Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Eacht time MBAM start scanning , pc shuts down.


  • Please log in to reply

#1
HaraMo

HaraMo

    Member

  • Member
  • PipPipPip
  • 453 posts

Dear

 

windows 7 SP1 

 

After second time, starting MBAM and a minute or so, at the same moment, the pc shuts down without a warning.

 

Googling I found an article maybe it's a file that makes the processor goes high.... heating.

 

 

Before I start to scan, even first time with MBAM, I cleaned the pc: the C partition was full, as a result no windows updates were done uninstalling unwanted  programms, disk cleanup, ...  updating windows update(some) , moving data to other partition. installed cloud apps as onedrive, google drive and dropbox.

 

Now pc is running better. I have no issue  using pc whole day.

 

But only each time I want to run a MBAM scan, it shutsdown and I do receive a windows message, when the pc starts up.

 

I can send the dump file if needed.

 

Logs : after following the steps how to prepari the logs, there is a difference on the photo 's about FRST, in the newest download there is an extra marked as one month. I left it checked, , so in case you need more , I need to rescan with FRST.

 

Please help.

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 04-02-2021
Gestart door omar (Beheerder) op OMAR-PC (06-02-2021 20:33:50)
Gestart vanaf D:\OneDrive\Bureaublad
Geladen Profielen: omar
Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Chrome
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
 
() [Bestand niet getekend] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\115.4.601\QtWebEngineProcess.exe <2>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\omar\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(My Digital Life Forums) [Bestand niet getekend] C:\Windows\KMSServerService\KMS Server Service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
 
==================== Register (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2012-07-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [Bestand niet getekend]
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\MountPoints2: {4483c628-afb5-11e8-a3d4-f46d041e5c85} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-07-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Bestand niet getekend]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe [2021-02-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
GroupPolicy\User: Restrictie ? <==== AANDACHT
GroupPolicyUsers\S-1-5-21-2521950895-1173571020-801938669-1001\User: Restrictie <==== AANDACHT
Policies: C:\Users\Kinderen\NTUSER.pol: Restrictie <==== AANDACHT
Policies: C:\Users\omar\NTUSER.pol: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
 
==================== Geplande Taken (gefilterd) ============
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {037AB38F-BAEB-40B5-9891-F60FDDB89407} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F745097-745B-43BF-86F4-5C2A0181507A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A1FF87A-F5EE-41BE-829F-42E00F76D7AB} - System32\Tasks\Opera scheduled assistant Autoupdate 1592385696 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kinderen\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {265B9C08-7D6B-4ACC-AC3E-707AFC535A11} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29BEC3A8-7547-4418-A76F-9E9967B800C9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {32F9CBDE-9125-4850-AA2A-D54AFF6F7080} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
Task: {3E1E100C-DC99-4861-92CC-B8EFC369E552} - System32\Tasks\Opera scheduled Autoupdate 1592385690 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {46BCB8ED-64F6-4B26-83A4-46FC008516C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A9F0D65-63D6-41FB-A605-ABA047901873} - System32\Tasks\{9F67EE0A-00CD-45CA-A529-456094761FC6} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {5ADD07EF-3455-4A49-95C5-4691FE3D6BB5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {644E54AD-0E1F-4637-BEBA-8A67F5C6D611} - System32\Tasks\{8D412A4D-0566-4F0C-9826-F2C1B216DF91} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {715CECEE-2B0E-492C-9387-A8C3A53CC672} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7E70D8E3-B3AE-4EA1-9AAE-9DB3FA4AA049} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)
Task: {8A56C8FB-DD96-46C1-B722-49C490267D6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {8CB36807-0D33-4102-809C-63139B3B22CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)
Task: {9D750327-7C04-4377-9D12-259FD7B6081D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2D5E7E3-1463-4BE5-8FCA-DE36CE23AF56} - System32\Tasks\{EB3F6C63-C24F-431E-A3D4-C761C6B3B67F} => C:\Windows\system32\pcalua.exe -a D:\TL-WN821N_V5_driver\Setup.exe -d D:\TL-WN821N_V5_driver
Task: {A5BDB1D9-0E96-4C10-B786-81D1E2FC82C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADDC02E0-825A-40F7-973A-3770059AAFF3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {BD17B7B7-3CFE-44C3-A1BF-756F2EA720CE} - System32\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BE0D889B-BDF0-4E97-A330-C87AE551E46F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF62986A-9A57-4387-95FA-3E19CFAAF147} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038168 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D556888A-B55F-4CE4-82F0-681C6A303B45} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3732480 2017-07-05] () [Bestand niet getekend]
Task: {D8EF6D04-D19B-45DC-84B5-CF7E6C5765EA} - System32\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {EE740833-7979-4F9F-8E8A-CB6A2761A1A5} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
 
(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3
Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [DhcpNameServer] 195.130.131.3 195.130.130.3
 
FireFox:
========
FF DefaultProfile: ni1z7hs4.default-1612611984064
FF ProfilePath: C:\Users\omar\AppData\Roaming\Mozilla\Firefox\Profiles\ni1z7hs4.default-1612611984064 [2021-02-06]
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Bestand niet getekend]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default [2021-02-06]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is ingeschakeld.
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-31]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (AdBlock - de beste advertentieblokker) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-15]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-15]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (SiteBlock) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2018-10-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-05]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-06]
CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-02-06]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-06]
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]
CHR Extension: (Connective signing extension) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-02-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-06]
CHR HKU\S-1-5-21-2521950895-1173571020-801938669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\elevation_service.exe [1234712 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe [73200 2020-12-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44064 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2017-07-05] (My Digital Life Forums) [Bestand niet getekend]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-08-11] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [130592 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2012-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [802920 2020-08-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [572632 2020-12-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1995624 2017-10-20] (Mixlr Ltd -> ShiningMorning Inc.)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een maand (aangemaakt) (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
 
2021-02-06 20:32 - 2021-02-06 20:34 - 000000000 ____D C:\FRST
2021-02-06 20:19 - 2021-02-06 20:20 - 000415696 _____ C:\Windows\Minidump\020621-60512-01.dmp
2021-02-06 18:44 - 2021-02-06 18:44 - 000001960 _____ C:\ProgramData\Bureaublad\Google Slides.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000001958 _____ C:\ProgramData\Bureaublad\Google Sheets.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000001948 _____ C:\ProgramData\Bureaublad\Google Docs.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\Program Files\Google
2021-02-06 18:43 - 2021-02-06 18:43 - 001304160 _____ (Google LLC) C:\Users\omar\Downloads\installbackupandsync.exe
2021-02-06 18:26 - 2021-02-06 18:26 - 000000000 ____D C:\Users\omar\AppData\Local\OneDrive
2021-02-06 17:57 - 2021-02-06 20:22 - 000130592 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-02-06 17:57 - 2021-02-06 17:57 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-02-06 17:57 - 2021-02-06 17:57 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-02-06 17:53 - 2021-02-06 17:53 - 000003680 ____N C:\bootsqm.dat
2021-02-06 13:01 - 2021-02-06 13:02 - 000415600 _____ C:\Windows\Minidump\020621-70949-01.dmp
2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ C:\Users\omar\AppData\Local\Resmon.ResmonCfg
2021-02-06 12:37 - 2021-02-06 12:37 - 000000831 _____ C:\ProgramData\Bureaublad\VLC media player.lnk
2021-02-06 12:25 - 2021-02-06 12:25 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-02-06 12:25 - 2021-02-06 12:25 - 000001031 _____ C:\ProgramData\Bureaublad\TeamViewer.lnk
2021-02-06 12:22 - 2021-02-06 12:22 - 029352480 _____ (TeamViewer Germany GmbH) C:\Users\omar\Downloads\TeamViewer_Setup.exe
2021-02-06 12:16 - 2021-02-06 12:16 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-06 12:12 - 2021-02-06 12:12 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-06 12:06 - 2021-02-06 12:06 - 000000000 ____D C:\ProgramData\Google
2021-02-06 12:03 - 2021-02-06 12:04 - 017412096 _____ C:\Users\omar\Downloads\chromeremotedesktophost.msi
2021-02-06 12:03 - 2021-02-06 12:03 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2021-02-06 11:21 - 2021-02-06 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-06 11:18 - 2021-02-06 11:18 - 000000000 ____D C:\Users\omar\AppData\Roaming\Dropbox
2021-02-06 11:17 - 2021-02-06 20:24 - 000001006 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-02-06 11:17 - 2021-02-06 20:22 - 000001010 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-02-06 11:17 - 2021-02-06 11:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-06 11:17 - 2021-02-06 11:17 - 000004006 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2021-02-06 11:17 - 2021-02-06 11:17 - 000003754 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2021-02-06 11:16 - 2021-02-06 20:12 - 000000000 ____D C:\Users\omar\AppData\Local\Dropbox
2021-02-06 11:16 - 2021-02-06 11:16 - 000000000 ____D C:\ProgramData\Dropbox
2021-02-06 11:15 - 2021-02-06 11:15 - 000673400 _____ (Dropbox, Inc.) C:\Users\omar\Downloads\DropboxInstaller.exe
2021-02-06 10:29 - 2021-02-06 10:29 - 000002281 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-06 10:29 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Roaming\Teams
2021-02-06 10:23 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Local\SquirrelTemp
2021-02-06 08:36 - 2021-02-06 08:36 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Teams
2021-02-06 08:34 - 2021-02-06 08:37 - 000000000 ____D C:\Users\Kinderen\AppData\Local\SquirrelTemp
2021-02-06 01:44 - 2021-02-06 18:29 - 000000000 ___RD C:\Users\omar\OneDrive
2021-02-06 01:44 - 2021-02-06 18:26 - 000003170 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2521950895-1173571020-801938669-1000
2021-02-06 01:44 - 2021-02-06 18:25 - 000002154 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2021-02-06 01:43 - 2021-02-06 01:43 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-02-06 01:42 - 2021-02-06 01:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-06 01:38 - 2021-02-06 18:27 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype voor Bedrijven.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's
2021-02-06 01:32 - 2021-02-06 01:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-02-06 01:27 - 2021-02-06 10:34 - 000000000 ____D C:\Windows\system32\MRT
2021-02-06 00:57 - 2021-02-06 00:57 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-02-06 00:42 - 2021-02-06 00:42 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Foxit
2021-02-06 00:41 - 2021-02-06 00:41 - 000001351 _____ C:\ProgramData\Bureaublad\Foxit Reader.lnk
2021-02-06 00:40 - 2021-02-06 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-02-06 00:32 - 2021-02-06 00:34 - 100142384 _____ (Foxit Software Inc. ) C:\Users\omar\Downloads\FoxitReader1011_L10N_Setup_Prom.exe
2021-02-05 23:53 - 2021-02-06 12:27 - 000000000 ____D C:\Users\omar\AppData\Local\TeamViewer
2021-02-05 23:52 - 2021-02-05 23:52 - 019228952 _____ (TeamViewer) C:\Users\omar\Downloads\TeamViewerQS.exe
2021-02-05 23:48 - 2021-02-05 23:48 - 006240742 _____ (TeamViewer) C:\Users\omar\Downloads\Niet bevestigd 103651.crdownload
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000044064 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-02-03 11:45 - 2021-02-03 11:45 - 000092590 _____ C:\Users\Kinderen\Downloads\Uittreksel strafregister - 82020321474.pdf
2021-02-03 11:33 - 2021-02-03 11:33 - 000032588 _____ C:\Users\Kinderen\Downloads\FW__attesten.zip
2021-02-03 11:25 - 2021-02-03 11:25 - 000066165 _____ C:\Users\Kinderen\Downloads\202101_MB_28202031893.pdf
2021-02-03 11:02 - 2021-02-03 11:02 - 000006294 _____ C:\Users\Kinderen\Downloads\2021-01-29-1756-attest-quarantaine-covid-19-omar-arfala.pdf
2021-02-02 13:30 - 2021-02-02 13:33 - 475384967 _____ C:\Users\Kinderen\Downloads\y2mate.com - I Became a BOXING LEGEND Roblox_1080pFHR (1).mp4
2021-02-01 20:20 - 2021-02-01 20:21 - 150993828 _____ C:\Users\Kinderen\Downloads\movvie moussa 2.mp4
2021-02-01 20:07 - 2021-02-01 20:07 - 000001114 _____ C:\Users\Kinderen\Downloads\Afbeeldingen - Snelkoppeling.lnk
2021-02-01 20:06 - 2021-02-01 20:08 - 356672339 _____ C:\Users\Kinderen\Downloads\movie.moussa.mp4
2021-02-01 00:04 - 2021-02-01 00:04 - 000124010 _____ C:\Users\Kinderen\Downloads\Excel-woordpakketten-5de-2.xlsx
2021-01-28 19:49 - 2021-01-28 19:49 - 000043008 _____ C:\Users\Kinderen\Downloads\Arfala Iessa.xls
2021-01-27 09:32 - 2021-01-27 09:32 - 000387372 _____ C:\Users\Kinderen\Downloads\berichten1088588 (1).zip
2021-01-27 09:31 - 2021-01-27 09:31 - 000387372 _____ C:\Users\Kinderen\Downloads\berichten1088588.zip
2021-01-27 08:43 - 2021-01-27 08:47 - 001049697 _____ C:\Users\Kinderen\Downloads\berichten1088646.zip
2021-01-23 21:37 - 2021-01-23 21:37 - 000071025 _____ C:\Users\Kinderen\Downloads\script_whiteboard_stob.pdf
2021-01-19 15:33 - 2021-01-19 15:33 - 000073529 _____ C:\Users\Kinderen\Downloads\barista-eform-4416a2c65469459819835561946.pdf
2021-01-18 17:38 - 2021-01-18 17:38 - 000436736 _____ C:\Users\Kinderen\Downloads\toets_Belgie.pub
2021-01-18 17:38 - 2021-01-18 17:38 - 000436736 _____ C:\Users\Kinderen\Downloads\toets_Belgie (1).pub
2021-01-16 07:36 - 2021-02-06 11:36 - 000000000 ____D C:\Windows\system32\appmgmt
2021-01-16 07:11 - 2021-01-16 07:11 - 000000000 _____ C:\Users\Kinderen\Downloads\Niet bevestigd 198196.crdownload
2021-01-16 07:06 - 2021-01-16 07:07 - 001588208 _____ (Roblox Corporation) C:\Users\Kinderen\Downloads\RobloxPlayerLauncher (6).exe
2021-01-09 07:50 - 2021-01-09 07:50 - 001588208 _____ (Roblox Corporation) C:\Users\Kinderen\Downloads\RobloxPlayerLauncher (5).exe
 
==================== Een maand (gewijzigd) ==================
 
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
 
2021-02-06 20:32 - 2017-07-05 22:07 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeraCopy
2021-02-06 20:22 - 2017-07-05 22:04 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-02-06 20:22 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-06 20:20 - 2017-07-05 22:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-06 20:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-06 20:19 - 2019-02-03 08:57 - 000000000 ____D C:\Windows\Minidump
2021-02-06 19:28 - 2019-02-15 09:31 - 000000000 ____D C:\Users\omar\AppData\Roaming\Skype
2021-02-06 19:26 - 2019-02-15 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-06 19:24 - 2017-07-08 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2021-02-06 19:24 - 2017-07-05 21:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-06 19:23 - 2017-07-05 22:25 - 000000000 ____D C:\Users\omar\AppData\Local\CrashDumps
2021-02-06 19:14 - 2017-07-05 21:47 - 000000000 ____D C:\Users\omar
2021-02-06 18:44 - 2017-12-31 13:04 - 000000000 ____D C:\Users\omar\AppData\Local\Google
2021-02-06 18:40 - 2017-07-05 22:02 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-06 18:35 - 2018-03-26 13:16 - 000000000 ____D C:\Users\omar\AppData\Local\AVAST Software
2021-02-06 18:04 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-06 18:04 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-06 16:12 - 2017-07-05 22:02 - 000110768 _____ C:\Users\omar\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-06 13:02 - 2009-07-14 05:45 - 000432616 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-06 12:53 - 2017-07-05 22:00 - 000001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2021-02-06 12:53 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\TeraCopy
2021-02-06 12:53 - 2017-07-05 21:53 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Mozilla
2021-02-06 12:38 - 2017-09-04 19:04 - 000000000 ____D C:\Users\omar\AppData\Roaming\vlc
2021-02-06 12:17 - 2020-08-11 22:22 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-06 12:17 - 2019-11-17 15:41 - 000001908 _____ C:\ProgramData\Bureaublad\Malwarebytes.lnk
2021-02-06 12:16 - 2020-08-16 11:50 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-06 12:12 - 2020-01-28 18:46 - 000000000 ____D C:\Users\omar\AppData\Roaming\Zoom
2021-02-06 12:04 - 2017-12-31 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-06 11:44 - 2017-07-05 23:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-06 11:44 - 2017-07-05 23:13 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-06 11:44 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-02-06 11:42 - 2009-07-14 10:57 - 000000000 ____D C:\Windows\ShellNew
2021-02-06 11:39 - 2020-03-25 18:00 - 000000000 ____D C:\Program Files (x86)\Mixlr
2021-02-06 11:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-02-06 11:38 - 2017-07-24 21:48 - 000000000 ____D C:\Program Files (x86)\Athan
2021-02-06 11:32 - 2020-08-13 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2021-02-06 11:32 - 2020-08-13 10:33 - 000000000 ____D C:\Users\omar\AppData\Roaming\Tencent
2021-02-06 11:31 - 2020-03-22 16:36 - 000000000 ____D C:\Users\omar\AppData\Local\Roblox
2021-02-06 11:23 - 2019-11-17 15:42 - 000000000 ____D C:\Users\omar\AppData\Local\cache
2021-02-06 10:35 - 2017-07-05 22:00 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeamViewer
2021-02-06 09:03 - 2020-01-05 17:44 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-06 08:59 - 2019-11-17 16:39 - 000000000 ____D C:\Users\Kinderen\AppData\Local\CrashDumps
2021-02-06 08:40 - 2020-06-28 08:04 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-06 08:40 - 2020-06-28 08:04 - 000002192 _____ C:\ProgramData\Bureaublad\Microsoft Edge.lnk
2021-02-06 08:37 - 2019-11-17 16:36 - 000112712 _____ C:\Users\Kinderen\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-06 03:19 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\WinRAR
2021-02-06 03:00 - 2017-12-31 13:03 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-06 02:47 - 2018-03-26 13:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-06 02:46 - 2019-04-12 06:00 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-02-06 02:03 - 2019-11-17 16:36 - 000001074 _____ C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-02-06 02:03 - 2017-07-05 21:47 - 000001074 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-02-06 00:42 - 2017-08-28 13:14 - 000000000 ____D C:\ProgramData\Foxit Software
2021-02-06 00:34 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\system32\Macromed
2021-02-06 00:33 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-02-06 00:27 - 2018-01-02 12:37 - 000000000 ____D C:\ProgramData\Cold Turkey
2021-02-06 00:00 - 2020-11-01 16:36 - 000003446 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b05e61539d0e
2021-02-06 00:00 - 2020-06-28 08:03 - 000003574 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-06 00:00 - 2017-12-31 13:03 - 000003490 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 00:00 - 2017-12-31 13:03 - 000003362 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-06 00:00 - 2017-12-07 07:44 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-02-05 08:16 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen\AppData\Local\Greenshot
2021-02-02 14:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-02-02 08:50 - 2018-01-09 11:33 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-02-01 20:11 - 2009-07-14 10:16 - 000745748 _____ C:\Windows\system32\perfh013.dat
2021-02-01 20:11 - 2009-07-14 10:16 - 000153700 _____ C:\Windows\system32\perfc013.dat
2021-02-01 20:11 - 2009-07-14 06:13 - 001670888 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-01 00:08 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen
2021-01-29 09:12 - 2020-02-25 11:21 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\vlc
2021-01-24 21:22 - 2020-01-05 17:44 - 000000256 _____ C:\Users\Kinderen\AppData\LocalLow\rbxcsettings.rbx
2021-01-16 08:14 - 2020-02-25 09:28 - 000000000 ____D C:\found.003
2021-01-14 20:19 - 2020-06-17 10:21 - 000004074 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1592385690
2021-01-09 08:18 - 2020-01-05 17:44 - 000000000 ____D C:\Users\Kinderen\AppData\Local\Roblox
2021-01-08 12:38 - 2017-07-05 22:03 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-01-07 16:38 - 2020-12-10 00:38 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-01-07 12:38 - 2017-07-05 22:03 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
 
==================== Bestanden in de root van sommige mappen ========
 
2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ () C:\Users\omar\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
 
LastRegBack: 2021-02-01 08:49
==================== Einde van FRST.txt ========================
 
 
 
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 04-02-2021
Gestart door omar (06-02-2021 20:39:11)
Gestart vanaf D:\OneDrive\Bureaublad
Windows 7 Professional Service Pack 1 (X64) (2017-07-05 20:46:57)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2521950895-1173571020-801938669-500 - Administrator - Disabled)
Gast (S-1-5-21-2521950895-1173571020-801938669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2521950895-1173571020-801938669-1003 - Limited - Enabled)
Kinderen (S-1-5-21-2521950895-1173571020-801938669-1001 - Limited - Enabled) => C:\Users\Kinderen
omar (S-1-5-21-2521950895-1173571020-801938669-1000 - Administrator - Enabled) => C:\Users\omar
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)
 
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.0.7844.104 - De auteurs van Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{16044E2C-5ADC-4C34-B2FB-5A2E0B6908F6}) (Version: 88.0.4324.33 - Google Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 115.4.601 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
Gebruikersregistratie voor Canon MG5700 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5700 series) (Version:  - ‭Canon Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.5 - Intel)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.12527.21504 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 72.0.2 (x64 nl)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
NVIDIA 3D Vision controllerstuurprogramma 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
Pokémon Trading Card Game Online (HKLM-x32\...\{F72A85B1-30EA-4555-B45D-C5CE169ACA4D}) (Version: 2.74.0 - The Pokémon Company International)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Skype versie 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TeraCopy version 3.5 (HKLM\...\TeraCopy_is1) (Version: 3.5 - Code Sector)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\ZoomUMX) (Version: 5.5.1 (12488.0202) - Zoom Video Communications, Inc.)
 
==================== Aangepaste CLSID (gefilterd): ==============
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
 
==================== Codecs (gefilterd) ====================
 
==================== Snelkoppelingen & WMI ========================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
ShortcutWithArgument: C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
 
==================== Geladen Modules (gefilterd) =============
 
2021-02-06 20:25 - 2021-02-06 20:25 - 000114176 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_ctypes.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000172544 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_elementtree.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 002255872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_hashlib.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000032256 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_multiprocessing.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000046080 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_psutil_windows.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000047616 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_socket.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 002824704 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_ssl.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000026112 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\_yappi.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000080896 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\bz2.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000015872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\common.time34.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000007680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\hashobjs_ext.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000301568 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\PIL._imaging.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000168448 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pyexpat.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 001084416 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pysqlite2._sqlite.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000548864 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pythoncom27.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 000137728 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\pywintypes27.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 000010752 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\select.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000020992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\thumbnails_ext.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000689664 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\unicodedata.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000119808 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\usb_ext.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000128512 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32api.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000438784 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32com.shell.shell.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000011776 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32crypt.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000023040 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32event.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000149504 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32file.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000223232 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32gui.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000048128 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32inet.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000029696 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32pdh.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000027648 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32pipe.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000044032 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32process.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000020480 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32profile.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000136192 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32security.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000026624 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\win32ts.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000034304 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.conditional.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000037888 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.connectivity.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000071680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.device_monitor.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000103936 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.volumes.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000019968 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\windows.winwrap.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 001325056 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._controls_.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 001489408 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._core_.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 001007104 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._gdi_.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000103424 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._html2.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 000916992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._misc_.pyd
2021-02-06 20:25 - 2021-02-06 20:25 - 001039872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wx._windows_.pyd
2018-11-05 21:07 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-11-05 21:07 - 2015-01-09 08:45 - 000008704 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_NLD.DLL
2018-01-09 11:33 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJPLM\cnmpu2.dll
2018-11-05 21:13 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2018-11-05 21:13 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2018-01-09 11:42 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [Bestand niet getekend] C:\Windows\System32\CNMN6PPM.DLL
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\VCRUNTIME140.dll
2021-02-06 11:35 - 2021-02-06 11:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020600\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\MSVCP140.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\ucrtbase.DLL
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-02-06 01:05 - 2021-02-06 01:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-02-06 01:05 - 2021-02-06 01:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-12-10 03:03 - 2017-10-27 17:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2017-12-10 03:04 - 2017-10-27 17:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 003043328 _____ (Python Software Foundation) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\python27.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 000202240 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxbase30u_net_vc90_x64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 002831872 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxbase30u_vc90_x64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 001654784 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_adv_vc90_x64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 006542336 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_core_vc90_x64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 000773632 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_html_vc90_x64.dll
2021-02-06 20:25 - 2021-02-06 20:25 - 000137216 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI19682\wxmsw30u_webview_vc90_x64.dll
 
==================== Alternate Data Streams (gefilterd) ========
 
(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)
 
AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]
 
==================== Veilige Modus (gefilterd) ==================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Bestandskoppeling (gefilterd) =================
 
==================== Internet Explorer (Versie 11) (gefilterd) ==========
 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)
 
IE trusted site: HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\sharepoint.com -> hxxps://adite-files.sharepoint.com
 
==================== Hosts inhoud: =========================
 
(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)
 
2009-07-14 03:34 - 2019-01-04 08:43 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Andere gebieden ===========================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\omar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
==================== Firewall regels (gefilterd) ================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7C7F1E6-B620-40B2-AD7C-6EFCCA078229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9470E03-8635-4FDB-ADED-5F54D179152F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand
FirewallRules: [{4F2217C1-A417-4E2F-9BD7-DCBB09921A01}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand
FirewallRules: [{767CDB33-2270-47EE-BD24-3571170D0B40}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand
FirewallRules: [{CA1160CD-1267-47ED-A78C-C590AC179E42}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand
FirewallRules: [TCP Query User{B3E1862B-4074-491B-8C6A-ED135629DCF3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C365B3E4-B724-4003-A3A9-01AF44D8484A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80CD056E-E4D1-4DC0-8940-4679EBAC8287}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand
FirewallRules: [{A681F3AC-0DC7-4EF0-A144-B3118666DC40}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand
FirewallRules: [{823424AC-9A49-4197-8DD6-8727F4BF493F}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand
FirewallRules: [{0DB1FA5E-3C05-4B75-AC38-225389E4C966}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand
FirewallRules: [{ACAACD1A-3E98-47F7-A253-74F981FC1832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56E0F94C-B504-4241-8085-786D0D5CD7EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B63DB91E-9599-4DD6-B856-D15997DDF085}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D323FF3-F0C9-466B-8551-2E5DD86AFF8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8BBD55AA-46D4-4743-9652-ABFB38F03210}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFAFE3C-427C-43C1-B606-E4C704533D81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF000D1D-6B2E-423F-8658-F4836589BD52}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FC9F0179-8212-4AAC-B07E-20CD401F2265}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\airhost.exe => Geen bestand
FirewallRules: [TCP Query User{E7D6F5E5-5CE3-4FCD-8B4E-6ABA06F04F15}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand
FirewallRules: [UDP Query User{9DDBC3AA-15F2-4CCA-9311-E44AB1C8A79C}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand
FirewallRules: [TCP Query User{CD3A8046-EA56-49C4-87A6-8DB7AAC8B232}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand
FirewallRules: [UDP Query User{EBB4B77A-6118-48FE-ACBF-7431650140FA}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand
FirewallRules: [TCP Query User{9BA05B6A-E323-438D-9FD6-476D87F12EE0}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand
FirewallRules: [UDP Query User{3DE2CB83-A80D-4260-88ED-075C79A797B2}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand
FirewallRules: [TCP Query User{91AC7EC7-2440-4C63-8977-E5EF2BE5F5CE}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand
FirewallRules: [UDP Query User{AA669EE6-01D1-489A-B61F-9D10A058B94F}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand
FirewallRules: [{6B99CF14-C115-4EEC-90DC-9E5B8B180DAC}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4A19A33-9173-4071-BDBE-F558240BE4B5}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F1E31BE7-D448-45C9-8F3A-ADB8B0864EF6}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{65332082-D127-4139-ADE9-65445B6E6010}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1402D348-4727-49D0-9ED0-F3FA2CAFF746}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{23579066-29A1-4889-A238-6AE83E3C9ADE}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{5D12AAB6-D7A8-4254-85C3-B084B9AE6140}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{E6D5F7A0-F146-458C-9353-5C065EA3EFF3}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [TCP Query User{3D99CB92-CA78-476A-854E-B19C7481D9C4}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand
FirewallRules: [UDP Query User{139EBA71-5F02-4C3B-9894-E9386D57D40A}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand
FirewallRules: [{5B63A12B-25C5-4180-BC3C-540EA5A6839A}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{22CAB938-A578-4E08-9479-680FAA8051CB}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [TCP Query User{334DD5F7-BF0B-42D0-8F0A-853ACA790155}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand
FirewallRules: [UDP Query User{0B43D609-4274-4124-9701-C3F94BF7935E}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand
FirewallRules: [{69281D11-81AC-4D09-B709-0D55FE6C51B9}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Geen bestand
FirewallRules: [TCP Query User{201B0D92-CAE8-4F94-BD3B-D5BC1FB4AA46}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [UDP Query User{5FDFB8A5-7294-48C5-A85A-E1DE7341C40C}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [TCP Query User{77F4C424-74F7-4BEE-A1F1-7EF9CBD94EF0}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [UDP Query User{B8E13F95-2D96-4FBB-90B3-DF8259DBFCBD}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [{C836DECF-176A-464A-94EE-CEF6CD93BA91}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCAD8BC0-A475-419B-865E-B204E8A99D43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE0E4F9B-463D-4CC0-B066-EFDE90D4075D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC900573-5D4F-473E-8E6D-21EF930DBDBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DBD019B-6563-450E-8866-0A53519E0AA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09B394C0-0755-4AB0-A99A-394533B67FD3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4CD53674-1BC2-436F-839E-540049ECBEA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{86932603-17E4-4EF8-81A7-AC37DB155DA8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{13801A05-9309-422F-BA2B-5D8792338FE7}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{C0483B50-45EB-4235-9E12-1A1EAE381A79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E105023-0F0C-44BE-B2B4-73105D002729}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8FC1C608-AA1A-408C-9637-C37069D34463}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16066DD5-608F-4C01-93F3-54DA79B4494C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D8469D98-01D4-4B1B-9299-8D28B6551E5A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BD7DCBC-A937-4ED8-BCD1-DAB7740A19F4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Herstelpunten =========================
 
06-02-2021 15:28:53 Gepland controlepunt
06-02-2021 19:24:20 Removed TP-LINK Wireless Configuration Utility
 
==================== Defecte Apparaatbeheer Apparaten ============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Simple Communications-controller
Description: PCI Simple Communications-controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Eventlog fouten: ========================
 
Applicatiefouten:
==================
Error: (02/06/2021 07:23:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x27b0
Starttijd van toepassing met fout: 0x01d6fcb52951a457
Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
Pad naar module met fout: unknown
Rapport-id: 6a70f7b9-68a8-11eb-ac40-f46d041e5c85
 
Error: (02/06/2021 06:14:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x20a8
Starttijd van toepassing met fout: 0x01d6fcab7d0e775c
Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
Pad naar module met fout: unknown
Rapport-id: bcde47e4-689e-11eb-ac40-f46d041e5c85
 
Error: (02/06/2021 06:13:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x1a48
Starttijd van toepassing met fout: 0x01d6fcab7131566b
Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
Pad naar module met fout: unknown
Rapport-id: b2b8c87e-689e-11eb-ac40-f46d041e5c85
 
Error: (02/06/2021 06:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x1674
Starttijd van toepassing met fout: 0x01d6fcaa07ed4bf1
Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
Pad naar module met fout: unknown
Rapport-id: 52e846ea-689d-11eb-ac40-f46d041e5c85
 
Error: (02/06/2021 04:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: TWCU.exe, versie: 0.0.0.0, tijdstempel: 0x54dacd54
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x15c8
Starttijd van toepassing met fout: 0x01d6fc9f83ea8f9a
Pad naar toepassing met fout: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
Pad naar module met fout: unknown
Rapport-id: d9ef35e4-6892-11eb-8627-f46d041e5c85
 
Error: (02/06/2021 04:46:20 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Toegang geweigerd voor client: [email protected]/chromoting_ftl_f53c0687-b2b7-4e5b-be44-1c8e270e1d12.
 
Error: (02/06/2021 04:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: GoogleUpdate.exe, versie: 1.3.30.3, tijdstempel: 0x57107cd1
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x02f97584
Id van proces met fout: 0x1444
Starttijd van toepassing met fout: 0x01d6fc9ec0e40791
Pad naar toepassing met fout: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Pad naar module met fout: unknown
Rapport-id: ff09f89f-6891-11eb-ab89-f46d041e5c85
 
Error: (02/06/2021 04:43:03 PM) (Source: Google Update) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1
 
 
Systeemfouten:
=============
Error: (02/06/2021 08:30:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.
 
Error: (02/06/2021 08:25:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TeamViewer.
 
Error: (02/06/2021 08:20:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule kan niet worden gestart.
 
Pad naar module: C:\Windows\system32\Rtlihvs.dll
Foutcode: 126
 
Error: (02/06/2021 08:20:07 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: De computer is opnieuw opgestart na een bugcontrole. De bugcontrole is 0x0000007a (0xfffff6fc400082a8, 0xffffffffc0000185, 0x000020011248d860, 0xfffff8800105593c). Er is een dump opgeslagen in: C:\Windows\MEMORY.DMP. Rapport-id: 020621-60512-01.
 
Error: (02/06/2021 08:19:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 20:17:30 op ‎6/‎02/‎2021 is onverwacht gebeurd.
 
Error: (02/06/2021 08:18:55 PM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.
 
Error: (02/06/2021 08:18:55 PM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.
 
Error: (02/06/2021 07:29:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is ontvangen: 70.
 
 
==================== Geheugen info =========================== 
 
BIOS: American Megatrends Inc. 1502 03/02/2011
Moederbord: ASUSTeK Computer INC. P8P67 PRO
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage geheugen in gebruik: 92%
Totaal fysiek RAM-geheugen: 4072.95 MB
Beschikbaar fysiek RAM-geheugen: 294.2 MB
Totaal Virtueel geheugen: 17383.09 MB
Beschikbaar Virtueel geheugen: 13037.91 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:136.62 GB) (Free:61.67 GB) NTFS
Drive d: (Data) (Fixed) (Total:329.04 GB) (Free:312.65 GB) NTFS
 
\\?\Volume{17b560d9-61b9-11e7-a249-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partitietabel ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 000F08CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=136.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329 GB) - (Type=07 NTFS)
 
==================== Einde van Addition.txt =======================

 

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,580 posts
  • MVP

OK.  You have a coin miner called: Vnlgp

HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT

and something else suspicious:

AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]

 

Alternate Data Streams are hidden files that ride on other files.  Don't know why Microsoft thought this would be a good idea tho some anti-viruses do use Alternate Data Streams to tag files they have checked.

 

I would uninstall TeamViewer as it is not working correctly.  Also do you really need Chrome Remote Desktop?

 

Let's get rid of the miner and the Alternate Data Stream and some dead wood with a fixlist:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   16.12KB   31 downloads

Run FRST (Right click and Run As Admin)

and press Fix

It's also going to check your system files so will take about 15 minutes to complete.  It will reboot when done.
A fix log will be generated please post that


Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.



Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into a reply.

 

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.

 


  • 0

#3
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

fixlog

 

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 04-02-2021
Gestart door omar (07-02-2021 07:57:33) Run:1
Gestart vanaf D:\OneDrive\Bureaublad
Geladen Profielen: omar
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
CMD: type C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd 
File: C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd
HKLM\...\Run: [vnlgp] => C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd [ ] <==== AANDACHT
C:\Users\omar\AppData\Roaming\vnlgp
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe
File: C:\Windows\System32:tdsrset_i.gfc
AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [802920 2020-08-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [572632 2020-12-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1995624 2017-10-20] (Mixlr Ltd -> ShiningMorning Inc.)
irewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand
FirewallRules: [{4F2217C1-A417-4E2F-9BD7-DCBB09921A01}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand
FirewallRules: [{767CDB33-2270-47EE-BD24-3571170D0B40}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand
FirewallRules: [{CA1160CD-1267-47ED-A78C-C590AC179E42}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => Geen bestand
FirewallRules: [{80CD056E-E4D1-4DC0-8940-4679EBAC8287}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand
FirewallRules: [{A681F3AC-0DC7-4EF0-A144-B3118666DC40}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand
FirewallRules: [{823424AC-9A49-4197-8DD6-8727F4BF493F}] => (Allow) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe => Geen bestand
FirewallRules: [{0DB1FA5E-3C05-4B75-AC38-225389E4C966}] => (Allow) C:\Program Files\Cold Turkey\ServiceHub.Power.exe => Geen bestand
FirewallRules: [{FC9F0179-8212-4AAC-B07E-20CD401F2265}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\airhost.exe => Geen bestand
FirewallRules: [TCP Query User{E7D6F5E5-5CE3-4FCD-8B4E-6ABA06F04F15}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand
FirewallRules: [UDP Query User{9DDBC3AA-15F2-4CCA-9311-E44AB1C8A79C}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe => Geen bestand
FirewallRules: [TCP Query User{CD3A8046-EA56-49C4-87A6-8DB7AAC8B232}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand
FirewallRules: [UDP Query User{EBB4B77A-6118-48FE-ACBF-7431650140FA}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe => Geen bestand
FirewallRules: [TCP Query User{9BA05B6A-E323-438D-9FD6-476D87F12EE0}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand
FirewallRules: [UDP Query User{3DE2CB83-A80D-4260-88ED-075C79A797B2}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe => Geen bestand
FirewallRules: [TCP Query User{91AC7EC7-2440-4C63-8977-E5EF2BE5F5CE}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand
FirewallRules: [UDP Query User{AA669EE6-01D1-489A-B61F-9D10A058B94F}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe => Geen bestand
FirewallRules: [{6B99CF14-C115-4EEC-90DC-9E5B8B180DAC}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4A19A33-9173-4071-BDBE-F558240BE4B5}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F1E31BE7-D448-45C9-8F3A-ADB8B0864EF6}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{65332082-D127-4139-ADE9-65445B6E6010}] => (Allow) C:\Users\omar\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1402D348-4727-49D0-9ED0-F3FA2CAFF746}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{23579066-29A1-4889-A238-6AE83E3C9ADE}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{5D12AAB6-D7A8-4254-85C3-B084B9AE6140}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{E6D5F7A0-F146-458C-9353-5C065EA3EFF3}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [TCP Query User{3D99CB92-CA78-476A-854E-B19C7481D9C4}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand
FirewallRules: [UDP Query User{139EBA71-5F02-4C3B-9894-E9386D57D40A}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe => Geen bestand
FirewallRules: [{5B63A12B-25C5-4180-BC3C-540EA5A6839A}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [{22CAB938-A578-4E08-9479-680FAA8051CB}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => Geen bestand
FirewallRules: [TCP Query User{334DD5F7-BF0B-42D0-8F0A-853ACA790155}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand
FirewallRules: [UDP Query User{0B43D609-4274-4124-9701-C3F94BF7935E}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe => Geen bestand
FirewallRules: [{69281D11-81AC-4D09-B709-0D55FE6C51B9}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Geen bestand
FirewallRules: [TCP Query User{201B0D92-CAE8-4F94-BD3B-D5BC1FB4AA46}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [UDP Query User{5FDFB8A5-7294-48C5-A85A-E1DE7341C40C}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [TCP Query User{77F4C424-74F7-4BEE-A1F1-7EF9CBD94EF0}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand
FirewallRules: [UDP Query User{B8E13F95-2D96-4FBB-90B3-DF8259DBFCBD}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Geen bestand
File: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
File: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
File: C:\Windows\system32\Rtlihvs.dll
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= type C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd =========
 
@echo off
if not "%minimized%"=="" goto :minimized
set minimized=true
start /min cmd /C "%~dpnx0"
goto :EOF
 
:minimized
setx GPU_MAX_ALLOC_PERCENT 70 > NUL
 
cd /D "%~dp0"
 
vnlgp.exe --config vnlgp.conf
 
========= Einde van CMD: =========
 
 
========================= File: C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd ========================
 
C:\Users\omar\AppData\Roaming\vnlgp\vnlgp\start.cmd
Bestand niet getekend
MD5: D7CC978A25AF6205C63165F6EEE4716A
datum aanmaken en wijzigen: 2017-07-05 22:45 - 2016-04-04 15:36
grootte: 000000214
Kenmerken: ----A
Bedrijfsnaam: 
Interne naam: 
Originele naam: 
Product: 
Beschrijving: 
bestand Versie: 
Product Versie: 
Auteursrecht: 
 
====== Einde van File: ======
 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vnlgp" => is succesvol verwijderd
C:\Users\omar\AppData\Roaming\vnlgp => is succesvol verplaatst
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => is succesvol verplaatst
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => is succesvol verplaatst
C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => is succesvol verplaatst
C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001.job => is succesvol verplaatst
 
========================= File: C:\Windows\System32:tdsrset_i.gfc ========================
 
C:\Windows\System32:tdsrset_i.gfc
Bestand niet getekend
MD5: BB07F61808D3D60B41C2816B5E9CEC62
datum aanmaken en wijzigen: 0000-00-00 00:00 - 0000-00-00 00:00
grootte: 000000000
Kenmerken: ----A
Bedrijfsnaam: 
Interne naam: 
Originele naam: 
Product: 
Beschrijving: 
bestand Versie: 
Product Versie: 
Auteursrecht: 
 
====== Einde van File: ======
 
C:\Windows\System32 => ":tdsrset_i.gfc" ADS is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\tesrsdt => is succesvol verwijderd
tesrsdt => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\UniSafe => is succesvol verwijderd
UniSafe => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\VASDeviceDrm => is succesvol verwijderd
VASDeviceDrm => service is succesvol verwijderd
irewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand => Fout: Geen automatische fix gevonden voor dit item.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F2217C1-A417-4E2F-9BD7-DCBB09921A01}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{767CDB33-2270-47EE-BD24-3571170D0B40}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA1160CD-1267-47ED-A78C-C590AC179E42}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80CD056E-E4D1-4DC0-8940-4679EBAC8287}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A681F3AC-0DC7-4EF0-A144-B3118666DC40}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{823424AC-9A49-4197-8DD6-8727F4BF493F}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DB1FA5E-3C05-4B75-AC38-225389E4C966}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC9F0179-8212-4AAC-B07E-20CD401F2265}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7D6F5E5-5CE3-4FCD-8B4E-6ABA06F04F15}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9DDBC3AA-15F2-4CCA-9311-E44AB1C8A79C}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.165\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD3A8046-EA56-49C4-87A6-8DB7AAC8B232}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EBB4B77A-6118-48FE-ACBF-7431650140FA}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9BA05B6A-E323-438D-9FD6-476D87F12EE0}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3DE2CB83-A80D-4260-88ED-075C79A797B2}C:\users\kinderen\appdata\local\programs\opera\68.0.3618.173_0\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{91AC7EC7-2440-4C63-8977-E5EF2BE5F5CE}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA669EE6-01D1-489A-B61F-9D10A058B94F}C:\users\kinderen\appdata\local\programs\opera\69.0.3686.95\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B99CF14-C115-4EEC-90DC-9E5B8B180DAC}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4A19A33-9173-4071-BDBE-F558240BE4B5}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1E31BE7-D448-45C9-8F3A-ADB8B0864EF6}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65332082-D127-4139-ADE9-65445B6E6010}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1402D348-4727-49D0-9ED0-F3FA2CAFF746}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{23579066-29A1-4889-A238-6AE83E3C9ADE}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D12AAB6-D7A8-4254-85C3-B084B9AE6140}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6D5F7A0-F146-458C-9353-5C065EA3EFF3}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D99CB92-CA78-476A-854E-B19C7481D9C4}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{139EBA71-5F02-4C3B-9894-E9386D57D40A}C:\users\kinderen\appdata\local\programs\opera\70.0.3728.189\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B63A12B-25C5-4180-BC3C-540EA5A6839A}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{22CAB938-A578-4E08-9479-680FAA8051CB}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{334DD5F7-BF0B-42D0-8F0A-853ACA790155}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B43D609-4274-4124-9701-C3F94BF7935E}C:\users\kinderen\appdata\local\programs\opera\71.0.3770.228\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69281D11-81AC-4D09-B709-0D55FE6C51B9}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{201B0D92-CAE8-4F94-BD3B-D5BC1FB4AA46}C:\program files\unity hub\unity hub.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5FDFB8A5-7294-48C5-A85A-E1DE7341C40C}C:\program files\unity hub\unity hub.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{77F4C424-74F7-4BEE-A1F1-7EF9CBD94EF0}C:\program files\unity hub\unity hub.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B8E13F95-2D96-4FBB-90B3-DF8259DBFCBD}C:\program files\unity hub\unity hub.exe" => is succesvol verwijderd
 
========================= File: C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ========================
 
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" => niet gevonden
====== Einde van File: ======
 
 
========================= File: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ========================
 
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Bestand is getekend
MD5: 50FCC5C822A6B4FC6F377EE9F9F37C7B
datum aanmaken en wijzigen: 2017-12-31 13:03 - 2017-12-31 13:03
grootte: 000152216
Kenmerken: ---AT
Bedrijfsnaam: Google Inc -> Google Inc.
Interne naam: Google Update
Originele naam: GoogleUpdate.exe
Product: Google Update
Beschrijving: Google Installer
bestand Versie: 1.3.30.3
Product Versie: 1.3.30.3
Auteursrecht: Copyright 2007-2010 Google Inc.
 
====== Einde van File: ======
 
 
========================= File: C:\Windows\system32\Rtlihvs.dll ========================
 
"C:\Windows\system32\Rtlihvs.dll" => niet gevonden
====== Einde van File: ======
 
 
========= SFC /scannow =========
 
 
 
Systeemcontrole wordt gestart. Dit proces kan enkele minuten duren.
 
 
 
Verificatiefase van systeemscan wordt gestart.
 
Verificatie is 0% voltooid.Verificatie is 1% voltooid.Verificatie is 2% voltooid.Verificatie is 2% voltooid.Verificatie is 3% voltooid.Verificatie is 4% voltooid.Verificatie is 4% voltooid.Verificatie is 5% voltooid.Verificatie is 6% voltooid.Verificatie is 6% voltooid.Verificatie is 7% voltooid.Verificatie is 8% voltooid.Verificatie is 8% voltooid.Verificatie is 9% voltooid.Verificatie is 10% voltooid.Verificatie is 10% voltooid.Verificatie is 11% voltooid.Verificatie is 12% voltooid.Verificatie is 12% voltooid.Verificatie is 13% voltooid.Verificatie is 14% voltooid.Verificatie is 15% voltooid.Verificatie is 15% voltooid.Verificatie is 16% voltooid.Verificatie is 17% voltooid.Verificatie is 17% voltooid.Verificatie is 18% voltooid.Verificatie is 19% voltooid.Verificatie is 19% voltooid.Verificatie is 20% voltooid.Verificatie is 21% voltooid.Verificatie is 21% voltooid.Verificatie is 22% voltooid.Verificatie is 23% voltooid.Verificatie is 23% voltooid.Verificatie is 24% voltooid.Verificatie is 25% voltooid.Verificatie is 25% voltooid.Verificatie is 26% voltooid.Verificatie is 27% voltooid.Verificatie is 28% voltooid.Verificatie is 28% voltooid.Verificatie is 29% voltooid.Verificatie is 30% voltooid.Verificatie is 30% voltooid.Verificatie is 31% voltooid.Verificatie is 32% voltooid.Verificatie is 32% voltooid.Verificatie is 33% voltooid.Verificatie is 34% voltooid.Verificatie is 34% voltooid.Verificatie is 35% voltooid.Verificatie is 36% voltooid.Verificatie is 36% voltooid.Verificatie is 37% voltooid.Verificatie is 38% voltooid.Verificatie is 38% voltooid.Verificatie is 39% voltooid.Verificatie is 40% voltooid.Verificatie is 41% voltooid.Verificatie is 41% voltooid.Verificatie is 42% voltooid.Verificatie is 43% voltooid.Verificatie is 43% voltooid.Verificatie is 44% voltooid.Verificatie is 45% voltooid.Verificatie is 45% voltooid.Verificatie is 46% voltooid.Verificatie is 47% voltooid.Verificatie is 47% voltooid.Verificatie is 48% voltooid.Verificatie is 49% voltooid.Verificatie is 49% voltooid.Verificatie is 50% voltooid.Verificatie is 51% voltooid.Verificatie is 51% voltooid.Verificatie is 52% voltooid.Verificatie is 53% voltooid.Verificatie is 54% voltooid.Verificatie is 54% voltooid.Verificatie is 55% voltooid.Verificatie is 56% voltooid.Verificatie is 56% voltooid.Verificatie is 57% voltooid.Verificatie is 58% voltooid.Verificatie is 58% voltooid.Verificatie is 59% voltooid.Verificatie is 60% voltooid.Verificatie is 60% voltooid.Verificatie is 61% voltooid.Verificatie is 62% voltooid.Verificatie is 62% voltooid.Verificatie is 63% voltooid.Verificatie is 64% voltooid.Verificatie is 64% voltooid.Verificatie is 65% voltooid.Verificatie is 66% voltooid.Verificatie is 67% voltooid.Verificatie is 67% voltooid.Verificatie is 68% voltooid.Verificatie is 69% voltooid.Verificatie is 69% voltooid.Verificatie is 70% voltooid.Verificatie is 71% voltooid.Verificatie is 71% voltooid.Verificatie is 72% voltooid.Verificatie is 73% voltooid.Verificatie is 73% voltooid.Verificatie is 74% voltooid.Verificatie is 75% voltooid.Verificatie is 75% voltooid.Verificatie is 76% voltooid.Verificatie is 77% voltooid.Verificatie is 77% voltooid.Verificatie is 78% voltooid.Verificatie is 79% voltooid.Verificatie is 80% voltooid.Verificatie is 80% voltooid.Verificatie is 81% voltooid.Verificatie is 82% voltooid.Verificatie is 82% voltooid.Verificatie is 83% voltooid.Verificatie is 84% voltooid.Verificatie is 84% voltooid.Verificatie is 85% voltooid.Verificatie is 86% voltooid.Verificatie is 86% voltooid.Verificatie is 87% voltooid.Verificatie is 88% voltooid.Verificatie is 88% voltooid.Verificatie is 89% voltooid.Verificatie is 90% voltooid.Verificatie is 90% voltooid.Verificatie is 91% voltooid.Verificatie is 92% voltooid.Verificatie is 92% voltooid.Verificatie is 93% voltooid.Verificatie is 94% voltooid.Verificatie is 95% voltooid.Verificatie is 95% voltooid.Verificatie is 96% voltooid.Verificatie is 97% voltooid.Verificatie is 97% voltooid.Verificatie is 98% voltooid.Verificatie is 99% voltooid.Verificatie is 99% voltooid.Verificatie is 100% voltooid.
 
 
Er zijn geen schendingen van de integriteit gevonden.
 
 
========= Einde van CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
FINDSTR: kan \windows\logs\cbs\cbs.log niet openen
 
========= Einde van CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= Einde van CMD: =========
 
 
 
Het systeem moest herstart worden.
 
==== Einde van Fixlog 08:09:05 ====

  • 0

#4
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

I do need teamviewer and chrome remote desktop, as I'm helping my sister from a big distance, cleaning her pc.

 

TEamviewer: when I was uninstalling several apps, I did find teamviewer 12 in the list.

 

But I had to use TV  Quick Qupport as I could not find teamviewer when searching for it in start.

 

I tried to uninstall teamviewer 12 from the installed software list (control panel... ) , but it did not do anything..

 

After a quick cleaning of the pc, I installed chrome remote and then teamvieuwer full installation. Both work I have no issues with teamviewer, do I need to uninstall it an install it ?


  • 0

#5
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 04-02-2021
Gestart door omar (Beheerder) op OMAR-PC (07-02-2021 08:24:48)
Gestart vanaf D:\OneDrive\Bureaublad
Geladen Profielen: omar
Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Chrome
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
 
() [Bestand niet getekend] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\115.4.601\QtWebEngineProcess.exe <2>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\omar\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(My Digital Life Forums) [Bestand niet getekend] C:\Windows\KMSServerService\KMS Server Service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Register (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2012-07-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [Bestand niet getekend]
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\MountPoints2: {4483c628-afb5-11e8-a3d4-f46d041e5c85} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-07-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Bestand niet getekend]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe [2021-02-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
GroupPolicy\User: Restrictie ? <==== AANDACHT
GroupPolicyUsers\S-1-5-21-2521950895-1173571020-801938669-1001\User: Restrictie <==== AANDACHT
Policies: C:\Users\Kinderen\NTUSER.pol: Restrictie <==== AANDACHT
Policies: C:\Users\omar\NTUSER.pol: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
 
==================== Geplande Taken (gefilterd) ============
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {037AB38F-BAEB-40B5-9891-F60FDDB89407} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F745097-745B-43BF-86F4-5C2A0181507A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A1FF87A-F5EE-41BE-829F-42E00F76D7AB} - System32\Tasks\Opera scheduled assistant Autoupdate 1592385696 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kinderen\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {265B9C08-7D6B-4ACC-AC3E-707AFC535A11} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29BEC3A8-7547-4418-A76F-9E9967B800C9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {32F9CBDE-9125-4850-AA2A-D54AFF6F7080} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
Task: {3E1E100C-DC99-4861-92CC-B8EFC369E552} - System32\Tasks\Opera scheduled Autoupdate 1592385690 => C:\Users\Kinderen\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {46BCB8ED-64F6-4B26-83A4-46FC008516C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158768 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A9F0D65-63D6-41FB-A605-ABA047901873} - System32\Tasks\{9F67EE0A-00CD-45CA-A529-456094761FC6} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {5ADD07EF-3455-4A49-95C5-4691FE3D6BB5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {644E54AD-0E1F-4637-BEBA-8A67F5C6D611} - System32\Tasks\{8D412A4D-0566-4F0C-9826-F2C1B216DF91} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {715CECEE-2B0E-492C-9387-A8C3A53CC672} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7E70D8E3-B3AE-4EA1-9AAE-9DB3FA4AA049} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)
Task: {8A56C8FB-DD96-46C1-B722-49C490267D6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {8CB36807-0D33-4102-809C-63139B3B22CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-31] (Google Inc -> Google Inc.)
Task: {9D750327-7C04-4377-9D12-259FD7B6081D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2D5E7E3-1463-4BE5-8FCA-DE36CE23AF56} - System32\Tasks\{EB3F6C63-C24F-431E-A3D4-C761C6B3B67F} => C:\Windows\system32\pcalua.exe -a D:\TL-WN821N_V5_driver\Setup.exe -d D:\TL-WN821N_V5_driver
Task: {A5BDB1D9-0E96-4C10-B786-81D1E2FC82C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADDC02E0-825A-40F7-973A-3770059AAFF3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {BD17B7B7-3CFE-44C3-A1BF-756F2EA720CE} - System32\Tasks\G2MUpdateTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BE0D889B-BDF0-4E97-A330-C87AE551E46F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF62986A-9A57-4387-95FA-3E19CFAAF147} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038168 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D556888A-B55F-4CE4-82F0-681C6A303B45} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3732480 2017-07-05] () [Bestand niet getekend]
Task: {D8EF6D04-D19B-45DC-84B5-CF7E6C5765EA} - System32\Tasks\G2MUploadTask-S-1-5-21-2521950895-1173571020-801938669-1001 => C:\Users\Kinderen\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {EE740833-7979-4F9F-8E8A-CB6A2761A1A5} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1997120 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
 
(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3
Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{752F9817-1926-4559-A4F2-D645191A2D7F}: [DhcpNameServer] 195.130.131.3 195.130.130.3
 
FireFox:
========
FF DefaultProfile: ni1z7hs4.default-1612611984064
FF ProfilePath: C:\Users\omar\AppData\Roaming\Mozilla\Firefox\Profiles\ni1z7hs4.default-1612611984064 [2021-02-06]
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Bestand niet getekend]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default [2021-02-06]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is ingeschakeld.
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-31]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (AdBlock - de beste advertentieblokker) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-15]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-15]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (SiteBlock) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2018-10-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-05]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-06]
CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-02-06]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-06]
CHR Extension: (Presentaties) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]
CHR Extension: (Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]
CHR Extension: (Google Drive) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]
CHR Extension: (YouTube) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-06]
CHR Extension: (Spreadsheets) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]
CHR Extension: (Offline Documenten) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]
CHR Extension: (Avast Online Security) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-02-06]
CHR Extension: (Connective signing extension) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-02-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\omar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]
CHR Profile: C:\Users\omar\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-06]
CHR HKU\S-1-5-21-2521950895-1173571020-801938669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\elevation_service.exe [1234712 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe [73200 2020-12-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44064 2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2017-07-05] (My Digital Life Forums) [Bestand niet getekend]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-08-11] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [130592 2021-02-07] (Malwarebytes Inc -> Malwarebytes)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2012-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een maand (aangemaakt) (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
 
2021-02-07 08:16 - 2021-02-07 08:16 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-02-07 08:15 - 2021-02-07 08:16 - 000000000 ____D C:\Users\omar\AppData\LocalLow\IGDump
2021-02-07 08:15 - 2021-02-07 08:15 - 000130592 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-02-07 08:15 - 2021-02-07 08:15 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-02-06 23:30 - 2021-02-06 23:30 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2021-02-06 23:30 - 2021-02-06 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2021-02-06 23:30 - 2021-02-06 23:30 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2021-02-06 23:22 - 2021-02-06 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-06 23:22 - 2021-02-06 23:22 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-06 20:32 - 2021-02-07 08:25 - 000000000 ____D C:\FRST
2021-02-06 20:19 - 2021-02-06 20:20 - 000415696 _____ C:\Windows\Minidump\020621-60512-01.dmp
2021-02-06 18:44 - 2021-02-06 18:44 - 000001960 _____ C:\ProgramData\Bureaublad\Google Slides.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000001958 _____ C:\ProgramData\Bureaublad\Google Sheets.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000001948 _____ C:\ProgramData\Bureaublad\Google Docs.lnk
2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-02-06 18:44 - 2021-02-06 18:44 - 000000000 ____D C:\Program Files\Google
2021-02-06 18:26 - 2021-02-06 18:26 - 000000000 ____D C:\Users\omar\AppData\Local\OneDrive
2021-02-06 13:01 - 2021-02-06 13:02 - 000415600 _____ C:\Windows\Minidump\020621-70949-01.dmp
2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ C:\Users\omar\AppData\Local\Resmon.ResmonCfg
2021-02-06 12:37 - 2021-02-06 12:37 - 000000831 _____ C:\ProgramData\Bureaublad\VLC media player.lnk
2021-02-06 12:25 - 2021-02-06 12:25 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-02-06 12:25 - 2021-02-06 12:25 - 000001031 _____ C:\ProgramData\Bureaublad\TeamViewer.lnk
2021-02-06 12:16 - 2021-02-06 12:16 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-06 12:12 - 2021-02-06 12:12 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-06 12:06 - 2021-02-06 12:06 - 000000000 ____D C:\ProgramData\Google
2021-02-06 12:03 - 2021-02-06 12:03 - 000000000 ____D C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2021-02-06 11:21 - 2021-02-06 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-06 11:18 - 2021-02-06 11:18 - 000000000 ____D C:\Users\omar\AppData\Roaming\Dropbox
2021-02-06 11:17 - 2021-02-06 11:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-06 11:17 - 2021-02-06 11:17 - 000004006 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2021-02-06 11:17 - 2021-02-06 11:17 - 000003754 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2021-02-06 11:16 - 2021-02-06 20:12 - 000000000 ____D C:\Users\omar\AppData\Local\Dropbox
2021-02-06 11:16 - 2021-02-06 11:16 - 000000000 ____D C:\ProgramData\Dropbox
2021-02-06 10:29 - 2021-02-06 10:29 - 000002281 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-06 10:29 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Roaming\Teams
2021-02-06 10:23 - 2021-02-06 10:29 - 000000000 ____D C:\Users\omar\AppData\Local\SquirrelTemp
2021-02-06 08:36 - 2021-02-06 08:36 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Teams
2021-02-06 08:34 - 2021-02-06 08:37 - 000000000 ____D C:\Users\Kinderen\AppData\Local\SquirrelTemp
2021-02-06 01:44 - 2021-02-06 18:29 - 000000000 ___RD C:\Users\omar\OneDrive
2021-02-06 01:44 - 2021-02-06 18:26 - 000003170 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2521950895-1173571020-801938669-1000
2021-02-06 01:44 - 2021-02-06 18:25 - 000002154 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2021-02-06 01:43 - 2021-02-06 01:43 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-02-06 01:42 - 2021-02-06 01:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-06 01:38 - 2021-02-06 18:27 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype voor Bedrijven.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-02-06 01:38 - 2021-02-06 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's
2021-02-06 01:32 - 2021-02-06 01:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-02-06 01:27 - 2021-02-06 10:34 - 000000000 ____D C:\Windows\system32\MRT
2021-02-06 00:57 - 2021-02-06 00:57 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-02-06 00:42 - 2021-02-06 00:42 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Foxit
2021-02-06 00:41 - 2021-02-06 00:41 - 000001351 _____ C:\ProgramData\Bureaublad\Foxit Reader.lnk
2021-02-06 00:40 - 2021-02-06 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-02-05 23:53 - 2021-02-06 12:27 - 000000000 ____D C:\Users\omar\AppData\Local\TeamViewer
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-02-03 12:50 - 2021-02-03 12:50 - 000044064 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-01-16 07:36 - 2021-02-06 11:36 - 000000000 ____D C:\Windows\system32\appmgmt
 
==================== Een maand (gewijzigd) ==================
 
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
 
2021-02-07 08:17 - 2017-07-05 22:07 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeraCopy
2021-02-07 08:17 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-07 08:13 - 2017-07-05 22:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-07 08:13 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-07 08:10 - 2017-07-05 22:02 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-07 04:33 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-07 04:33 - 2009-07-14 05:45 - 000033952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-06 23:30 - 2017-07-05 21:47 - 000000000 ____D C:\Users\omar
2021-02-06 23:24 - 2017-07-05 22:25 - 000000000 ____D C:\Users\omar\AppData\Local\CrashDumps
2021-02-06 20:56 - 2018-03-26 13:16 - 000000000 ____D C:\Users\omar\AppData\Local\AVAST Software
2021-02-06 20:22 - 2017-07-05 22:04 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-02-06 20:19 - 2019-02-03 08:57 - 000000000 ____D C:\Windows\Minidump
2021-02-06 19:28 - 2019-02-15 09:31 - 000000000 ____D C:\Users\omar\AppData\Roaming\Skype
2021-02-06 19:26 - 2019-02-15 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-06 19:24 - 2017-07-08 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2021-02-06 19:24 - 2017-07-05 21:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-06 18:44 - 2017-12-31 13:04 - 000000000 ____D C:\Users\omar\AppData\Local\Google
2021-02-06 16:12 - 2017-07-05 22:02 - 000110768 _____ C:\Users\omar\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-06 13:02 - 2009-07-14 05:45 - 000432616 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-06 13:00 - 2017-07-05 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-06 12:53 - 2017-07-05 22:00 - 000001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk
2021-02-06 12:53 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\TeraCopy
2021-02-06 12:53 - 2017-07-05 21:53 - 000000000 ____D C:\Users\omar\AppData\LocalLow\Mozilla
2021-02-06 12:38 - 2017-09-04 19:04 - 000000000 ____D C:\Users\omar\AppData\Roaming\vlc
2021-02-06 12:17 - 2020-08-11 22:22 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-06 12:17 - 2019-11-17 15:41 - 000001908 _____ C:\ProgramData\Bureaublad\Malwarebytes.lnk
2021-02-06 12:16 - 2020-08-16 11:50 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-06 12:12 - 2020-01-28 18:46 - 000000000 ____D C:\Users\omar\AppData\Roaming\Zoom
2021-02-06 12:04 - 2017-12-31 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-06 11:44 - 2017-07-05 23:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-06 11:44 - 2017-07-05 23:13 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-06 11:44 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-02-06 11:42 - 2009-07-14 10:57 - 000000000 ____D C:\Windows\ShellNew
2021-02-06 11:39 - 2020-03-25 18:00 - 000000000 ____D C:\Program Files (x86)\Mixlr
2021-02-06 11:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-02-06 11:38 - 2017-07-24 21:48 - 000000000 ____D C:\Program Files (x86)\Athan
2021-02-06 11:32 - 2020-08-13 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2021-02-06 11:32 - 2020-08-13 10:33 - 000000000 ____D C:\Users\omar\AppData\Roaming\Tencent
2021-02-06 11:31 - 2020-03-22 16:36 - 000000000 ____D C:\Users\omar\AppData\Local\Roblox
2021-02-06 11:23 - 2019-11-17 15:42 - 000000000 ____D C:\Users\omar\AppData\Local\cache
2021-02-06 10:35 - 2017-07-05 22:00 - 000000000 ____D C:\Users\omar\AppData\Roaming\TeamViewer
2021-02-06 09:03 - 2020-01-05 17:44 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-06 08:59 - 2019-11-17 16:39 - 000000000 ____D C:\Users\Kinderen\AppData\Local\CrashDumps
2021-02-06 08:40 - 2020-06-28 08:04 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-06 08:40 - 2020-06-28 08:04 - 000002192 _____ C:\ProgramData\Bureaublad\Microsoft Edge.lnk
2021-02-06 08:37 - 2019-11-17 16:36 - 000112712 _____ C:\Users\Kinderen\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-06 03:19 - 2017-07-05 22:00 - 000000000 ____D C:\Program Files\WinRAR
2021-02-06 03:00 - 2017-12-31 13:03 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-06 02:47 - 2018-03-26 13:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-06 02:46 - 2019-04-12 06:00 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-02-06 02:03 - 2019-11-17 16:36 - 000001074 _____ C:\Users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-02-06 02:03 - 2017-07-05 21:47 - 000001074 _____ C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-02-06 00:42 - 2017-08-28 13:14 - 000000000 ____D C:\ProgramData\Foxit Software
2021-02-06 00:34 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\system32\Macromed
2021-02-06 00:33 - 2017-07-09 10:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-02-06 00:27 - 2018-01-02 12:37 - 000000000 ____D C:\ProgramData\Cold Turkey
2021-02-06 00:00 - 2020-11-01 16:36 - 000003446 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b05e61539d0e
2021-02-06 00:00 - 2020-06-28 08:03 - 000003574 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-06 00:00 - 2017-12-31 13:03 - 000003490 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 00:00 - 2017-12-31 13:03 - 000003362 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-06 00:00 - 2017-12-07 07:44 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-02-05 08:16 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen\AppData\Local\Greenshot
2021-02-02 14:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-02-02 08:50 - 2018-01-09 11:33 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-02-01 20:11 - 2009-07-14 10:16 - 000745748 _____ C:\Windows\system32\perfh013.dat
2021-02-01 20:11 - 2009-07-14 10:16 - 000153700 _____ C:\Windows\system32\perfc013.dat
2021-02-01 20:11 - 2009-07-14 06:13 - 001670888 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-01 00:08 - 2019-11-17 16:36 - 000000000 ____D C:\Users\Kinderen
2021-01-29 09:12 - 2020-02-25 11:21 - 000000000 ____D C:\Users\Kinderen\AppData\Roaming\vlc
2021-01-24 21:22 - 2020-01-05 17:44 - 000000256 _____ C:\Users\Kinderen\AppData\LocalLow\rbxcsettings.rbx
2021-01-16 08:14 - 2020-02-25 09:28 - 000000000 ____D C:\found.003
2021-01-14 20:19 - 2020-06-17 10:21 - 000004074 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1592385690
2021-01-08 12:38 - 2017-07-05 22:03 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
 
==================== Bestanden in de root van sommige mappen ========
 
2021-02-06 12:46 - 2021-02-06 12:46 - 000007605 _____ () C:\Users\omar\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
 
LastRegBack: 2021-02-01 08:49
==================== Einde van FRST.txt ========================

  • 0

#6
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 04-02-2021
Gestart door omar (07-02-2021 08:26:53)
Gestart vanaf D:\OneDrive\Bureaublad
Windows 7 Professional Service Pack 1 (X64) (2017-07-05 20:46:57)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2521950895-1173571020-801938669-500 - Administrator - Disabled)
Gast (S-1-5-21-2521950895-1173571020-801938669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2521950895-1173571020-801938669-1003 - Limited - Enabled)
Kinderen (S-1-5-21-2521950895-1173571020-801938669-1001 - Limited - Enabled) => C:\Users\Kinderen
omar (S-1-5-21-2521950895-1173571020-801938669-1000 - Administrator - Enabled) => C:\Users\omar
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)
 
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.0.7844.104 - De auteurs van Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{16044E2C-5ADC-4C34-B2FB-5A2E0B6908F6}) (Version: 88.0.4324.33 - Google Inc.)
CrystalDiskInfo 8.9.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Dropbox (HKLM-x32\...\Dropbox) (Version: 115.4.601 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
Gebruikersregistratie voor Canon MG5700 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5700 series) (Version:  - ‭Canon Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.5 - Intel)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.12527.21504 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 72.0.2 (x64 nl)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
NVIDIA 3D Vision controllerstuurprogramma 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.12527.21504 - Microsoft Corporation) Hidden
OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
Pokémon Trading Card Game Online (HKLM-x32\...\{F72A85B1-30EA-4555-B45D-C5CE169ACA4D}) (Version: 2.74.0 - The Pokémon Company International)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Skype versie 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TeraCopy version 3.5 (HKLM\...\TeraCopy_is1) (Version: 3.5 - Code Sector)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\WinDirStat) (Version:  - )
Zoom (HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\ZoomUMX) (Version: 5.5.1 (12488.0202) - Zoom Video Communications, Inc.)
 
==================== Aangepaste CLSID (gefilterd): ==============
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2521950895-1173571020-801938669-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\omar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2021-02-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
 
==================== Codecs (gefilterd) ====================
 
==================== Snelkoppelingen & WMI ========================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
ShortcutWithArgument: C:\Users\omar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
 
==================== Geladen Modules (gefilterd) =============
 
2021-02-07 08:16 - 2021-02-07 08:16 - 000114176 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_ctypes.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000172544 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_elementtree.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 002255872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_hashlib.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000032256 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_multiprocessing.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000046080 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_psutil_windows.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000047616 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_socket.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 002824704 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_ssl.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000026112 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\_yappi.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000080896 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\bz2.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000015872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\common.time34.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000007680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\hashobjs_ext.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000301568 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\PIL._imaging.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000168448 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\pyexpat.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 001084416 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\pysqlite2._sqlite.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000548864 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\pythoncom27.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 000137728 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\pywintypes27.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 000010752 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\select.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000020992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\thumbnails_ext.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000689664 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\unicodedata.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000119808 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\usb_ext.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000128512 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32api.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000438784 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32com.shell.shell.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000011776 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32crypt.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000023040 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32event.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000149504 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32file.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000223232 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32gui.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000048128 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32inet.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000029696 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32pdh.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000027648 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32pipe.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000044032 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32process.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000020480 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32profile.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000136192 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32security.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000026624 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\win32ts.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000034304 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\windows.conditional.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000037888 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\windows.connectivity.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000071680 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\windows.device_monitor.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000103936 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\windows.volumes.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000019968 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\windows.winwrap.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 001325056 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._controls_.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 001489408 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._core_.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 001007104 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._gdi_.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000103424 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._html2.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 000916992 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._misc_.pyd
2021-02-07 08:16 - 2021-02-07 08:16 - 001039872 _____ () [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wx._windows_.pyd
2018-11-05 21:07 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-11-05 21:07 - 2015-01-09 08:45 - 000008704 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_NLD.DLL
2018-01-09 11:33 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2018-11-05 21:13 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2018-11-05 21:13 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2018-01-09 11:42 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [Bestand niet getekend] C:\Windows\System32\CNMN6PPM.DLL
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 18:31 - 2020-07-09 18:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1043\avast.local_vc142.crt\VCRUNTIME140.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\MSVCP140.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\ucrtbase.DLL
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140.dll
2021-02-06 20:24 - 2021-02-06 20:24 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21020604\avast.local_vc142.crt\VCRUNTIME140_1.dll
2017-12-10 03:03 - 2017-10-27 17:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2017-12-10 03:04 - 2017-10-27 17:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 003043328 _____ (Python Software Foundation) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\python27.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 000202240 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxbase30u_net_vc90_x64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 002831872 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxbase30u_vc90_x64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 001654784 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxmsw30u_adv_vc90_x64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 006542336 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxmsw30u_core_vc90_x64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 000773632 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxmsw30u_html_vc90_x64.dll
2021-02-07 08:16 - 2021-02-07 08:16 - 000137216 _____ (wxWidgets development team) [Bestand niet getekend] C:\Users\omar\AppData\Local\Temp\_MEI46562\wxmsw30u_webview_vc90_x64.dll
 
==================== Alternate Data Streams (gefilterd) ========
 
==================== Veilige Modus (gefilterd) ==================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Bestandskoppeling (gefilterd) =================
 
==================== Internet Explorer (Versie 11) (gefilterd) ==========
 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Geen Naam -> {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} -> Geen bestand
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)
 
IE trusted site: HKU\S-1-5-21-2521950895-1173571020-801938669-1000\...\sharepoint.com -> hxxps://adite-files.sharepoint.com
 
==================== Hosts inhoud: =========================
 
(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)
 
2009-07-14 03:34 - 2019-01-04 08:43 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Andere gebieden ===========================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-2521950895-1173571020-801938669-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\omar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
==================== Firewall regels (gefilterd) ================
 
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7C7F1E6-B620-40B2-AD7C-6EFCCA078229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9470E03-8635-4FDB-ADED-5F54D179152F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{97A1F2BA-66A7-4223-B797-0A5159847653}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => Geen bestand
FirewallRules: [TCP Query User{B3E1862B-4074-491B-8C6A-ED135629DCF3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C365B3E4-B724-4003-A3A9-01AF44D8484A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ACAACD1A-3E98-47F7-A253-74F981FC1832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56E0F94C-B504-4241-8085-786D0D5CD7EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B63DB91E-9599-4DD6-B856-D15997DDF085}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9D323FF3-F0C9-466B-8551-2E5DD86AFF8B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8BBD55AA-46D4-4743-9652-ABFB38F03210}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFAFE3C-427C-43C1-B606-E4C704533D81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF000D1D-6B2E-423F-8658-F4836589BD52}] => (Allow) C:\Users\omar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C836DECF-176A-464A-94EE-CEF6CD93BA91}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCAD8BC0-A475-419B-865E-B204E8A99D43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE0E4F9B-463D-4CC0-B066-EFDE90D4075D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC900573-5D4F-473E-8E6D-21EF930DBDBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DBD019B-6563-450E-8866-0A53519E0AA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09B394C0-0755-4AB0-A99A-394533B67FD3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4CD53674-1BC2-436F-839E-540049ECBEA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{86932603-17E4-4EF8-81A7-AC37DB155DA8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{13801A05-9309-422F-BA2B-5D8792338FE7}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\88.0.4324.33\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{C0483B50-45EB-4235-9E12-1A1EAE381A79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E105023-0F0C-44BE-B2B4-73105D002729}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8FC1C608-AA1A-408C-9637-C37069D34463}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16066DD5-608F-4C01-93F3-54DA79B4494C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D8469D98-01D4-4B1B-9299-8D28B6551E5A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BD7DCBC-A937-4ED8-BCD1-DAB7740A19F4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Herstelpunten =========================
 
06-02-2021 15:28:53 Gepland controlepunt
06-02-2021 19:24:20 Removed TP-LINK Wireless Configuration Utility
 
==================== Defecte Apparaatbeheer Apparaten ============
 
Name: PCI Simple Communications-controller
Description: PCI Simple Communications-controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Eventlog fouten: ========================
 
Applicatiefouten:
==================
Error: (02/07/2021 08:14:15 AM) (Source: chromoting) (EventID: 3) (User: )
Description: Toegang geweigerd voor client: [email protected]/chromoting_ftl_607fb2c4-e6b6-4ccd-99a9-41fd8b2c8cc4.
 
 
Systeemfouten:
=============
Error: (02/07/2021 08:20:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.
 
Error: (02/07/2021 08:16:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TeamViewer.
 
Error: (02/07/2021 08:13:11 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule kan niet worden gestart.
 
Pad naar module: C:\Windows\system32\Rtlihvs.dll
Foutcode: 126
 
Error: (02/07/2021 08:12:06 AM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.
 
Error: (02/07/2021 08:12:06 AM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.
 
 
==================== Geheugen info =========================== 
 
BIOS: American Megatrends Inc. 1502 03/02/2011
Moederbord: ASUSTeK Computer INC. P8P67 PRO
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage geheugen in gebruik: 88%
Totaal fysiek RAM-geheugen: 4072.95 MB
Beschikbaar fysiek RAM-geheugen: 451.26 MB
Totaal Virtueel geheugen: 17383.09 MB
Beschikbaar Virtueel geheugen: 13232.77 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:136.62 GB) (Free:69.11 GB) NTFS
Drive d: (Data) (Fixed) (Total:329.04 GB) (Free:309.75 GB) NTFS
 
\\?\Volume{17b560d9-61b9-11e7-a249-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partitietabel ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 000F08CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=136.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329 GB) - (Type=07 NTFS)
 
==================== Einde van Addition.txt =======================

  • 0

#7
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
==================================================
Dump File         : 020621-60512-01.dmp
Crash Time        : 6/02/2021 20:17:41
Bug Check String  : KERNEL_DATA_INPAGE_ERROR
Bug Check Code    : 0x0000007a
Parameter 1       : fffff6fc`400082a8
Parameter 2       : ffffffff`c0000185
Parameter 3       : 00002001`1248d860
Parameter 4       : fffff880`0105593c
Caused By Driver  : ataport.SYS
Caused By Address : ataport.SYS+1e93c
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+93ea0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\020621-60512-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 415.696
Dump File Time    : 6/02/2021 20:20:07
==================================================
 
==================================================
Dump File         : 020621-70949-01.dmp
Crash Time        : 6/02/2021 12:59:12
Bug Check String  : KERNEL_DATA_INPAGE_ERROR
Bug Check Code    : 0x0000007a
Parameter 1       : fffff6fc`400082c0
Parameter 2       : ffffffff`c0000185
Parameter 3       : 00002000`1ef5b860
Parameter 4       : fffff880`0105893c
Caused By Driver  : ataport.SYS
Caused By Address : ataport.SYS+1e93c
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+93ea0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\020621-70949-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 415.600
Dump File Time    : 6/02/2021 13:02:06
==================================================

  • 0

#8
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 89.72 0 K 24 K 0
remoting_host.exe 3.51 86.916 K 71.876 K 1704 Hostproces Google Inc. (Verified) Google LLC
remoting_host.exe 3.38 11.052 K 20.712 K 4268 Hostproces Google Inc. (Verified) Google LLC
procexp64.exe 1.63 30.180 K 50.120 K 2472 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.49 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.30 216 K 3.432 K 4
FoxitReaderUpdateService.exe 0.17 1.448 K 1.280 K 2200 Foxit Reader Update Service Foxit Software Inc. (Verified) FOXIT SOFTWARE INC.
csrss.exe 0.10 19.932 K 13.720 K 612 Runtimeproces voor client-server Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.10 200.404 K 236.588 K 4252 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
MBAMService.exe 0.09 260.468 K 146.604 K 2808 Malwarebytes Service Malwarebytes (Verified) Malwarebytes Inc
svchost.exe 0.09 25.768 K 28.092 K 284 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.07 98.976 K 41.068 K 1516 Avast Service AVAST Software (Verified) Avast Software s.r.o.
googledrivesync.exe 0.07 161.652 K 106.112 K 6904 (Verified) Google LLC
audiodg.exe 0.07 26.392 K 16.684 K 1112 Grafiekisolatie voor Windows-audioapparaten Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe 0.04 30.392 K 36.012 K 3128 Avast Antivirus AVAST Software (Verified) Avast Software s.r.o.
CNMNSST.exe 0.04 2.268 K 3.408 K 1644 Canon IJ Network Scanner Selector EX CANON INC. (Verified) Canon Inc.
explorer.exe 0.02 59.024 K 74.136 K 7840 Windows Verkenner Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 12.388 K 8.508 K 6032 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
aswEngSrv.exe 0.02 57.028 K 85.304 K 3032 Avast Antivirus engine server AVAST Software (Verified) Avast Software s.r.o.
aswidsagent.exe 0.01 32.464 K 31.760 K 3624 Avast Software Analyzer AVAST Software (Verified) Avast Software s.r.o.
svchost.exe 0.01 7.632 K 6.908 K 1964 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 8.904 K 6.764 K 4904 Hostproces voor Windows-taken Microsoft Corporation (Verified) Microsoft Windows
ijplmsvc.exe 0.01 1.496 K 2.920 K 2280 Inkjet Printer/Scanner/Fax Extended Survey Program Service (Verified) Canon Inc.
TeamViewer_Service.exe < 0.01 19.308 K 5.020 K 2496 TeamViewer TeamViewer Germany GmbH (Verified) TeamViewer Germany GmbH
OfficeClickToRun.exe < 0.01 30.840 K 30.364 K 1728 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
QtWebEngineProcess.exe < 0.01 38.428 K 52.320 K 4776 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
svchost.exe < 0.01 24.176 K 10.340 K 1272 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 22.952 K 13.336 K 560 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 22.916 K 12.264 K 3836 Indexeerfunctie van Microsoft Windows Search Microsoft Corporation (Verified) Microsoft Windows
CNQMUPDT.EXE < 0.01 28.924 K 17.484 K 2760 Canon Quick Menu Updater CANON INC. (Verified) Canon Inc.
OneDrive.exe < 0.01 18.488 K 23.804 K 5896 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe < 0.01 6.140 K 8.044 K 732 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe < 0.01 5.404 K 3.952 K 6748 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
mbamtray.exe < 0.01 26.896 K 13.848 K 2288 Malwarebytes Tray Application Malwarebytes (Verified) Malwarebytes Inc
svchost.exe < 0.01 12.164 K 11.484 K 736 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
OneDrive.exe < 0.01 23.008 K 20.372 K 4516 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe < 0.01 2.472 K 2.500 K 552 Runtimeproces voor client-server Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe < 0.01 8.100 K 5.248 K 1888 Toepassing voor Spooler-subsysteem Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 5.464 K 5.256 K 992 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 188.312 K 183.636 K 2428 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 13.764 K 13.308 K 836 Windows Media Player Network Sharing-service Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe < 0.01 12.952 K 30.156 K 5984 Avast Antivirus AVAST Software (Verified) Avast Software s.r.o.
NVDisplay.Container.exe < 0.01 23.348 K 9.396 K 1432 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
wuauclt.exe 2.468 K 7.780 K 6396 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3.488 K 7.904 K 4940 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3.312 K 1.816 K 668 Toepassing Windows-aanmelden Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1.720 K 536 K 620 Windows Toepassing Opstarten Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1.792 K 1.960 K 2700 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
TeraCopyService.exe 2.632 K 1.016 K 908 (Verified) Code Sector
taskeng.exe 2.276 K 3.316 K 4756 Taakplanner-engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 11.968 K 9.500 K 808 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 11.712 K 9.068 K 1996 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4.784 K 5.052 K 848 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.892 K 4.756 K 6956 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2.140 K 2.772 K 2408 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4.188 K 1.336 K 2136 Hostproces voor Windows-services Microsoft Corporation (Verified) Microsoft Windows
splwow64.exe 3.428 K 4.736 K 6576 Print driver host for 32bit applications Microsoft Corporation (Verified) Microsoft Windows
smss.exe 540 K 744 K 360 Windows-sessiebeheer Microsoft Corporation (Verified) Microsoft Windows
services.exe 5.188 K 5.672 K 716 Services en controllertoepassingen Microsoft Corporation (Verified) Microsoft Windows
remoting_host.exe 3.780 K 2.436 K 1548 Hostproces Google Inc. (Verified) Google LLC
RAVCpl64.exe 9.444 K 3.456 K 4528 Realtek HD Audio configuratie Realtek Semiconductor (Verified) Realtek Semiconductor Corp
QtWebEngineProcess.exe 37.652 K 44.620 K 4432 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
OpenDNSUpdater.exe 4.784 K 4.992 K 4520 (Geen handtekening aanwezig in het onderwerp)
NvTelemetryContainer.exe 3.592 K 2.216 K 2340 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
NVDisplay.Container.exe 4.732 K 4.724 K 940 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
lsm.exe 2.908 K 2.332 K 740 Local Session Manager-service Microsoft Corporation (Verified) Microsoft Windows
KMS Server Service.exe 1.104 K 728 K 2312 KMS Server Emulator Service My Digital Life Forums (Geen handtekening aanwezig in het onderwerp) My Digital Life Forums
googledrivesync.exe 3.156 K 1.548 K 4656 (Verified) Google LLC
GoogleCrashHandler64.exe 1.860 K 448 K 6412 Google Crash Handler Google LLC (Verified) Google LLC
GoogleCrashHandler.exe 1.652 K 664 K 6252 Google Crash Handler Google LLC (Verified) Google LLC
dwm.exe 3.524 K 2.604 K 5000 Beheer van bureaubladvensters Microsoft Corporation (Verified) Microsoft Windows
DropboxUpdate.exe 2.352 K 304 K 3460 Dropbox Update Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe 3.928 K 3.672 K 6688 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
DbxSvc.exe 3.340 K 1.104 K 1084 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
CNQMMAIN.EXE 69.184 K 16.804 K 4380 Canon Quick Menu CANON INC. (Verified) Canon Inc.
AvastUI.exe 14.032 K 31.884 K 2796 Avast Antivirus AVAST Software (Verified) Avast Software s.r.o.
AvastBrowserCrashHandler64.exe 2.044 K 664 K 5420 Avast Browser Crash Handler AVAST Software (Verified) Avast Software s.r.o.
AvastBrowserCrashHandler.exe 1.828 K 528 K 2508 Avast Browser Crash Handler AVAST Software (Verified) Avast Software s.r.o.
aswToolsSvc.exe 30.096 K 11.092 K 1788 Avast Antivirus AVAST Software (Verified) Avast Software s.r.o.

  • 0

#9
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
 
Imagenaam                 Proces-i Services                                    
========================= ======== ============================================
System Idle Process              0 n.v.t.                                      
System                           4 n.v.t.                                      
smss.exe                       360 n.v.t.                                      
csrss.exe                      552 n.v.t.                                      
csrss.exe                      612 n.v.t.                                      
wininit.exe                    620 n.v.t.                                      
winlogon.exe                   668 n.v.t.                                      
services.exe                   716 n.v.t.                                      
lsass.exe                      732 KeyIso, SamSs                               
lsm.exe                        740 n.v.t.                                      
svchost.exe                    848 DcomLaunch, PlugPlay, Power                 
TeraCopyService.exe            908 TeraCopyService                             
NVDisplay.Container.exe        940 NVDisplay.ContainerLocalSystem              
svchost.exe                    992 RpcEptMapper, RpcSs                         
svchost.exe                    560 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                    808 AudioEndpointBuilder, CscService,           
                                   HomeGroupListener, Netman, PcaSvc, TrkWks,  
                                   UxSms, WdiSystemHost, Wlansvc               
svchost.exe                    736 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost                         
svchost.exe                    284 AeLookupSvc, Appinfo, BITS, Browser,        
                                   CertPropSvc, EapHost, gpsvc, IKEEXT,        
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,     
                                   Schedule, SENS, ShellHWDetection, Themes,   
                                   Winmgmt, wuauserv                           
audiodg.exe                   1112 n.v.t.                                      
svchost.exe                   1272 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
NVDisplay.Container.exe       1432 n.v.t.                                      
AvastSvc.exe                  1516 avast! Antivirus                            
aswToolsSvc.exe               1788 avast! Tools                                
spoolsv.exe                   1888 Spooler                                     
svchost.exe                   1964 FDResPub, SCardSvr, SSDPSRV, upnphost       
svchost.exe                   1996 BFE, DPS, MpsSvc                            
remoting_host.exe             1548 chromoting                                  
OfficeClickToRun.exe          1728 ClickToRunSvc                               
remoting_host.exe             1704 n.v.t.                                      
DbxSvc.exe                    1084 DbxSvc                                      
svchost.exe                   2136 DiagTrack                                   
FoxitReaderUpdateService.     2200 FoxitReaderUpdateService                    
ijplmsvc.exe                  2280 IJPLMSVC                                    
KMS Server Service.exe        2312 KMSServerService                            
NvTelemetryContainer.exe      2340 NvTelemetryContainer                        
svchost.exe                   2408 stisvc                                      
svchost.exe                   2428 SysMain                                     
TeamViewer_Service.exe        2496 TeamViewer                                  
MBAMService.exe               2808 MBAMService                                 
aswEngSrv.exe                 3032 n.v.t.                                      
aswidsagent.exe               3624 aswbIDSAgent                                
unsecapp.exe                  2700 n.v.t.                                      
remoting_host.exe             4268 n.v.t.                                      
taskeng.exe                   4756 n.v.t.                                      
taskhost.exe                  4904 n.v.t.                                      
dwm.exe                       5000 n.v.t.                                      
DropboxUpdate.exe             3460 n.v.t.                                      
RAVCpl64.exe                  4528 n.v.t.                                      
OpenDNSUpdater.exe            4520 n.v.t.                                      
OneDrive.exe                  4516 n.v.t.                                      
googledrivesync.exe           4656 n.v.t.                                      
SearchIndexer.exe             3836 WSearch                                     
AvastUI.exe                   3128 n.v.t.                                      
wmpnetwk.exe                   836 WMPNetworkSvc                               
CNMNSST.exe                   1644 n.v.t.                                      
CNQMMAIN.EXE                  4380 n.v.t.                                      
AvastBrowserCrashHandler.     2508 n.v.t.                                      
AvastBrowserCrashHandler6     5420 n.v.t.                                      
svchost.exe                   6032 p2pimsvc, p2psvc, PNRPsvc                   
Dropbox.exe                   4252 n.v.t.                                      
mbamtray.exe                  2288 n.v.t.                                      
OneDrive.exe                  5896 n.v.t.                                      
GoogleCrashHandler.exe        6252 n.v.t.                                      
GoogleCrashHandler64.exe      6412 n.v.t.                                      
Dropbox.exe                   6688 n.v.t.                                      
Dropbox.exe                   6748 n.v.t.                                      
splwow64.exe                  6576 n.v.t.                                      
googledrivesync.exe           6904 n.v.t.                                      
CNQMUPDT.EXE                  2760 n.v.t.                                      
QtWebEngineProcess.exe        4776 n.v.t.                                      
QtWebEngineProcess.exe        4432 n.v.t.                                      
svchost.exe                   6956 SDRSVC                                      
wuauclt.exe                   6396 n.v.t.                                      
WmiPrvSE.exe                  4940 n.v.t.                                      
AvastUI.exe                   2796 n.v.t.                                      
AvastUI.exe                   5984 n.v.t.                                      
explorer.exe                  7840 n.v.t.                                      
notepad.exe                   7404 n.v.t.                                      
cmd.exe                       5300 n.v.t.                                      
conhost.exe                   7784 n.v.t.                                      
tasklist.exe                  5660 n.v.t.                                      
WmiPrvSE.exe                  2420 n.v.t.                                      

  • 0

#10
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

SPECCY LOG

Attached Files


  • 0

Advertisements


#11
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:01:59  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        OMAR-PC
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x64)
Hardware:                                             System Product Name, System manufacturer
CPU:                                                  GenuineIntel Intel® Core™ i5-2400 CPU @ 3.10GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  4072 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   3110 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   342,412195
Average measured interrupt to process latency (µs):   5,606614
 
Highest measured interrupt to DPC latency (µs):       266,357179
Average measured interrupt to DPC latency (µs):       1,606559
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              165,310611
Driver with highest ISR routine execution time:       dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0,072166
Driver with highest ISR total time:                   dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
 
Total time spent in ISRs (%)                          0,121329
 
ISR count (execution time <250 µs):                   61821
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              306,898714
Driver with highest DPC routine execution time:       tcpip.sys - TCP/IP-stuurprogramma, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0,065088
Driver with highest DPC total execution time:         nusb3xhc.sys - USB 3.0 Host Controller Driver, Renesas Electronics Corporation
 
Total time spent in DPCs (%)                          0,235853
 
DPC count (execution time <250 µs):                   220690
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              34
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 dropboxupdate.exe
 
Total number of hard pagefaults                       143
Hard pagefault count of hardest hit process:          68
Number of processes hit:                              13
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       2,638389
CPU 0 ISR highest execution time (µs):                165,310611
CPU 0 ISR total execution time (s):                   0,581376
CPU 0 ISR count:                                      61821
CPU 0 DPC highest execution time (µs):                306,898714
CPU 0 DPC total execution time (s):                   1,118894
CPU 0 DPC count:                                      217614
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0,807792
CPU 1 ISR highest execution time (µs):                0,0
CPU 1 ISR total execution time (s):                   0,0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                104,393891
CPU 1 DPC total execution time (s):                   0,001044
CPU 1 DPC count:                                      245
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0,446393
CPU 2 ISR highest execution time (µs):                0,0
CPU 2 ISR total execution time (s):                   0,0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                186,832476
CPU 2 DPC total execution time (s):                   0,006580
CPU 2 DPC count:                                      1588
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0,650453
CPU 3 ISR highest execution time (µs):                0,0
CPU 3 ISR total execution time (s):                   0,0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                29,145981
CPU 3 DPC total execution time (s):                   0,003623
CPU 3 DPC count:                                      1277
_________________________________________________________________________________________________________

  • 0

#12
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

DRIVER AND PROCESSOR JPG FILE

Attached Thumbnails

  • LATENCYMON_DRIVER_TAB.JPG
  • LATENCYMON_PROCESSOR_TAB.JPG

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,580 posts
  • MVP

Run TDSSKiller:

 

https://media.kasper.../tdsskiller.exe

 

Download, save, right click and run as admin.

 

Hit Start Scan

 

Does it find anything? If so then click on Report, select the whole text amd copy and paste into a reply.  Otherwise just report nothing found.

 

See if you can get MBAR to run:

 

https://www.malwareb...om/antirootkit/

 

 

 

Tonight run a boot-time scan with Avast while you sleep:

Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.

 

I don't have much time this morning.  Will add more later.


 


  • 0

#14
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

tdsskiller nothing found.  i-I did not changed the parameters, so ok?


  • 0

#15
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 453 posts

MBAB antirootkit, found 7 things, files en 2  registies, I choose to cleanup and reboot.

I found the log

 

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2021.02.07.02
  rootkit: v2021.02.07.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.19596
omar :: OMAR-PC [administrator]
 
7/02/2021 13:46:45
mbar-log-2021-02-07 (13-46-45).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 203664
Time elapsed: 35 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ic-0_RASAPI32 (Trojan.IStartSurf.Trace) -> Delete on reboot. [e23c7237f7eecc6a4ff0bf1fba4635cb]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ic-0_RASMANCS (Trojan.IStartSurf.Trace) -> Delete on reboot. [09152485eff6eb4be25d2bb3f0101de3]
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 4
C:\Users\omar\AppData\Roaming\Microleaves (Adware.OnlineIO) -> Delete on reboot. [60bed0d96184eb4b922460b214ec0ef2]
C:\Users\omar\AppData\Roaming\Microleaves\Online Application 2.6.0 (Adware.OnlineIO) -> Delete on reboot. [60bed0d96184eb4b922460b214ec0ef2]
C:\Users\omar\AppData\Roaming\Microleaves\Online Application 2.6.0\install (Adware.OnlineIO) -> Delete on reboot. [60bed0d96184eb4b922460b214ec0ef2]
C:\Users\omar\AppData\Roaming\Microleaves\Online Application 2.6.0\install\CFCBAA1 (Adware.OnlineIO) -> Delete on reboot. [60bed0d96184eb4b922460b214ec0ef2]
 
Files Detected: 1
C:\Windows\Temp\radeon\radeon86_64.exe (Trojan.ExtenBro) -> Delete on reboot. [fc22842570750c2adc45fa723dc6966a]
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)

Edited by HaraMo, 07 February 2021 - 07:41 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP