SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Pagina 1 van de 2 12 LaatsteLaatste
Resultaten 1 tot 20 van de 23
  1. #1

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389

    veel vastlopers + link werkt niet

    Het ingevoerde bericht is te kort. Verleng het bericht tot minimaal 3 tekens.
    Bijgevoegde Bestanden Bijgevoegde Bestanden
    Laatst gewijzigd door f.r.a.n.k; 08-01-20 om 02:59.

  2. #2
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Goede morgen,

    Welke link werkt niet ?

  3. #3

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    De Farbar tool. Links klikken, enkel of dubbel, geeft een 404 error, zowel 32 als 64 bit versie.

    Rechts klikken en run as admin dan verschijnt dit (zie foto)
    Laatst gewijzigd door f.r.a.n.k; 14-01-20 om 08:42.

  4. #4

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Klik op Afbeelding voor grotere versie

Naam:      thumbnail.jpg
Bekeken:   29
Grootte:   89,8 KB
ID:        16070

  5. #5
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    klik op ignore

  6. #6

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    dan enkel een zwart DOS scherm met een cursor die pinkt, verder niks , geen start knop, geen scanner

  7. #7

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Hallo?
    De Farbar scan werkt niet of de link is kapot volgens mij.
    Kan iemand fixen of nakijken?

  8. #8
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links

    Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

    Farbar Recovery Scan Tool uitvoeren
    • Dubbelklik op FRST.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
    • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
    • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
    • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

  9. #9

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Nog es hetzelfde. 404 Not Found

  10. #10
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Download OTL naar je Bureaublad
    • Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
    • Zet een vinkje bij Scan All Users.
    • Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
      • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
      • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

  11. #11

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    OLT scan uitgevoerd.

    Eerst even dit. Onderstaand bericht naar Telenet en hun antwoord. Deze extra beveiligingstips gelezen maar nog niet uitgevoerd. Zelfde bericht ook gestuurd naar Base, ook van hen kreeg ik anti-phishing tips om nog uit te voeren.

    Betreft: hacking/spionage/online stalking

    Ik verdenk mijn buren ervan dat ze een manier hebben gevonden om spyware op mijn smartphone en pc te installeren.
    Ze kunnen zien welke sites ik bezoek op m'n pc én smartphone, locaties van mobiel toestel zien, sms berichten meelezen, kunnen meeluisteren via de micro, en zelfs meekijken met de achterste camera (de voorste niet, die heb ik afgeplakt).

    Op welke manier ze dat gedaan hebben weet ik niet. Wel zeker is dat mijn privacy ernstig geschonden word. Ik ben niet paranoia. Ze praten hun mond ver voorbij en ik geloof mijn oren wél. We zijn al lange tijd in een ruzie of een rare soort haat-liefde verhouding verwikkeld.

    In december '19 heb ik dit gemeld aan de gegevensbeschermingsautoriteit in Brussel. Zij konden me niet helpen wegens niet bedrijfsgerelateerd. Ze raadden me aan om naar de politie te gaan. Heb ik gedaan vrijdag 31/1. Ze hebben mijn klacht genoteerd, voorlopig is het nog afwachten wat het resultaat is.

    De privacyschending gebeurt dus vooral op m'n smartphone (merk HUAWEI, een bedrijf dat ook verdacht word van spionage), met Wi-Fi van Telenet. De SIM-kaart die erin zit komt van BASE.

    Wat kan ik doen om het te doen stoppen?
    Ik moet echt actie ondernemen, bewijs proberen vinden, en vraag daarvoor gespecialiseerde hulp. Want als ik niks doe word misschien ook mijn bankrekening leeggehaald.

    za 3:04 p.m.
    Gezien
    Telenet
    Hey Frankie. Goh, dat klinkt wel heel serieus zeg. Ik zou toch eens beginnen met het paswoord van je netwerk te veranderen. Ook kan je overwegen om Safespot te nemen. Hiermee kan je zelf heel je netwerk en al je apparaten beschermen. Je vindt er hier meer informatie over terug: http://bit.ly/347PYlj. Het laatste advies dat ik je nog kan geven is het onderzoek bij de politie af wachten.
    Filip
    za 4:32 p.m.
    Hallo Filip, het is ook behoorlijk serieus, deze spy dinges is nog maar een deel vh probleem. Bedankt voor de tips en link.
    ma 12:50 p.m
    Laatst gewijzigd door f.r.a.n.k; 26-02-20 om 14:42.

  12. #12

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    En hier de 2 OLT logs.

    Zijn hier sporen of bewijzen van spyware in te vinden? (BELANGRIJK!)

    OTL logfile created on: 26/02/2020 15:00:40 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Downloads
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.19596)
    Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

    1,97 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 76,17% Memory free
    3,93 Gb Paging File | 3,16 Gb Available in Paging File | 80,25% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 297,99 Gb Total Space | 88,01 Gb Free Space | 29,53% Space Free | Partition Type: NTFS

    Computer Name: KIDS-PC | User Name: KIDS | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2020/02/26 14:58:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.com
    PRC - [2020/02/11 01:14:01 | 005,446,216 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    PRC - [2020/02/08 15:49:49 | 005,570,712 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    PRC - [2020/02/08 12:42:45 | 008,000,600 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    PRC - [2020/02/08 12:42:45 | 000,029,272 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
    PRC - [2017/05/29 20:40:10 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2017/03/03 19:10:26 | 007,348,440 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
    PRC - [2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/07/14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe


    ========== Modules (No Company Name) ==========

    MOD - [2020/02/11 01:14:01 | 003,125,128 | ---- | M] () -- C:\Program Files\Malwarebytes\Anti-Malware\QtANGLE.dll
    MOD - [2020/02/08 12:42:45 | 000,442,968 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
    MOD - [2020/02/08 12:42:45 | 000,189,528 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
    MOD - [2020/02/08 12:42:45 | 000,138,336 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\liblz4.dll
    MOD - [2020/02/08 12:42:45 | 000,108,120 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Events.dll
    MOD - [2020/02/08 12:42:45 | 000,107,608 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
    MOD - [2020/02/08 12:42:45 | 000,087,128 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
    MOD - [2020/02/08 12:42:45 | 000,068,696 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\MozCompressor.dll
    MOD - [2020/02/08 12:42:45 | 000,062,040 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
    MOD - [2020/02/08 12:42:45 | 000,023,640 | ---- | M] () -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll
    MOD - [2020/01/16 17:01:22 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\baeba07d679c64186da10d94e07653b0 \System.WorkflowServices.ni.dll
    MOD - [2020/01/16 15:42:26 | 000,226,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4540d2764eeae15ed2fb9b6aeef7d91f \PresentationFramework.Classic.ni.dll
    MOD - [2020/01/16 15:42:19 | 014,357,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9035f8a425d5081e125987f4b018e7f0 \PresentationFramework.ni.dll
    MOD - [2020/01/16 15:42:05 | 012,260,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d75ae3419a23cebd3fadfb67b3e12db\Pre sentationCore.ni.dll
    MOD - [2020/01/16 15:41:55 | 003,358,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\02c69e21d72a00fbf7b717b4a4682d9a\WindowsB ase.ni.dll
    MOD - [2020/01/15 15:28:15 | 010,824,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2bef38851483abae82f1172c1aaa604c\System.ni.dll
    MOD - [2020/01/15 15:28:09 | 021,019,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\75b341f10c9579cbe1059d18f6f3b27b\mscorlib.ni .dll
    MOD - [2019/07/11 16:13:26 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\90aa1fea68aaf4cbc9e944c33bf725f4 \System.ServiceModel.Web.ni.dll
    MOD - [2019/07/10 02:27:45 | 001,090,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\428e48b9524bf09741eb25fe3875cecd \System.IdentityModel.ni.dll
    MOD - [2019/07/10 02:27:44 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3dfbba7cde935a8e49a4d49b9006c4a9 \System.Runtime.Serialization.ni.dll
    MOD - [2019/07/10 02:27:41 | 017,496,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\881bcf4616a4cbafef3fe066a23988f9\ System.ServiceModel.ni.dll
    MOD - [2019/07/10 02:27:24 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\68aa76137a27fd9c275dd6c05e478c3f\SMDiag nostics.ni.dll
    MOD - [2019/05/15 13:05:53 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\d57f656331dc82ad5a83b9843c3e2484\Syst em.Xml.Linq.ni.dll
    MOD - [2019/05/15 13:05:24 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\c4244e0e8998fbe57733e0cbec6563fc \System.ComponentModel.DataAnnotations.ni.dll
    MOD - [2019/05/15 13:04:54 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3b259d3ceb1962e723584a04cfab357a\System.C ore.ni.dll
    MOD - [2019/05/15 13:04:40 | 001,058,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\bda2113f273e7bf6eba84f3d0d1a66c3\Sy stem.Management.ni.dll
    MOD - [2019/05/15 02:10:16 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6c5ffb1571d7ca0fabb930d0c77947e4 \System.ServiceProcess.ni.dll
    MOD - [2019/05/15 02:10:08 | 011,935,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8c2e7f1fa8f0ef49a3ae977b5dddeae5\System.We b.ni.dll
    MOD - [2019/05/15 02:10:02 | 000,777,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\21705e843038bb8e8b4c0d232364b068 \System.Runtime.Remoting.ni.dll
    MOD - [2019/05/15 02:10:01 | 006,658,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\022128ba26e9262d96d2fd3645abcce3\System.D ata.ni.dll
    MOD - [2019/05/15 02:09:38 | 012,437,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\91efd50cedcf22003233d52464c01816 \System.Windows.Forms.ni.dll
    MOD - [2019/05/15 02:09:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8f5842a3d4d666059db685b319e3a5b3\Syste m.Drawing.ni.dll
    MOD - [2019/05/15 02:09:27 | 005,469,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\992b101b45c1e2e5563fee65ab5fd691\System.Xm l.ni.dll
    MOD - [2019/05/15 02:09:17 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94fe1557aab4bc059482da7d99e97641 \System.Configuration.ni.dll
    MOD - [2019/05/15 02:08:34 | 008,008,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e10fc0c922927179f29b495cf47d62dc\System.ni.dll
    MOD - [2019/05/15 02:08:20 | 011,516,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23349d393ecff063c3152fcf5229b2ab\mscorlib.ni .dll
    MOD - [2017/04/06 14:05:04 | 002,975,744 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


    ========== Services (SafeList) ==========

    SRV - [2020/02/22 15:57:03 | 000,223,432 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2020/02/21 21:06:38 | 000,963,568 | ---- | M] (Google LLC) [On_Demand | Stopped] -- C:\Program Files\Google\Chrome\Application\80.0.3987.122\elevation_service.exe -- (GoogleChromeElevationService)
    SRV - [2020/02/08 15:49:49 | 005,570,712 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
    SRV - [2020/02/08 13:00:44 | 000,335,416 | ---- | M] (Adobe) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2020/02/08 12:42:45 | 000,029,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe -- (WCAssistantService)
    SRV - [2019/12/17 01:27:31 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV - [2019/12/10 09:38:57 | 000,054,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
    SRV - [2018/08/13 22:48:52 | 000,940,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
    SRV - [2018/01/01 03:00:09 | 001,004,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2016/08/26 12:26:34 | 000,339,968 | ---- | M] (Popcorn Time) [Disabled | Stopped] -- C:\Program Files\Popcorn Time\Updater.exe -- (Update service)
    SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2007/06/25 20:17:04 | 000,537,840 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\System32\dlbkcoms.exe -- (dlbk_device)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
    DRV - [2020/02/26 12:57:15 | 000,178,952 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\System32\drivers\MbamChameleon.sys -- (MBAMChameleon)
    DRV - [2020/02/26 12:57:12 | 000,213,912 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2018/11/19 03:05:06 | 000,015,360 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbccgpfilter.sys -- (ew_usbccgpfilter)
    DRV - [2012/06/20 10:51:34 | 000,017,672 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter_hs.sys -- (massfilter_hs)
    DRV - [2011/05/18 07:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
    DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
    DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-BE
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 68 C4 90 BB DC D2 01 [binary data]
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 70 9A A3 D6 AD ED D2 01 [binary data]
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.cohort: "nov17-1"
    FF - prefs.js..browser.search.countryCode: "BE"
    FF - prefs.js..browser.search.defaultenginename: "Bing Default Search"
    FF - prefs.js..browser.search.hiddenOneOffs: "Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en)"
    FF - prefs.js..browser.search.region: "BE"
    FF - prefs.js..browser.search.selectedEngine: "Bing Default Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "www.google.be"
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_321.dll ()
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 73.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 73.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2018/05/29 14:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Extensions
    [2017/11/26 18:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\SystemExtensionsDev
    [2019/11/16 23:55:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data
    [2019/03/28 23:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2018/05/29 14:50:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\contact@web-security.com
    [2019/11/16 23:55:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\doh-rollout@mozilla.org
    [2018/09/18 15:57:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\fxmonitor@mozilla.org
    [2019/05/06 20:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\hotfix-update-xpi-intermediate@mozilla.com
    [2019/03/28 23:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\browser-extension-data\jid1-ZAdIEUB7XOzOJw@jetpack
    [2020/02/15 16:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\extensions
    [2019/04/02 02:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++1ed2d95a-bcf6-4e74-b33d-f772ac30ed8c^userContextId=4294967295
    [2020/02/26 14:52:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++1ed2d95a-bcf6-4e74-b33d-f772ac30ed8c^userContextId=4294967295\idb
    [2019/05/24 03:08:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++275669c6-b38f-4b99-bc33-9bf539869c60^userContextId=4294967295
    [2020/02/24 22:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++275669c6-b38f-4b99-bc33-9bf539869c60^userContextId=4294967295\idb
    [2019/11/01 13:32:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++32d12a65-1643-4f9d-af6a-3ede7e72845a
    [2020/02/26 14:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++32d12a65-1643-4f9d-af6a-3ede7e72845a\idb
    [2019/03/28 23:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++32d12a65-1643-4f9d-af6a-3ede7e72845a^userContextId=4294967295
    [2020/02/26 14:58:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++32d12a65-1643-4f9d-af6a-3ede7e72845a^userContextId=4294967295\idb
    [2019/03/28 23:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++57613682-622b-4d28-9fe0-2d4a7d9e4da6^userContextId=4294967295
    [2020/02/26 14:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++57613682-622b-4d28-9fe0-2d4a7d9e4da6^userContextId=4294967295\idb
    [2019/04/02 02:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++795af31c-1f4d-4773-b7eb-309e96d3e921^userContextId=4294967295
    [2020/02/26 14:52:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++795af31c-1f4d-4773-b7eb-309e96d3e921^userContextId=4294967295\idb
    [2020/01/10 07:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++b8c361f7-56dc-4108-9d40-ffdc78b81090^userContextId=4294967295
    [2020/02/24 22:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\storage\default\moz-extension+++b8c361f7-56dc-4108-9d40-ffdc78b81090^userContextId=4294967295\idb
    [2019/12/19 05:03:27 | 000,056,413 | ---- | M] () (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\extensions\addon@ytdownloader.info.xpi
    [2019/12/14 02:05:50 | 000,660,855 | ---- | M] () (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi
    [2019/12/13 02:05:05 | 000,738,336 | ---- | M] () (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
    [2020/02/15 16:19:51 | 001,968,172 | ---- | M] () (No name found) -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2020/02/08 12:52:51 | 000,001,046 | ---- | M] () -- C:\Users\KIDS\AppData\Roaming\Mozilla\Firefox\Profiles\zc2qu2kv.default-1524493364635\searchplugins\bing.xml

    ========== Chrome ==========

    CHR - default_search_provider: ()
    CHR - default_search_provider: search_url =
    CHR - default_search_provider: suggest_url =
    CHR - plugin: Error reading preferences file
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.9_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.2_0\
    CHR - Extension: No name found = C:\Users\KIDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7919.1028.0.0_0\

    O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
    O4 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
    O4 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
    O4 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000..\Run: [utweb] "C:\Users\KIDS\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED File not found
    O4 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe (Lavasoft)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
    O13 - gopher Prefix: missing
    O15 - HKU\.DEFAULT\..Trusted Domains: localhost (* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: webcompanion.com (http in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: localhost (* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: webcompanion.com (http in Trusted sites)
    O15 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\..Trusted Domains: localhost (* in Trusted sites)
    O15 - HKU\S-1-5-21-541891432-2115559380-3082969310-1000\..Trusted Domains: webcompanion.com (http in Trusted sites)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.2 195.130.131.2
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBD7D39D-D3F6-4058-97E9-AEB4CD46494E}: DhcpNameServer = 195.130.130.2 195.130.131.2
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{29e5588e-9b53-11e7-aca5-7071bc1d425d}\Shell - "" = AutoRun
    O33 - MountPoints2\{29e5588e-9b53-11e7-aca5-7071bc1d425d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{502a9a30-9747-11e9-84c7-7071bc1d425d}\Shell - "" = AutoRun
    O33 - MountPoints2\{502a9a30-9747-11e9-84c7-7071bc1d425d}\Shell\AutoRun\command - "" = E:\HiSuiteDownLoader.exe
    O33 - MountPoints2\{664dffed-fa66-11e8-a193-7071bc1d425d}\Shell - "" = AutoRun
    O33 - MountPoints2\{664dffed-fa66-11e8-a193-7071bc1d425d}\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe
    O33 - MountPoints2\{c77b07f3-f8a1-11e8-b8be-7071bc1d425d}\Shell - "" = AutoRun
    O33 - MountPoints2\{c77b07f3-f8a1-11e8-b8be-7071bc1d425d}\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe
    O33 - MountPoints2\{d9c5366a-981a-11e8-a11b-7071bc1d425d}\Shell - "" = AutoRun
    O33 - MountPoints2\{d9c5366a-981a-11e8-a11b-7071bc1d425d}\Shell\AutoRun\command - "" = J:\HiSuiteDownLoader.exe
    O33 - MountPoints2\E\Shell - "" = AutoRun
    O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\HiSuiteDownLoader.exe
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\HiSuiteDownLoader.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2020/02/26 12:57:15 | 000,178,952 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MbamChameleon.sys
    [2020/02/26 12:57:12 | 000,213,912 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2020/02/08 20:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
    [2020/02/08 20:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
    [2020/02/08 20:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
    [2020/02/08 20:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2020/02/08 20:01:59 | 000,000,000 | ---D | C] -- C:\Users\KIDS\AppData\Roaming\NCH Software
    [2020/02/08 19:09:08 | 000,000,000 | ---D | C] -- C:\Users\KIDS\AppData\Roaming\iZotope
    [2020/02/08 19:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
    [2020/02/08 19:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
    [2020/02/08 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
    [2020/02/08 19:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
    [2020/02/08 19:04:52 | 000,000,000 | ---D | C] -- C:\Users\KIDS\Documents\iZotope
    [2020/02/08 19:04:50 | 000,000,000 | ---D | C] -- C:\Program Files\iZotope
    [2020/02/08 15:51:04 | 000,000,000 | ---D | C] -- C:\Users\KIDS\AppData\Local\cache
    [2020/02/06 20:50:42 | 000,000,000 | ---D | C] -- C:\Users\KIDS\AppData\Roaming\Winamp
    [2020/02/06 20:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp

    ========== Files - Modified Within 30 Days ==========

    [2020/02/26 13:07:05 | 000,035,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2020/02/26 13:07:05 | 000,035,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2020/02/26 12:57:15 | 000,178,952 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MbamChameleon.sys
    [2020/02/26 12:57:12 | 000,213,912 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2020/02/26 12:57:03 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2020/02/26 12:56:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2020/02/26 12:56:54 | 1583,226,880 | -HS- | M] () -- C:\hiberfil.sys
    [2020/02/11 01:14:01 | 000,129,056 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbae.sys
    [2020/02/08 20:02:22 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
    [2020/02/08 19:05:26 | 000,002,174 | ---- | M] () -- C:\Users\KIDS\Desktop\iZotope RX 5 Audio Editor.lnk
    [2020/02/08 15:50:56 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
    [2020/02/08 13:00:43 | 000,842,296 | ---- | M] (Adobe) -- C:\Windows\System32\FlashPlayerApp.exe
    [2020/02/08 13:00:43 | 000,175,160 | ---- | M] (Adobe) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2020/02/06 20:50:50 | 000,000,961 | ---- | M] () -- C:\Users\KIDS\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
    [2020/02/06 20:50:50 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk

    ========== Files Created - No Company Name ==========

    [2020/02/08 20:02:21 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk
    [2020/02/08 20:02:21 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
    [2020/02/08 19:05:26 | 000,002,174 | ---- | C] () -- C:\Users\KIDS\Desktop\iZotope RX 5 Audio Editor.lnk
    [2020/02/06 20:50:50 | 000,000,961 | ---- | C] () -- C:\Users\KIDS\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
    [2020/02/06 20:50:50 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
    [2018/03/23 10:15:25 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-KIDS-PC-Windows-7-Professional-(32-bit).dat
    [2017/06/21 10:51:49 | 000,033,193 | ---- | C] () -- C:\Users\KIDS\AppData\Roaming\UserTile.png

    ========== ZeroAccess Check ==========

    [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2019/05/25 00:59:03 | 012,880,384 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2020/02/08 18:51:02 | 000,000,000 | ---D | M] -- C:\Users\KIDS\AppData\Roaming\audacity
    [2018/08/20 19:26:21 | 000,000,000 | ---D | M] -- C:\Users\KIDS\AppData\Roaming\Digiarty
    [2020/02/08 19:09:08 | 000,000,000 | ---D | M] -- C:\Users\KIDS\AppData\Roaming\iZotope
    [2018/07/27 15:57:25 | 000,000,000 | ---D | M] -- C:\Users\KIDS\AppData\Roaming\JAM Software
    [2018/07/18 18:39:36 | 000,000,000 | ---D | M] -- C:\Users\KIDS\AppData\Roaming\Zona

    ========== Purity Check ==========



    < End of report >

  13. #13

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    OTL Extras logfile created on: 26/02/2020 15:00:40 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Downloads
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.19596)
    Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

    1,97 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 76,17% Memory free
    3,93 Gb Paging File | 3,16 Gb Available in Paging File | 80,25% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 297,99 Gb Total Space | 88,01 Gb Free Space | 29,53% Space Free | Partition Type: NTFS

    Computer Name: KIDS-PC | User Name: KIDS | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML-308046B0AF4A39CB] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Winamp SA)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Winamp SA)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Winamp SA)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
    "{AD78F987-D857-4EB5-93D6-D1CFCF93E8A1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
    "{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
    "{3E04A8FE-AF37-400D-A6DE-B9CB1546DF29}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "{3E94995A-CDD2-4D7D-BEE4-C4F57E50C4FF}" = protocol=6 | dir=in | app=c:\program files\popcorn time\updater.exe |
    "{4F94DD98-0B48-4D4A-BFDE-A3984C4331DC}" = protocol=6 | dir=in | app=d:\fscommand\cksocketserver.exe |
    "{6380092D-801C-49F7-B9FC-F81762D8003F}" = protocol=17 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
    "{6B15B975-263F-427D-B9BA-FD65E0BC9399}" = protocol=6 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
    "{832F2E58-1163-4B46-862D-6343FC7C97A1}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "{9A998611-5007-4122-837E-91A4E977A28F}" = protocol=17 | dir=in | app=d:\fscommand\cksocketserver.exe |
    "{B0CA75C4-4A9C-4E3E-AACE-BC9CCAE3DD5F}" = protocol=6 | dir=in | app=c:\program files\popcorn time\popcorntimedesktop.exe |
    "{B5571575-2B1F-43D0-94BD-14988886E766}" = protocol=17 | dir=in | app=c:\program files\popcorn time\chromecast\node.exe |
    "{BB545EDD-D00E-42A0-AC0E-0DD06D379BA5}" = protocol=17 | dir=in | app=c:\program files\popcorn time\updater.exe |
    "{C7FEBCAB-A0D5-4849-A6D0-C5920B4C1435}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "{DA549BE8-67AC-459E-9D26-D4661F0BBA3A}" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
    "{E04C5B82-B468-4965-99C3-F445AE315840}" = protocol=6 | dir=in | app=c:\program files\popcorn time\chromecast\node.exe |
    "{E814BA0D-B771-487B-985A-E7EDBAA53688}" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
    "{F121907E-800F-4DD1-BE11-C133E7F0E9B1}" = protocol=17 | dir=in | app=c:\program files\popcorn time\popcorntimedesktop.exe |
    "{FC768DE6-67A0-4503-86F4-FA77FD6C0C14}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
    "TCP Query User{0833E980-302F-4D19-8819-8F32A1A7AF5B}C:\program files\popcorn time\chromecast\node.exe" = protocol=6 | dir=in | app=c:\program files\popcorn time\chromecast\node.exe |
    "TCP Query User{17D58C11-B4CA-40EB-8D5A-F52410658A1F}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
    "TCP Query User{586BD353-2C5D-4530-B656-1965C504647C}C:\program files\popcorn time\popcorntimedesktop.exe" = protocol=6 | dir=in | app=c:\program files\popcorn time\popcorntimedesktop.exe |
    "TCP Query User{6D5D2BEA-BD90-4CD3-8C47-750A86C64AB0}C:\program files\soulseekqt\soulseekqt.exe" = protocol=6 | dir=in | app=c:\program files\soulseekqt\soulseekqt.exe |
    "TCP Query User{D8748003-DB54-42EE-AAD8-3C41684C2376}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
    "UDP Query User{35CF728C-C3A0-4A65-A891-E96504E4A640}C:\program files\soulseekqt\soulseekqt.exe" = protocol=17 | dir=in | app=c:\program files\soulseekqt\soulseekqt.exe |
    "UDP Query User{66DD4EC7-DCE8-4717-8F27-E5F3B5D779F9}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
    "UDP Query User{6EAF5B35-8EB0-43F8-9376-252B00E352B6}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
    "UDP Query User{BD24CF59-2D80-4EF5-BE5B-1B4472385EEB}C:\program files\popcorn time\popcorntimedesktop.exe" = protocol=17 | dir=in | app=c:\program files\popcorn time\popcorntimedesktop.exe |
    "UDP Query User{C4F8FAEA-26DC-49C3-B572-FE67E933E4B4}C:\program files\popcorn time\chromecast\node.exe" = protocol=17 | dir=in | app=c:\program files\popcorn time\chromecast\node.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
    "{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 4.0.4.49
    "{41ad2668-77a4-4eaa-83d0-1bdda9e470d0}" = Web Companion
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer
    "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
    "{6467504D-EF07-4BF2-A42A-96D47C50BAFC}" = Adblock Plus voor IE (32-bit)
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.8
    "{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}" = Google Earth Pro
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
    "{B29F8740-372B-312F-8EEE-18FF857CCBB8}" = Microsoft .NET Framework 4.8
    "{BD46163A-0331-4A61-B65A-7B66D7C93F8E}" = vs2015_redist x86
    "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
    "{c239cea1-d49e-4e16-8e87-8c055765f7ec}" = Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008
    "{C6CDA568-CD91-3CA0-9EDE-DAD98A13D6E1}" = Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25008
    "{E6222D59-608C-3018-B86B-69BD241ACDE5}" = Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25008
    "{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1" = BCUninstaller
    "{FAF5F9DA-73F2-4BF3-8268-E45AAC42B533}" = iCloud
    "7-Zip" = 7-Zip 19.00
    "Adobe Flash Player NPAPI" = Adobe Flash Player 32 NPAPI
    "CCleaner" = CCleaner
    "CDex" = CDex - Digital Audio CD Extractor and Converter
    "Google Chrome" = Google Chrome
    "hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
    "hp deskjet 5550 series_Driver" = hp deskjet 5550 series
    "hp print screen utility" = hp print screen utility
    "iZotope RX 5_is1" = iZotope RX 5
    "Mozilla Firefox 73.0.1 (x86 en-US)" = Mozilla Firefox 73.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Popcorn Time_is1" = Popcorn Time
    "Soulseek2" = SoulSeek 157 NS 13e
    "Switch" = Switch Sound File Converter
    "VLC media player" = VLC media player
    "Winamp" = Winamp

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-541891432-2115559380-3082969310-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 18/07/2018 13:37:53 | Computer Name = KIDS-PC | Source = MsiInstaller | ID = 11310
    Description =

    Error - 18/07/2018 13:37:54 | Computer Name = KIDS-PC | Source = MsiInstaller | ID = 11310
    Description =

    Error - 18/07/2018 13:37:55 | Computer Name = KIDS-PC | Source = MsiInstaller | ID = 11310
    Description =

    Error - 18/07/2018 13:37:56 | Computer Name = KIDS-PC | Source = MsiInstaller | ID = 11310
    Description =

    Error - 21/07/2018 5:23:29 | Computer Name = KIDS-PC | Source = Application Hang | ID = 1002
    Description = The program firefox.exe version 61.0.1.6759 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: ba0 Start
    Time: 01d42061beff3a4c Termination Time: 2400 Application Path: C:\Program Files\Mozilla
    Firefox\firefox.exe Report Id: 8dc70ed9-8cc7-11e8-9ce3-7071bc1d425d

    Error - 21/07/2018 16:20:39 | Computer Name = KIDS-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: vlc.exe, version: 2.2.4.0, time stamp:
    0x00000004 Faulting module name: ntdll.dll, version: 6.1.7601.24168, time stamp:
    0x5b1aa758 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting process id:
    0x760 Faulting application start time: 0x01d4212f68be9c86 Faulting application path:
    C:\Program Files\VideoLAN\VLC\vlc.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report
    Id: 882dfacc-8d23-11e8-882e-7071bc1d425d

    Error - 26/07/2018 11:04:18 | Computer Name = KIDS-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "E:\Windows\avastSS.scr".
    Dependent
    Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version=" 14.0.23918.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/09/2018 14:38:49 | Computer Name = KIDS-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: PopcornTimeDesktop.exe, version: 5.6.1.0,
    time stamp: 0x5878b83a Faulting module name: ntdll.dll, version: 6.1.7601.24214,
    time stamp: 0x5b626fd1 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting
    process id: 0x714 Faulting application start time: 0x01d446d9fbc8be53 Faulting application
    path: C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe Faulting module path:
    C:\Windows\SYSTEM32\ntdll.dll Report Id: 425cf2d9-b2cd-11e8-bf71-7071bc1d425d

    Error - 14/09/2018 10:26:04 | Computer Name = KIDS-PC | Source = Application Hang | ID = 1002
    Description = The program firefox.exe version 62.0.0.6816 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: fc4 Start
    Time: 01d44c30ce43c1a3 Termination Time: 1580 Application Path: C:\Program Files\Mozilla
    Firefox\firefox.exe Report Id:

    Error - 17/09/2018 10:44:23 | Computer Name = KIDS-PC | Source = Application Hang | ID = 1002
    Description = The program winamp.exe version 5.6.6.3512 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: fb4 Start
    Time: 01d44e762d675c34 Termination Time: 15 Application Path: C:\Program Files\Winamp\winamp.exe

    Report
    Id: 21fd334d-ba88-11e8-bf7b-7071bc1d425d

    [ Media Center Events ]
    Error - 24/02/2020 7:42:21 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 12:42:21 - Failed to retrieve MCEClientUX (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 24/02/2020 7:42:28 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 12:42:22 - Failed to retrieve Broadband (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 25/02/2020 15:32:40 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 20:32:40 - Failed to retrieve Directory (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 25/02/2020 15:32:43 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 20:32:43 - Failed to retrieve MCESpotlight (Error: The underlying
    connection was closed: An unexpected error occurred on a send.)

    Error - 25/02/2020 15:32:45 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 20:32:44 - Failed to retrieve MCEClientUX (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 25/02/2020 15:33:02 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 20:32:45 - Failed to retrieve Broadband (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 26/02/2020 8:00:11 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 13:00:11 - Failed to retrieve Directory (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 26/02/2020 8:00:14 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 13:00:13 - Failed to retrieve MCESpotlight (Error: The underlying
    connection was closed: An unexpected error occurred on a send.)

    Error - 26/02/2020 8:00:16 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 13:00:15 - Failed to retrieve MCEClientUX (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    Error - 26/02/2020 8:00:16 | Computer Name = KIDS-PC | Source = MCUpdate | ID = 0
    Description = 13:00:16 - Failed to retrieve Broadband (Error: The underlying connection
    was closed: An unexpected error occurred on a send.)

    [ System Events ]
    Error - 15/02/2020 10:45:40 | Computer Name = KIDS-PC | Source = Service Control Manager | ID = 7043
    Description = The Malwarebytes Service service did not shut down properly after
    receiving a preshutdown control.

    Error - 18/02/2020 6:05:44 | Computer Name = KIDS-PC | Source = WMPNetworkSvc | ID = 866300
    Description = Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder)
    encountered error '0x80004005'. Verify that the UPnPHost service is running and
    that the UPnPHost component of Windows is installed properly.

    Error - 18/02/2020 7:26:05 | Computer Name = KIDS-PC | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Provider
    Host service which failed to start because of the following error: %%1068

    Error - 18/02/2020 7:26:07 | Computer Name = KIDS-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    discache spldr Wanarpv6

    Error - 18/02/2020 7:26:26 | Computer Name = KIDS-PC | Source = DCOM | ID = 10005
    Description =

    Error - 18/02/2020 7:26:48 | Computer Name = KIDS-PC | Source = DCOM | ID = 10005
    Description =

    Error - 18/02/2020 7:26:48 | Computer Name = KIDS-PC | Source = DCOM | ID = 10005
    Description =

    Error - 18/02/2020 7:26:51 | Computer Name = KIDS-PC | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Provider
    Host service which failed to start because of the following error: %%1068

    Error - 18/02/2020 13:37:44 | Computer Name = KIDS-PC | Source = volsnap | ID = 393252
    Description = The shadow copies of volume C: were aborted because the shadow copy
    storage could not grow due to a user imposed limit.

    Error - 18/02/2020 15:52:56 | Computer Name = KIDS-PC | Source = Service Control Manager | ID = 7043
    Description = The Malwarebytes Service service did not shut down properly after
    receiving a preshutdown control.


    < End of report >

  14. #14

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389

  15. #15
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad.
    klik hier voor meer informatie over hoe zoek.exe te gebruiken)

    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.

    • Klik met je rechtermuisknop op Zoek.exe en kies voor de optie Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
      Code:
      emptyfolderscheck;delete
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht bijlage.

  16. #16

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Bedankt voor de instructies. Vooraleer verder te gaan, krijg ik geen antwoord op mijn vraag
    "Zijn hier sporen of bewijzen van spyware in te vinden? (BELANGRIJK!)"
    Of misschien geen antwoord omdat topic niet in de juiste categorie staat?

    -> nog es opnieuw geplaatst hier
    http://www.nucia.eu/forum/threads/75...nline-stalking

    Of zou ik bellen voor een afspraak met iemand van de computer crime unit?
    Laatst gewijzigd door f.r.a.n.k; 28-02-20 om 13:41.

  17. #17
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Voor dat dit uit de hand loopt, ik weet niet wat je met de buren voor ruzie hebt maar ik zie GEEN sporen vooralsnog van spyware / virus / malware / trojans oid.
    Vandaar dat ik Zoek.exe wil laten gebruiken want die zoekt op een andere manier naar dingen.
    Je staat in je recht om dit probleem op elk forum te zetten die je kan vinden maar die zien dezelfde dingen als ik.
    Als ik ook maar IETS gezien had wat niet door de beugel kan had ik dat aangepakt. ( zoals die torent de je gebruikt )

    Voer zoek.exe uit aub.

  18. #18

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Vooralsnog geen sporen, dat is duidelijk.

    Hoe ik mijn antivirus tijdelijk kan uitzetten , is me niet helemaal duidelijk. Ik gebruik Malwarebytes nieuwste versie 4.0.4
    De instructies in de link komen niet overeen met wat ik zie op mn scherm.

  19. #19

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows 7 Professional 32
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    389
    Ah, ik denk dat ik het weet hoe Malwarebytes uit te zetten.

    Instellingen -> Beveiliging
    - opstarten in windows uitvinken
    - detecteer ongewenste programmas : Negeren/Waarschuwen/Altijd aan
    detecteer ongewenste aanpassingen: Negeren/Waarschuwen/Altijd aan
    2x Negeren juist?

    Beschrijving in Hijackthis link heeft update nodig denk ik

  20. #20
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 10 Home 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.806
    Blog Berichten
    10
    Dat zou kunnen, kan je zoek.exe uitvoeren ?

Pagina 1 van de 2 12 LaatsteLaatste

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen
  •