Good that we ran MBAR.
Looking at your event logs"
Applicatiefouten:==================Error: (02/07/2021 08:14:15 AM) (Source: chromoting) (EventID: 3) (User: )Description: Toegang geweigerd voor client: [email protected]/chromoting_ftl_607fb2c4-e6b6-4ccd-99a9-41fd8b2c8cc4.
Systeemfouten:=============Error: (02/07/2021 08:20:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: De Windows Update-service is bij het starten vastgelopen.
The fix for Windows Update problems is the oddly named:
System Update Readiness Tool for Windows 7
This link is for 64 bit:
This will pretend that it is installing a KB. Can take a few hours to complete.
Once that runs then get
KB3083710 and KB3102810
(You want the one that says: All supported x64-based versions of Windows 7) Each will take you to another page where you have to select your language before downloading.
Error: (02/07/2021 08:16:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TeamViewer.
Error: (02/07/2021 08:13:11 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)Description: WLAN-uitbreidingsmodule kan niet worden gestart.Pad naar module: C:\Windows\system32\Rtlihvs.dllFoutcode: 126
FRST did not see the file but it may be there a permission error. Seems like I vaguely remember that being a problem with the file. Rtlihvs.dll is actually a Realtek file but I think the TP-link Wireless adapter uses a Realtek chip. We can try a quick fixlist to see if we can unlock it.
fixlist.txt 230bytes 25 downloads
This one will be very quick and will not reboot. You should be able to see in the fixlog whether it found the file or not.
Error: (02/07/2021 08:12:06 AM) (Source: atapi) (EventID: 11) (User: )Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.Error: (02/07/2021 08:12:06 AM) (Source: atapi) (EventID: 11) (User: )Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort4.
I'm surprised to see an IDE controller but it may be for the DVD drive. This may be related to your BSOD. MBAM does some strange things with IDE controllers when it scans. Early versions of MBAM would crash with the same indication as you are getting. It's not supposed to be a problem these days but perhaps that's because there aren't a lot of IDE controllers. I do have a fix for this error that is supposed to work:
"a. Right-click Computer, and then click Manage.
b. Double-click System Tools in the right pane, and then double-click Device Manager.
c. Double-click IDE ATA/ATAPI Controller in the right pane, and then double-click the appropriate controller. (The sequence will be like this: drive 1 - IdePort0, drive 2 - IdePort1, drive 3 - IdePort2, drive 4 - IdePort3, drive 5 - IdePort4)
d. On the Advanced Settings tab, click PIO Only in the Transfer Mode box.
e. Click OK, close the Computer Management window, and then reboot the computer. Check if it helps."
Above from: https://answers.micr...42-ec49afff79eb
Looking at your Process Explorer log:
Not too bad. Chrome Remote is using some CPU but System Idle is almost 90%. Interrupts is very good so drivers are pretty decent. All but two files are signed and verified and the two that aren't never are.
The Junk file is just used if an SVCHOST file is using too much CPU. It helps identify the Windows Service(s) that is(are) riding on the different svchosts.
Speccy shows no problems with overheating. Your hard drive has a few bad sectors:
Attribute name Current Pending Sector Count
Real value 1
Raw Value 0000000001
Attribute name Uncorrectable Sector Count
Real value 2
Raw Value 0000000002
If these increase rapidly then the drive will need to be replaced but for now it looks OK.
Speccy did show a variable set by the infection we removed:
Right click the Computer icon on your desktop and choose Properties from the menu. Click on the Advanced system settings link and then click Environment Variables. Under the section System Variables, select the environment variable you want GPU_MAX_ALLOC_PERCENT , and click Delete.
If you have control of your router you can improve Wireless Performance by changing to a different channel. Currently you use Channel 6. Routers claim they will automatically pick the best channel but they seldom do. There is another router on the same channel and its signal is almost as strong as the one you are using so you will be getting a lot of interference which will drop your bit rate.
Double click to install it. Then run it by right click and Run As Admin.
It will show you a graph in the bottom that has your signal in blue and competing signals in orange and yellow. It may also recommend a different channel which might have less interference or you can choose a channel based on what you see on the chart.
Moving to a different channel (by logging on to your router) can drastically improve performance. If you have control of the router (password is often on the back or bottom) but don't know how to change the channel tell me the make and model.
Latency Monitor shows that dropbox is causing a lot of pagefaults. Do you pay for it? If not it would be wise to uninstall it.