Starttijd van toepassing met fout: 0x01d6fc9ec0e40791

Pad naar toepassing met fout: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Pad naar module met fout: unknown

Rapport-id: ff09f89f-6891-11eb-ab89-f46d041e5c85

Error: (02/06/2021 04:43:03 PM) (Source: Google Update) (EventID: 1) (User: NT AUTHORITY)

Description: Event-ID 1

Systeemfouten:

=============

Error: (02/06/2021 08:30:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: De Windows Update-service is bij het starten vastgelopen.

Error: (02/06/2021 08:25:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TeamViewer.

Error: (02/06/2021 08:20:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)

Description: WLAN-uitbreidingsmodule kan niet worden gestart.

Pad naar module: C:\Windows\system32\Rtlihvs.dll

Foutcode: 126

Error: (02/06/2021 08:20:07 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: De computer is opnieuw opgestart na een bugcontrole. De bugcontrole is 0x0000007a (0xfffff6fc400082a8, 0xffffffffc0000185, 0x000020011248d860, 0xfffff8800105593c). Er is een dump opgeslagen in: C:\Windows\MEMORY.DMP. Rapport-id: 020621-60512-01.

Error: (02/06/2021 08:19:55 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: De vorige afsluiting van het systeem om 20:17:30 op ‎6/‎02/‎2021 is onverwacht gebeurd.

Error: (02/06/2021 08:18:55 PM) (Source: atapi) (EventID: 11) (User: )

Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.

Error: (02/06/2021 08:18:55 PM) (Source: atapi) (EventID: 11) (User: )

Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.

Error: (02/06/2021 07:29:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: De volgende melding van een onherstelbare fout is ontvangen: 70.

==================== Geheugen info ===========================

BIOS: American Megatrends Inc. 1502 03/02/2011

Moederbord: ASUSTeK Computer INC. P8P67 PRO

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz

Percentage geheugen in gebruik: 92%

Totaal fysiek RAM-geheugen: 4072.95 MB

Beschikbaar fysiek RAM-geheugen: 294.2 MB

Totaal Virtueel geheugen: 17383.09 MB

Beschikbaar Virtueel geheugen: 13037.91 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:136.62 GB) (Free:61.67 GB) NTFS

Drive d: (Data) (Fixed) (Total:329.04 GB) (Free:312.65 GB) NTFS

\\?\Volume{17b560d9-61b9-11e7-a249-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitietabel ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 000F08CA)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=136.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=329 GB) - (Type=07 NTFS)

==================== Einde van Addition.txt =======================

#2
RKinner

Posted 06 February 2021 - 05:56 PM

Malware Expert

Expert
24,625 posts

OK. You have a coin miner called: Vnlgp

HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT

and something else suspicious:

AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]

Alternate Data Streams are hidden files that ride on other files. Don't know why Microsoft thought this would be a good idea tho some anti-viruses do use Alternate Data Streams to tag files they have checked.

I would uninstall TeamViewer as it is not working correctly. Also do you really need Chrome Remote Desktop?

Let's get rid of the miner and the Alternate Data Stream and some dead wood with a fixlist:

Download the attached fixlist.txt to the same location as FRST

fixlist.txt 16.12KB 198 downloads

Run FRST (Right click and Run As Admin)

and press Fix

It's also going to check your system files so will take about 15 minutes to complete. It will reboot when done.
A fix log will be generated please post that

Run FRST again but this time make sure Addition.txt is checked and hit Scan. Post both logs.

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into a reply.

Multiple replies are OK. Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name.   Open the file on your desktop and copy and paste the text to a reply.

Copy the next 2 lines:

TASKLIST /SVC > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/

(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER.    Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds. Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.

Click on the Drivers Tab. Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.
Click on the Processes tab then click on the "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column. Take a screen shot (save as type jpg) and attach it.

#3
HaraMo

Posted 07 February 2021 - 01:23 AM

Member

Topic Starter
Member
456 posts

fixlog

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 04-02-2021

Gestart door omar (07-02-2021 07:57:33) Run:1

Gestart vanaf D:\OneDrive\Bureaublad

Geladen Profielen: omar

Boot Modus: Normal

==============================================

fixlist inhoud:

*****************

CMD: type C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd

File: C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd

HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT

C:\Users\omar\AppData\Roaming\vnlgp

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe

Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe

File: C:\Windows\System32:tdsrset_i.gfc

AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]

S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [802920 2020-08-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)

S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [572632 2020-12-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)

S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1995624 2017-10-20] (Mixlr Ltd -> ShiningMorning Inc.)

irewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand