Home » Constant pop-ups about virus worthyrid.com

Constant pop-ups about virus worthyrid.com

0 comment

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Jinthe (06-01-2023 22:58:08)
Running from C:UsersJintheDownloads
Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) (2021-02-05 17:41:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1734413744-1808926874-3554828221-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-1734413744-1808926874-3554828221-503 – Limited – Disabled)
Guest (S-1-5-21-1734413744-1808926874-3554828221-501 – Limited – Disabled)
Jinthe (S-1-5-21-1734413744-1808926874-3554828221-1002 – Administrator – Enabled) => C:UsersJinthe
WDAGUtilityAccount (S-1-5-21-1734413744-1808926874-3554828221-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled – Up to date) 0D452135-A081-B000-D6B6-132E52638543
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM…AC76BA86-1043-1033-7760-BC15014EA700) (Version: 22.003.20282 – Adobe)
Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 5.9.0.372 – Adobe Inc.)
Adobe Genuine Service (HKLM-x32…AdobeGenuineService) (Version: 8.1.0.3 – Adobe Inc.)
Adobe Lightroom (HKLM-x32…LRCC_6_0) (Version: 6.0 – Adobe Inc.)
Adobe Refresh Manager (HKLM-x32…AC76BA86-0804-1033-1959-018244601032) (Version: 1.8.0 – Adobe Systems Incorporated) Hidden
Belgium e-ID middleware 4.4.27 (build 4277) (HKLM…DB942AEA-93D6-4FE4-8862-180D35A74277) (Version: 4.4.4277 – Belgian Government)
Citrix Authentication Manager (HKLM-x32…DD0C05ED-F190-4728-9703-A05A2FE98C1F) (Version: 11.0.4000.12761 – Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (HKLM-x32…B1BF5326-D7B4-40B2-8E2B-182AD9D42E27) (Version: 14.9.4000.9 – Citrix Systems, Inc.) Hidden
Citrix Receiver 4.9 LTSR (HKLM-x32…CitrixOnlinePluginPackWeb) (Version: 14.9.4000.9 – Citrix Systems, Inc.)
Citrix Receiver Inside (HKLM-x32…5129AD29-6274-4F86-9033-8569DEAE7F07) (Version: 4.9.4000.9 – Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (HKLM-x32…2F91033B-AC2A-4E38-86CE-75CD11049428) (Version: 14.9.4000.9 – Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (HKLM-x32…DC4658CE-2F02-47A9-8E2E-2F90634EFAC5) (Version: 14.9.4000.9 – Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (HKLM-x32…42FAA0DD-1DBF-4917-91BD-6486D28770F0) (Version: 14.9.4000.9 – Citrix Systems, Inc.) Hidden
Citrix Web Helper (HKLM-x32…7AF1854C-9606-4D30-8D3C-2BA0CA33D353) (Version: 4.9.4000.9 – Citrix Systems, Inc.) Hidden
Google Earth Pro (HKLM…B89AEE5B-AA5E-45B1-BF72-2BBD859775CC) (Version: 7.3.6.9326 – Google)
HP Hotkey Support (HKLM-x32…5CA104DB-9884-4CDB-B31B-B977EACC7B3D) (Version: 6.2.50.1 – HP Inc.)
Intel(R) Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 20.19.15.5126 – Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32…0000060-0200-1043-84C8-B8D95FA3C8C3) (Version: 20.60.0 – Intel Corporation)
Krita (x64) 5.1.0 (HKLM…Krita_x64) (Version: 5.1.0.53 – Krita Foundation)
Malwarebytes version 4.5.19.229 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.5.19.229 – Malwarebytes)
Microsoft 365-apps voor ondernemingen – nl-nl (HKLM…O365ProPlusRetail – nl-nl) (Version: 16.0.15831.20208 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 108.0.1462.54 – Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 108.0.1462.54 – Microsoft Corporation)
Microsoft Intune Management Extension (HKLM-x32…C40C21EC-255C-4E1C-8A2C-DA87718FE374) (Version: 1.61.156.0 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-1734413744-1808926874-3554828221-1002…OneDriveSetup.exe) (Version: 22.238.1114.0002 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-1734413744-1808926874-3554828221-1002…Teams) (Version: 1.5.00.33362 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…80F1AF52-7AC0-42A3-9AF0-689BFB271D1D) (Version: 3.68.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime – 11.0.61030 (HKLM…37B8F9C7-03FB-3253-8781-2517C99D7C00) (Version: 11.0.61030 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime – 11.0.61030 (HKLM…CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97) (Version: 11.0.61030 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime – 11.0.61030 (HKLM-x32…B175520C-86A2-35A7-8619-86DC379688B9) (Version: 11.0.61030 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime – 11.0.61030 (HKLM-x32…BD95A8CD-1D9F-35AD-981A-3E7925026EBB) (Version: 11.0.61030 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…42d26ef-3dbe-4c25-95d3-4c1b11b235a7) (Version: 12.0.40664.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…9dff3540-fc85-4ed5-ac84-9e3c7fd8bece) (Version: 12.0.40664.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime – 12.0.40664 (HKLM…10792BA-551A-3AC0-A7EF-0FAB4156C382) (Version: 12.0.40664 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime – 12.0.40664 (HKLM…53CF6934-A98D-3D84-9146-FC4EDF3D5641) (Version: 12.0.40664 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime – 12.0.40664 (HKLM-x32…D401961D-3A20-3AC7-943B-6139D5BD490A) (Version: 12.0.40664 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime – 12.0.40664 (HKLM-x32…8122DAB1-ED4D-3676-BB0A-CA368196543E) (Version: 12.0.40664 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) – 14.32.31326 (HKLM-x32…2d507699-404c-4c8b-a54a-38e352f32cdd) (Version: 14.32.31326.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) – 14.32.31326 (HKLM-x32…817e21c1-6b3a-4bc1-8c49-67e4e1887b3a) (Version: 14.32.31326.0 – Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime – 14.32.31326 (HKLM…38624EB5-356D-4B08-8357-C33D89A5C0C5) (Version: 14.32.31326 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime – 14.32.31326 (HKLM…C96241EA-9900-4FE8-85B3-1E238D509DF6) (Version: 14.32.31326 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime – 14.32.31326 (HKLM-x32…A250E750-DB3F-40C1-8460-8EF77C7582DA) (Version: 14.32.31326 – Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime – 14.32.31326 (HKLM-x32…46E11E7F-01E1-44D0-BB86-C67342D253DD) (Version: 14.32.31326 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.15726.20202 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.15831.20184 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0413-1000-0000000FF1CE) (Version: 16.0.15726.20202 – Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32…CC7B306B-BCB3-4E05-8D6E-40E6CDBD8FDB) (Version: 14.9.4000.9 – Citrix Systems, Inc.) Hidden
Pentablet version 3.2.4.211204 (HKLM…5DAB8C1A-6D8E-467D-BE62-AC13087AA950_is1) (Version: 3.2.4.211204 – UGEE Technology)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8287 – Realtek Semiconductor Corp.)
Self-service Plug-in (HKLM-x32…63680662-0CFF-4C2B-A269-1CD4DD145430) (Version: 4.9.4000.9 – Citrix Systems, Inc.) Hidden
SMART Education Software (HKLM-x32…C3CA503-F768-44A9-B17D-E7CB42CA43F7) (Version: 21.0.358.0 – SMART Technologies ULC)
SMART English (United Kingdom) Handwriting Resources (HKLM-x32…B5D5D9DC-3361-43D7-ADED-916CC6E90A03) (Version: 15.1.10.0 – SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32…13777035-D240-4AB9-9E9E-AA6855550E26) (Version: 2.0.4.0 – SMART Technologies ULC)
SMART Ink (HKLM-x32…50AAB2E-3E99-4238-BAA6-11FF9FD61C06) (Version: 5.10.266.0 – SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32…8AD57A09-153E-4F6D-A269-0AD8AC54B82A) (Version: 2.0.7.0 – SMART Technologies ULC)
SMART Notebook (HKLM-x32…D9469AC3-2946-42CA-B42B-74A226CB7557) (Version: 21.0.2987.0 – SMART Technologies ULC)
SMART Product Drivers (HKLM-x32…F192AB2E-8BFE-4BB4-90FD-FB22FB0E4E84) (Version: 12.17.253.2 – SMART Technologies ULC)
Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)
Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 19.0.19.68 – Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32…731F6BAA-A986-45A4-8936-7C3AAAAA760B) (Version: 1.3.0.28779 – Microsoft Corporation)
TechSmith Screen Capture Codec (HKLM-x32…84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD) (Version: 4.1.1.0 – TechSmith Corporation) Hidden
Universal Print Printer Provisioning (HKLM-x32…D9B9A429-1063-4F77-A86D-2410EF6763E9) (Version: 0.1.0.0 – Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM…C22F49B1-0F67-47DC-A490-E8B4B6558EA9) (Version: 8.91.0.0 – Microsoft Corporation)
Windows PC Health Check (HKLM…6798C408-2636-448C-8AC6-F4E341102D27) (Version: 3.6.2204.08001 – Microsoft Corporation)
Zoom (HKUS-1-5-21-1734413744-1808926874-3554828221-1002…ZoomUMX) (Version: 5.4.3 (58891.1115) – Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:Program FilesWindowsAppsAdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-21] (Adobe Systems Incorporated)
AV1 Video Extension -> C:Program FilesWindowsAppsMicrosoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Corporation)
HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-05] (HP Inc.)
HP System Information -> C:Program FilesWindowsAppsAD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-03-25] (HP Inc.)
Media-engine-invoegtoepassing voor Foto’s -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-05] (Microsoft Corporation) [MS Ad]
Movie Maker – Video Editor -> C:Program FilesWindowsApps21336V3TApps.MovieMaker-FREE_3.6.10.0_x64__bzg06mxvgh4fa [2023-01-04] (V3TApps)
Reader Notification Client -> C:Program FilesWindowsAppsReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-03-03] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-10] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-1734413744-1808926874-3554828221-1002_ClassesCLSID4271989-C4D2-C580-8505-8DEB8D079142 -> [OneDrive – Hogeschool VIVES] => C:UsersJintheOneDrive – Hogeschool VIVES [2021-10-03 15:45]
CustomCLSID: HKUS-1-5-21-1734413744-1808926874-3554828221-1002_ClassesCLSIDE270DAA-1BE6-48F2-AC49-386C93854D0A -> [Creative Cloud Files] => C:UsersJintheCreative Cloud Files [2021-02-12 23:45]
CustomCLSID: HKUS-1-5-21-1734413744-1808926874-3554828221-1002_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersJintheAppDataLocalMicrosoftTeamsMeetingAddin1.0.22304.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-1734413744-1808926874-3554828221-1002_ClassesCLSID2F81B25E-7507-4844-BFF2-77D2CC24CED4localserver32 -> C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKUS-1-5-21-1734413744-1808926874-3554828221-1002_ClassesCLSIDe8c77137-e224-5791-b6e9-ff0305797a13InprocServer32 -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> 853B7E05-C47D-4985-909A-D0DC5C6D7303 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> 42D38F2E-98E9-4382-B546-E24E4D6D04BB => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2023-01-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 => -> No File
ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:WINDOWSsystem32igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2023-01-06] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-11-08 12:52 – 2019-11-08 12:52 – 000015872 _____ () [File not signed] C:Program Files (x86)SMART TechnologiesSMART Product Driverssbsdk-servernode_modulesSessionNotification.node
2018-03-16 14:48 – 2018-03-16 14:48 – 000907776 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)SMART TechnologiesSMART Product DriversQtPlugins5.4.1platformsqwindows.dll
2021-02-04 10:18 – 2021-02-04 10:18 – 000000000 ____L (Microsoft Corporation) [simlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunAppvIsvSubsystems64.dll] C:Program FilesMicrosoft OfficerootClientAppVIsvSubsystems64.dll
2021-02-04 10:18 – 2021-02-04 10:18 – 000000000 ____L (Microsoft Corporation) [simlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunAppvIsvSubsystems64.dll] C:Program FilesMicrosoft OfficerootOffice16AppVIsvSubsystems64.dll
2021-02-04 10:18 – 2021-02-04 10:18 – 000000000 ____L (Microsoft Corporation) [simlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunC2R64.dll] C:Program FilesMicrosoft OfficerootOffice16c2r64.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 004370576 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.angle.vc141.1.0_e7e76aadd9f46776_1.0.18.0_none_4a00a6445b7efc21libGLESv2.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000030872 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_chrono-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000045720 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_date_time-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000106136 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_filesystem-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000633496 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_regex-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000022168 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_system-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000087704 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc120.1.56_e7e76aadd9f46776_1.0.1.0_none_cacd116f976dee85boost_thread-vc120-mt-1_56.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000047256 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc141.1.67_e7e76aadd9f46776_1.0.30.0_none_3a3f0db2cb9ccaaaboost_date_time-vc141-mt-x32-1_67.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000114328 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc141.1.67_e7e76aadd9f46776_1.0.30.0_none_3a3f0db2cb9ccaaaboost_filesystem-vc141-mt-x32-1_67.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000723096 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc141.1.67_e7e76aadd9f46776_1.0.30.0_none_3a3f0db2cb9ccaaaboost_regex-vc141-mt-x32-1_67.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000024216 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc141.1.67_e7e76aadd9f46776_1.0.30.0_none_3a3f0db2cb9ccaaaboost_system-vc141-mt-x32-1_67.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000084120 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.boost.vc141.1.67_e7e76aadd9f46776_1.0.30.0_none_3a3f0db2cb9ccaaaboost_thread-vc141-mt-x32-1_67.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001460880 _____ (SMART Technologies ULC -> ) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc120.5.4_e7e76aadd9f46776_5.4.31.2_none_7def3e6efb0eb133libGLESv2.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001648280 _____ (SMART Technologies ULC -> Apache Software Foundation) [File not signed] C:WINDOWSWinSxSx86_smarttech.log4cxx.vc120.0.10.1_e7e76aadd9f46776_1.0.65.1_none_79eb498bf0428b80log4cxx-vc120-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001705624 _____ (SMART Technologies ULC -> Apache Software Foundation) [File not signed] C:WINDOWSWinSxSx86_smarttech.log4cxx.vc141.0.10.1_e7e76aadd9f46776_1.0.53.1_none_7ee05d2b860fe232log4cxx-vc141-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 004057232 _____ (SMART Technologies ULC -> Digia Plc and/or its subsidiary(-ies)) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc120.5.4_e7e76aadd9f46776_5.4.31.2_none_7def3e6efb0eb133Qt5Core.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 003452048 _____ (SMART Technologies ULC -> Digia Plc and/or its subsidiary(-ies)) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc120.5.4_e7e76aadd9f46776_5.4.31.2_none_7def3e6efb0eb133Qt5Gui.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000803472 _____ (SMART Technologies ULC -> Digia Plc and/or its subsidiary(-ies)) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc120.5.4_e7e76aadd9f46776_5.4.31.2_none_7def3e6efb0eb133Qt5Network.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 004404368 _____ (SMART Technologies ULC -> Digia Plc and/or its subsidiary(-ies)) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc120.5.4_e7e76aadd9f46776_5.4.31.2_none_7def3e6efb0eb133Qt5Widgets.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSamd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86aMSVCP120.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSamd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86aMSVCR120.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000444560 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSx86_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_f7a97d4846752170MSVCP120.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000960144 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSx86_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_f7a97d4846752170MSVCR120.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000451216 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSx86_smarttech.ms.vc141.crt_e7e76aadd9f46776_1.0.19.0_none_6b50da4e49873c31MSVCP140.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000075920 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSx86_smarttech.ms.vc141.crt_e7e76aadd9f46776_1.0.19.0_none_6b50da4e49873c31VCRUNTIME140.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 005165200 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:WINDOWSWinSxSx86_smarttech.ms.vc141.mfc_e7e76aadd9f46776_1.0.19.0_none_66b56f024c6a2b26mfc140u.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 000219808 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.crashreporterclient.vc120.1.0_e7e76aadd9f46776_1.0.270.0_none_f47a802f410fb58acrashreporterclient-vc120-mt-x86.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 000175424 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.crashreporterclient.vc141.1.0_e7e76aadd9f46776_1.0.132.0_none_4f5089037cef09f2crashreporterclient-vc141-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000235664 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.hwr.vc120.2.3_e7e76aadd9f46776_2.3.216.1_none_bccbf5e0646e9e77hwr-vc120-mt-x86.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 000234128 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.hwr.vc141.2.3_e7e76aadd9f46776_2.3.27.1_none_f3011bb6dadf1258hwr-vc141-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000148120 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.localization.vc120.2.0_e7e76aadd9f46776_2.0.238.0_none_5769b4cee387d544localization-vc120-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000148120 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.localization.vc120.2.0_e7e76aadd9f46776_2.0.242.0_none_576992a2e387fffblocalization-vc120-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000145560 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.localization.vc141.2.0_e7e76aadd9f46776_2.0.20.0_none_1c86716450dc4b9elocalization-vc141-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000092824 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.preference.vc120.1.0_e7e76aadd9f46776_1.0.101.0_none_a2784f94627c5a19preference-vc120-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000093336 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.preference.vc120.1.0_e7e76aadd9f46776_1.0.83.0_none_b1478425eec204bapreference-vc120-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000091800 _____ (SMART Technologies ULC -> SMART Technologies) [File not signed] C:WINDOWSWinSxSx86_smarttech.preference.vc141.1.0_e7e76aadd9f46776_1.0.23.0_none_24e8df6ff1d98771preference-vc141-mt-x86.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 021533872 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc120.53_e7e76aadd9f46776_1.0.25.0_none_49a9c4e0c2af1e3bicudt53.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001631408 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc120.53_e7e76aadd9f46776_1.0.25.0_none_49a9c4e0c2af1e3bicuin53.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001118896 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc120.53_e7e76aadd9f46776_1.0.25.0_none_49a9c4e0c2af1e3bicuuc53.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 025676432 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc141.57_e7e76aadd9f46776_1.0.41.0_none_a4578b16feac341eicudt57.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001861776 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc141.57_e7e76aadd9f46776_1.0.41.0_none_a4578b16feac341eicuin57.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001265296 _____ (SMART Technologies ULC -> The ICU Project) [File not signed] C:WINDOWSWinSxSx86_smarttech.icu.vc141.57_e7e76aadd9f46776_1.0.41.0_none_a4578b16feac341eicuuc57.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001341592 _____ (SMART Technologies ULC -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:WINDOWSWinSxSx86_smarttech.openssl.vc120.1.0.1_e7e76aadd9f46776_1.0.201.0_none_64e9176b7193c898LIBEAY32.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000280728 _____ (SMART Technologies ULC -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:WINDOWSWinSxSx86_smarttech.openssl.vc120.1.0.1_e7e76aadd9f46776_1.0.201.0_none_64e9176b7193c898SSLEAY32.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 001364120 _____ (SMART Technologies ULC -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:WINDOWSWinSxSx86_smarttech.openssl.vc141.1.0.2_e7e76aadd9f46776_1.0.29.0_none_cef8f2a739763a1aLIBEAY32.dll
2022-06-16 15:36 – 2022-06-16 15:36 – 000286360 _____ (SMART Technologies ULC -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:WINDOWSWinSxSx86_smarttech.openssl.vc141.1.0.2_e7e76aadd9f46776_1.0.29.0_none_cef8f2a739763a1aSSLEAY32.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 004096816 _____ (SMART Technologies ULC -> The Qt Company Ltd) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc141.5.5_e7e76aadd9f46776_5.5.96.1_none_f377d31afb4a4c5cQt5Core.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 003509552 _____ (SMART Technologies ULC -> The Qt Company Ltd) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc141.5.5_e7e76aadd9f46776_5.5.96.1_none_f377d31afb4a4c5cQt5Gui.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 000820016 _____ (SMART Technologies ULC -> The Qt Company Ltd) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc141.5.5_e7e76aadd9f46776_5.5.96.1_none_f377d31afb4a4c5cQt5Network.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 004434224 _____ (SMART Technologies ULC -> The Qt Company Ltd) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc141.5.5_e7e76aadd9f46776_5.5.96.1_none_f377d31afb4a4c5cQt5Widgets.dll
2022-06-16 15:37 – 2022-06-16 15:37 – 000152880 _____ (SMART Technologies ULC -> The Qt Company Ltd) [File not signed] C:WINDOWSWinSxSx86_smarttech.qt.vc141.5.5_e7e76aadd9f46776_5.5.96.1_none_f377d31afb4a4c5cQt5Xml.dll
2018-11-26 15:39 – 2018-11-26 15:39 – 000978944 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Common FilesSMART TechnologiesSystemMenuQtPlugins5.5.1platformsqwindows.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000036352 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqdds.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000022016 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqgif.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000029184 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqicns.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000022528 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqico.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000206848 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqjpeg.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000016896 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqsvg.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000016384 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqtga.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000310272 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqtiff.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000015360 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqwbmp.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000287232 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletimageformatsqwebp.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000966144 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletplatformsqwindows.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 004686848 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Core.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 005035008 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Gui.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000674816 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Network.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000251392 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Svg.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 004518912 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Widgets.dll
2022-08-30 19:50 – 2020-03-12 10:31 – 000151040 _____ (The Qt Company Ltd) [File not signed] C:Program FilesPentabletQt5Xml.dll
2022-08-30 19:50 – 2021-07-13 16:39 – 000146944 _____ (TODO: <公司名>) [File not signed] C:WINDOWSsystem32wintab32.dll
2019-11-08 12:43 – 2019-11-08 12:43 – 000597504 _____ (Vision Objects) [File not signed] C:Program Files (x86)SMART TechnologiesSMART Product Driverssbsdk-serverMyScriptenginebinwin-x86MyScriptEngine.dll
2019-11-08 12:43 – 2019-11-08 12:43 – 000326656 _____ (Vision Objects) [File not signed] C:Program Files (x86)SMART TechnologiesSMART Product Driverssbsdk-serverMyScriptenginebinwin-x86MyScriptShape.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimal32c08c94.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetwork32c08c94.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKUS-1-5-21-1734413744-1808926874-3554828221-1002…sharepoint.com -> hxxps://spes-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 – 2019-03-19 05:49 – 000000824 _____ C:WINDOWSsystem32driversetchosts
2022-04-28 12:22 – 2022-05-21 20:22 – 000000445 _____ C:WINDOWSsystem32driversetchosts.ics
92.168.137.1 DESKTOP-0B0AO5P.mshome.net # 2027 4 2 27 11 22 16 507
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKUS-1-5-21-1734413744-1808926874-3554828221-1002Control PanelDesktop\Wallpaper -> C:UsersJintheDocumentsJinthe125881178_206086724367597_2891464250583450304_n.jpg
DNS Servers: 192.168.0.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User73C280F8-3971-42DD-80D0-918E1348359DC:usersjintheappdataroamingzoombinzoom.exe] => (Block) C:usersjintheappdataroamingzoombinzoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query UserA4FBAB4D-BD36-44B8-94EE-1431AAB897EFC:usersjintheappdataroamingzoombinzoom.exe] => (Block) C:usersjintheappdataroamingzoombinzoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query UserD4059357-28E7-4CB3-84AA-CF315F703E29C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User818ECF91-403E-48C4-B535-BB3239D19683C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User6D9700E0-E907-4606-A988-2CA98E6D46C8D:snappy driversdi_x64_r1904.exe] => (Block) D:snappy driversdi_x64_r1904.exe => No File
FirewallRules: [TCP Query User93818395-8150-4CA9-A16F-1F8B419C2B22D:snappy driversdi_x64_r1904.exe] => (Block) D:snappy driversdi_x64_r1904.exe => No File
FirewallRules: [TCP Query UserA063B484-B364-4F85-A378-7367F57A95E0C:usersjintheappdataroamingzoombinzoom.exe] => (Block) C:usersjintheappdataroamingzoombinzoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User9F96342D-541C-4F59-A8D1-05A77C3A54CEC:usersjintheappdataroamingzoombinzoom.exe] => (Block) C:usersjintheappdataroamingzoombinzoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [7B6CE35F-B3F5-4399-8311-9C01B089B07A] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [F5C5135B-5932-4280-AB6B-CFD1F669F391] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [5F9949DD-26EC-4B28-8D9C-1392546798EF] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [68E34458-CA08-4795-BE02-92543508AE6B] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [B215AE7B-424F-450A-B2D8-116C133F2C66] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [454488BC-B570-49F7-BF34-E4DF4EF02CD0] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [E34DABFA-3058-4DB8-8B16-ACFF82DACAEA] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [34E58AAC-209D-4058-A0FC-88355DB13829] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [D55C9C34-C2E9-467D-930F-DBF6CC6BD713] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [96765144-BB16-4742-8DC1-836F299CD7BF] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [8B7DA7D4-1993-4005-8EB8-5D23AF2FA4CF] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [794B59A7-FFCC-4267-AA36-04D59365E384] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [F85DF6EC-FCAB-4256-8705-0184A3908856] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0Spotify.exe => No File
FirewallRules: [BEE2518D-F5CB-454C-B23D-EF02489B0B35] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversUCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [701232D4-F669-4F87-B128-A3AFA273A9B9] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversUCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [1A92CAEB-A1E7-46BC-BAF4-698DBF7AF5CE] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversUCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [9B952E8F-79D1-475A-BA32-3D5E7BADD1F1] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversUCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [48BF29DD-826C-4E22-B8F5-08461CB6C1CE] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [F98DBF5C-8985-46E5-999C-B061DB1F1E8E] => (Allow) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [6280CDE4-755C-4337-AD31-FEFB122703D2] => (Allow) C:Program Files (x86)SMART TechnologiesEducation SoftwareNotebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [3170C190-6377-4D3C-B41A-2EB19181DB21] => (Allow) C:Program Files (x86)SMART TechnologiesEducation SoftwareNotebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [TCP Query User9388DC08-B5F6-4CD2-9F72-D3790FDB2C1CC:usersjintheappdatalocalmicrosoftteamscurrentteams.exe] => (Block) C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User645D6E03-B9CC-4314-806B-9ED152030175C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe] => (Block) C:usersjintheappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [C68A57E4-3371-490B-884C-49CBD07D3318] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [02381107-AF32-42B5-B352-2C071DB6D9C3] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [7EC777B1-C718-47B5-A32E-8034366CB544] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [CD7E9753-13CD-4E9A-B09E-CB76D8919B32] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [F34254EA-6E34-4382-9E1E-E6C45C1096CA] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [C546ED0D-0A13-4497-A945-6C31AE2A3D6E] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [E3CC88A0-0696-48C2-8827-B57377943E60] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [7B3DE45E-C459-4D5F-BD57-D53CE14F0C8D] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [4802AC02-F653-4610-B364-272CC012E02B] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication108.0.1462.54msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [7B9D4FA8-F5BE-45D9-8CCA-98B85F017A0A] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [8DB5E75D-3A84-4B1E-8C93-9FD401D181E9] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [5C3153FE-C351-4F64-A4BC-8A1D19DFAF91] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [97B12DFB-EE03-4EE0-BF8A-A65E6DCDF16F] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
25-12-2022 14:40:28 Windows Modules Installer
02-01-2023 15:17:46 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2023 09:47:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: assistant.exe, version: 4.0.0.1403, time stamp: 0x63974f96
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process ID: 0x15d4
Faulting application start time: 0x01d9220f7442e15b
Faulting application path: C:Program FilesMalwarebytesAnti-Malwareassistant.exe
Faulting module path: C:WINDOWSSystem32ucrtbase.dll
Report ID: c7d3f8ef-19d0-4fb8-9a0d-162df52c3f31
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2023 09:47:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: assistant.exe, version: 4.0.0.1403, time stamp: 0x63974f96
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process ID: 0x55dc
Faulting application start time: 0x01d9220f299284c0
Faulting application path: C:Program FilesMalwarebytesAnti-Malwareassistant.exe
Faulting module path: C:WINDOWSSystem32ucrtbase.dll
Report ID: 267654d1-8bed-4e41-9acb-8791232bc9b5
Faulting package full name:
Faulting package-relative application ID:
Error: (01/06/2023 08:43:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdobeNotificationHelper.exe, version: 5.2.0.1, time stamp: 0x620f3a12
Faulting module name: AdobeNotificationHelper.exe, version: 5.2.0.1, time stamp: 0x620f3a12
Exception code: 0xc0000005
Fault offset: 0x0002c76e
Faulting process ID: 0x2560
Faulting application start time: 0x01d921a25c95750d
Faulting application path: C:Program Files (x86)Common FilesAdobeAdobeNotificationManagerAdobeNotificationHelper.exe
Faulting module path: C:Program Files (x86)Common FilesAdobeAdobeNotificationManagerAdobeNotificationHelper.exe
Report ID: 4fedd6b5-4c8a-44f2-a0e0-5c963625b5c0
Faulting package full name:
Faulting package-relative application ID:
Error: (01/05/2023 07:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.19041.746, time stamp: 0x5b78739c
Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6
Exception code: 0xc0000374
Fault offset: 0x00000000000ff6a9
Faulting process ID: 0x2460
Faulting application start time: 0x01d91f559a515d95
Faulting application path: C:WindowsSystem32RuntimeBroker.exe
Faulting module path: C:WINDOWSSYSTEM32ntdll.dll
Report ID: 43d08e09-ce38-4105-874a-bb573674e572
Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (01/03/2023 10:29:49 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL “C:WINDOWSsystem32sysmain.dll” (Win32 error code 126).
Error: (01/02/2023 01:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.19041.746, time stamp: 0x5b78739c
Faulting module name: windows.storage.dll, version: 10.0.19041.2311, time stamp: 0x02ad31cf
Exception code: 0xc0000005
Fault offset: 0x00000000000ec729
Faulting process ID: 0x4ce0
Faulting application start time: 0x01d91ea62e032cc1
Faulting application path: C:WindowsSystem32RuntimeBroker.exe
Faulting module path: C:WINDOWSsystem32windows.storage.dll
Report ID: c0c2f131-4a94-4d32-a9d6-cbf2019abe87
Faulting package full name: Microsoft.OneConnect_5.2204.1031.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (01/01/2023 09:14:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcrobatNotificationClient.exe, version: 0.0.0.0, time stamp: 0x5b98af46
Faulting module name: combase.dll, version: 10.0.19041.2311, time stamp: 0x8d58276a
Exception code: 0xc000027b
Fault offset: 0x00205941
Faulting process ID: 0x364c
Faulting application start time: 0x01d91c7e2edcbb29
Faulting application path: C:Program FilesWindowsAppsReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7rAcrobatNotificationClient.exe
Faulting module path: C:WINDOWSSystem32combase.dll
Report ID: 1868fc4e-284a-40d0-af04-ee993600afeb
Faulting package full name: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Faulting package-relative application ID: App
Error: (12/30/2022 08:12:54 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL “C:WINDOWSsystem32sysmain.dll” (Win32 error code 126).
System errors:
=============
Error: (01/06/2023 10:38:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.
Error: (01/06/2023 10:38:16 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.
Error: (01/06/2023 09:47:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 86400000 milliseconds: Restart the service.
Error: (01/06/2023 08:39:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0B0AO5P)
Description: The server 628ACE20-B77A-456F-A88D-547DB6CEEDD5 did not register with DCOM within the required timeout.
Error: (01/05/2023 10:52:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0B0AO5P)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
Error: (01/05/2023 10:52:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0B0AO5P)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
Error: (01/05/2023 10:52:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0B0AO5P)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
Error: (01/05/2023 10:52:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0B0AO5P)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2023-01-03 13:25:12
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2211.5-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-29 13:41:45
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2210.6-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-07 23:01:29
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2210.5-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-02 14:06:58
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2210.4-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-16 16:44:35
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2209.7-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-09-20 09:10:18
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2207.7-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-08-19 21:00:21
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2205.7-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard M71 Ver. 01.24 01/25/2018
Motherboard: Hewlett-Packard 2216
Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 8067.11 MB
Available physical RAM: 2288.72 MB
Total Virtual: 13699.11 MB
Available Virtual: 5588.06 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:237.2 GB) (Free:139.28 GB) (Model: SPCC Solid State Disk) NTFS
\?Volumef0541b58-661e-479d-bfa5-0984502e1046 (WinRE) (Fixed) (Total:0.54 GB) (Free:0.52 GB) NTFS
\?Volume9b0e7fe3-5d85-4be2-a1bd-455d973554bd () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\?Volumea06b2c10-4f55-4044-bf50-2ff6409cc6ff (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Jinthe (administrator) on DESKTOP-0B0AO5P (Hewlett-Packard HP EliteBook 850 G2) (06-01-2023 22:56:31)
Running from C:UsersJintheDownloads
Loaded Profiles: Jinthe
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AO Kaspersky Lab -> AO Kaspersky Lab) C:UsersJintheAppDataLocalTemp3079e951-493a-4644-82ca-9297892b1bb2fc4e3d5d.exe
(C:Program Files (x86)CitrixICA Clientconcentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientReceiverReceiver.exe
(C:Program Files (x86)CitrixICA ClientReceiverReceiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientSelfServicePluginSelfServicePlugin.exe
(C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe ->) (Adobe Inc. -> ) C:Program Files (x86)AdobeAdobe SyncCoreSyncCoreSync.exe
(C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud Helper.exe <2>
(C:Program Files (x86)Common FilesSMART TechnologiesSystemMenuSMARTSystemMenu.exe ->) (SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)Common FilesSMART TechnologiesSMART Crash Reporter 1.2crashpad_handler2.exe
(C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTInk.exe ->) (SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversOfficeSMARTInk-SBSDKProxy.exe
(C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTInk.exe ->) (SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTInkPrivilegedAccess.exe
(C:Program FilesAdobeAdobe Creative Cloud ExperienceCCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:Program FilesAdobeAdobe Creative Cloud Experiencelibsnode.exe
(C:Program FilesAdobeAdobe Creative Cloud Experiencelibsnode.exe ->) (Adobe Inc. -> Adobe Inc) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonIPCBoxAdobeIPCBroker.exe
(C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud Helper.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program FilesAdobeAdobe Creative Cloud ExperienceCCXProcess.exe
(C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe
(C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program FilesCommon FilesAdobeAdobe Desktop CommonHEXCreative Cloud UI Helper.exe <2>
(C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:Program FilesCommon FilesAdobeCreative Cloud LibrariesCCLibrary.exe
(C:Program FilesCommon FilesAdobeCreative Cloud LibrariesCCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:Program FilesCommon FilesAdobeCreative Cloud Librarieslibsnode.exe
(C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(C:Program FilesMicrosoft OfficerootOffice16ONENOTE.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE
(C:Program FilesRealtekAudioHDARtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <2>
(C:Program FilesSynapticsSynTPSynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientconcentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientredirector.exe
(DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5HPHotkeyNotification.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> Hanvon Ugee Technology Co.) C:Program FilesPentabletPenTablet.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16ONENOTE.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.152GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.152GoogleCrashHandler64.exe
(Intel Corporation -> ) C:WindowsSystem32igfxTray.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxHK.exe
(Joyent, Inc) [File not signed] C:Program Files (x86)SMART TechnologiesSMART Product Driverssbsdk-serverSBWDKService.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe <31>
(Microsoft Corporation -> Microsoft Corporation) C:UsersJintheAppDataLocalMicrosoftOneDrive22.238.1114.0002Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:UsersJintheAppDataLocalMicrosoftTeamscurrentTeams.exe <8>
(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesSpeccySpeccy64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:Program Files (x86)HPHP Hotkey SupportHotkeyService.exe
(services.exe ->) (HP Inc. -> HP) C:Program Files (x86)HPHP Hotkey SupportLanWlanSwitchingService.exe
(services.exe ->) (HP Inc. -> HP) C:Program Files (x86)HPSharedhpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(services.exe ->) (Microsoft Corporation -> ) C:Program Files (x86)UniversalPrintPrinterProvisioningServiceUniversalPrintPrinterProvisioningService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft Intune Management ExtensionMicrosoft.Management.Services.IntuneWindowsAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:WindowsSystem32WirelessKB850NotificationService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTHelperService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnhService.exe
(SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)Common FilesSMART TechnologiesSystemMenuSMARTSystemMenu.exe
(SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTBoardService.exe
(SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTInk.exe
(SMART Technologies ULC -> SMART Technologies) C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTNotification.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:Program FilesWindowsAppsAdobeNotificationClient_3.0.1.1_x86__enpm4xejd91ycAdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:Program FilesWindowsAppsReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7rAcrobatNotificationClient.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA ClientAuthManagerAuthManSvr.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:Program Files (x86)CitrixICA Clientwfcrun32.exe
(svchost.exe ->) (HP Inc. -> HP) C:Program Files (x86)HPHP Hotkey SupportQLBController.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:UsersJintheAppDataLocalMicrosoftOneDrive22.238.1114.0002FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32fodhelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSysWOW64wbemWmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9235936 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [RtsCM] => C:WINDOWSRTSCM64.EXE [225248 2018-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM…Run: [PenTablet] => C:Program FilesPentabletPenTablet.exe [882648 2022-04-13] (Hanvon Ugee Technology Co., Ltd. -> Hanvon Ugee Technology Co.)
HKLM-x32…Run: [Adobe CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32…Run: [ConnectionCenter] => C:Program Files (x86)CitrixICA Clientconcentr.exe [555920 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32…Run: [Redirector] => C:Program Files (x86)CitrixICA Clientredirector.exe [402320 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32…Run: [SMARTNotification] => C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTNotification.exe [211512 2021-05-19] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32…Run: [SMART Board Service] => C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTBoardService.exe [2803256 2021-05-19] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32…Run: [SMART Tray Tools] => C:Program Files (x86)Common FilesSMART TechnologiesSystemMenuSMARTSystemMenu.exe [649784 2021-04-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32…Run: [sbsdk-server] => C:Program Files (x86)SMART TechnologiesSMART Product Driverssbsdk-serverNodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32…Run: [SMART Ink] => C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTInk.exe [289336 2021-05-18] (SMART Technologies ULC -> SMART Technologies)
HKLM…RunOnce: [c9d31d71-d33c-4e2d-bf26-398dc82254e4] => “C:UsersJintheAppDataLocalTemp11452b5a-5f69-4977-9991-0d81d434fe21c9d31d71-d33c-4e2d-bf26-398dc82254e4.cmd” (No File) <==== ATTENTION
HKLMSOFTWAREMicrosoftWindows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLMSOFTWAREMicrosoftWindows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKUS-1-5-21-1734413744-1808926874-3554828221-1002…Run: [com.squirrel.Teams.Teams] => C:UsersJintheAppDataLocalMicrosoftTeamsUpdate.exe [2587416 2022-12-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKUS-1-5-21-1734413744-1808926874-3554828221-1002…Run: [MicrosoftEdgeAutoLaunch_BA6729984E3760BA0FA2E24655DC2A08] => “C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe” –no-startup-window –win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM…PrintMonitorsSMART Local Port: C:WINDOWSsystem32smrtlocalmon.dll [39992 2021-05-19] (SMART Technologies ULC -> SMART Technologies ULC)
Startup: C:UsersJintheAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupVerzenden naar OneNote.lnk [2023-01-06]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: 009E9E84-C593-4D7F-93D7-5D74BD56C4F3 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-05-04] (Google LLC -> Google LLC)
Task: 01830B8E-2BED-4D2C-9B38-F587237B2F1B – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Provisioning initiated session => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 152CBFF7-A686-4B95-8CD2-80C507D7881D – System32TasksAdobe Creative Cloud => C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe [1068512 2022-09-30] (Adobe Inc. -> Adobe Inc.)
Task: 162698A1-CB2D-4062-9BC6-A9BD4F40A581 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140OS Edition Upgrade event listener created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 1F30676E-8F94-477D-BC52-03E5EE5795B6 – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: 22E4B028-928A-4008-88B8-3C8A8D135DFA – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Passport for Work alert created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 2E7B32D2-7700-47F2-8787-A753568DEAF1 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Wsc Startup event listener created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 3030F863-CA9D-4063-A798-9787D159C41B – System32TasksAdobeGCInvoker-1.0 => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: 3108DDEF-4DA1-401D-B950-5D734D1B60A6 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule #2 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 36B8C63E-79A9-466A-BE8F-8B1493AC96E7 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140PushLaunch => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 4F92632D-938C-4380-89B6-E55C9C3E4F6E – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8509392 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: 57713616-C34E-43CA-A010-0F25E1FCB232 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule #3 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 63559AC2-73F0-4559-87F9-9DFD1F9A0ACF – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule created by enrollment client for renewal of certificate warning => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 649420F7-4480-419A-859B-DFDE107C8FEF – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule to run OMADMClient by server => C:WINDOWSsystem32omadmclient.exe [445440 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 70D038C7-F971-4AFA-B748-6B033368FD78 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule to run OMADMClient by client => C:WINDOWSsystem32omadmclient.exe [445440 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 7764744A-2AC2-4EC1-8A7B-3CFDFA62C866 – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: 7BF3B094-57E9-4617-AA9E-7D05353948A6 – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: 8A8BF422-C7C5-4F4B-9AA4-90FAF5100F1D – System32TasksSensorFramework-LogonTask-100ee514-48c8-f419-6760-6fb8cb2767cd => C:Program Files (x86)Microsoft Intune Management ExtensionSensorLogonTask.exe [33160 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: 94B743A8-1C29-4F18-A85A-B28727697B1D – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: 95206172-3E5E-483B-AA26-B080F79A3857 – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140PushRenewal => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: 97F24C73-4511-4AE7-93D3-F381D43C6EAE – System32TasksMicrosoftIntuneIntune Management Extension Health Evaluation => C:Program Files (x86)Microsoft Intune Management ExtensionClientHealthEval.exe [51088 2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: 9C1EB378-759A-4609-8073-5D9AECC942E9 – System32TasksMicrosoftOfficeOffice Performance Monitor => C:Program FilesMicrosoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOffice16operfmon.exe [146816 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: 9F3EC169-096B-4C15-8B33-B63A1C8747CF – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-05-04] (Google LLC -> Google LLC)
Task: B666D4EE-CDF9-4580-B711-768BE4562959 – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8509392 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: B729B44C-C171-4EB8-866A-6417D5F08A2C – System32TasksHPHP Hotkey SupportStart QLBController Process => C:Program Files (x86)HPHP Hotkey SupportQLBController.exe [891432 2018-08-31] (HP Inc. -> HP)
Task: B7AF7B05-2F43-4526-B0A6-3045E74F926B – System32TasksMicrosoftOfficeOffice Serviceability Manager => C:Program FilesCommon FilesMicrosoft SharedClickToRunofficesvcmgr.exe [3843200 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: C457A017-9762-4B09-8259-2F9EC92CE6AF – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Win10 S Mode event listener created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: E0F7FD95-A8DD-4107-A359-2B07C05E031C – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: E24E169C-F6B9-414D-ADE9-F381537E2E9A – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140PushUpgrade => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
Task: E2D60640-6D2D-4B70-859E-010F0984CF7A – System32TasksMicrosoftWindowsEnterpriseMgmt2AB53B01-1C73-4709-BBCE-CA9956290140Schedule #1 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [464896 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
TcpipParameters: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces234719df-542b-4bf4-b1a6-80e1749a3ff3: [DhcpNameServer] 192.168.0.1
Tcpip..Interfacesd8ca27a4-311b-4c9a-8556-28a6bedb6783: [DhcpNameServer] 195.130.130.5 195.130.131.5
Edge:
=======
DownloadDir: C:UsersJintheDownloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:UsersJintheAppDataLocalMicrosoftEdgeUser DataDefault [2023-01-06]
Edge DownloadDir: Default -> C:UsersJintheDownloads
Edge Notifications: Default -> hxxps://0wvghk.worthyrid.com; hxxps://bdhze4.worthyrid.com
Edge Profile: C:UsersJintheAppDataLocalMicrosoftEdgeUser DataProfile 1 [2020-11-17]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:Program FilesAdobeAcrobat DCAcrobatAirnppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2022-09-30] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:Program Files (x86)CitrixICA ClientnpicaN.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2022-09-30] (Adobe Inc. -> Adobe Systems)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [923616 2022-09-30] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12540928 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
R2 HotKeyServiceUWP; C:WINDOWSSystem32DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5HotKeyServiceUWP.exe [819856 2019-05-14] (HP Inc. -> HP Inc.)
R2 HP Hotkey Service; C:Program Files (x86)HPHP Hotkey SupportHotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP)
R3 hpqcaslwmiex; C:Program Files (x86)HPSharedhpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP)
R2 IntuneManagementExtension; C:Program Files (x86)Microsoft Intune Management ExtensionMicrosoft.Management.Services.IntuneWindowsAgent.exe [197008 2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
R2 LanWlanSwitchingService; C:Program Files (x86)HPHP Hotkey SupportLanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP)
R2 LanWlanWwanSwitchingServiceUWP; C:WINDOWSSystem32DriverStoreFileRepositoryhpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5LanWlanWwanSwitchingServiceUWP.exe [731072 2019-05-14] (HP Inc. -> HP Inc.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [8892256 2023-01-06] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:WINDOWSsystem32dllhost.exe /Processid:2CA2E202-932F-4BA2-8771-195BB86398F5 [21312 2021-02-05] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [224184 2022-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SMARTHelperService; C:Program Files (x86)SMART TechnologiesSMART Product DriversSMARTHelperService.exe [639544 2021-05-19] (SMART Technologies ULC -> SMART Technologies)
R2 UniversalPrintPrinterProvisioningService; C:Program Files (x86)UniversalPrintPrinterProvisioningServiceUniversalPrintPrinterProvisioningService.exe [27104 2020-06-24] (Microsoft Corporation -> )
S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2211.5-0NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2211.5-0MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:WINDOWSsystem32WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U3 32c08c94; C:WINDOWSSystem32Drivers32c08c94.sys [299544 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 cpuz149; C:UsersJintheAppDataLocalTempcpuz149cpuz149_x64.sys [44320 2023-01-06] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [158640 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 hanvonugeemfilter; C:WINDOWSSystem32drivershanvonugeemfilter.sys [9728 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
U0 klupd_32c08c94a_arkmon; C:WINDOWSSystem32Driversklupd_32c08c94a_arkmon.sys [382304 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_32c08c94a_arkmon_EA04D71E; C:KVRT2020_DataTempEA04D71EFC0E16AB22C9615549FEE4F2klupd_32c08c94a_arkmon.sys [382304 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_32c08c94a_klark; C:WINDOWSSystem32Driversklupd_32c08c94a_klark.sys [359976 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U0 klupd_32c08c94a_klbg; C:WINDOWSSystem32Driversklupd_32c08c94a_klbg.sys [190048 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_32c08c94a_mark; C:WINDOWSSystem32Driversklupd_32c08c94a_mark.sys [270672 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [223176 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [21480 2023-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [197088 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [76216 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [239544 2023-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [181816 2023-01-06] (Malwarebytes Inc. -> Malwarebytes)
S3 pelmouse; C:WINDOWSsystem32DRIVERSpelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:WINDOWSsystem32DRIVERSpelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
R3 SMARTMouseFilterx64; C:WINDOWSSystem32driversSMARTMouseFilterx64.sys [18952 2021-05-19] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:WINDOWSSystem32driversSMARTVHidMiniVistaAmd64.sys [28168 2021-05-19] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 vmulti; C:WINDOWSSystem32driversvmulti.sys [10752 2018-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:WINDOWSSystem32driversWirelessButtonDriver64.sys [35600 2019-02-05] (HP Inc. -> HP)
S3 WirelessKeyboardFilter; C:WINDOWSSystem32driversWirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-06 22:56 – 2023-01-06 22:57 – 000033064 _____ C:UsersJintheDownloadsFRST.txt
2023-01-06 22:55 – 2023-01-06 22:56 – 000000000 ____D C:FRST
2023-01-06 22:53 – 2023-01-06 22:53 – 002376192 _____ (Farbar) C:UsersJintheDownloadsUnconfirmed 683255.crdownload
2023-01-06 22:52 – 2023-01-06 22:53 – 002376192 _____ (Farbar) C:UsersJintheDownloadsFRST64.exe
2023-01-06 22:45 – 2023-01-06 22:45 – 000000925 _____ C:UsersJintheDesktopInstall Kaspersky Internet Security version 21.3.10.391.lnk
2023-01-06 22:39 – 2023-01-06 22:39 – 000000000 ____D C:UsersJintheOneDrive – Hogeschool VIVESDocumentenOneNote-notitieblokken
2023-01-06 22:37 – 2023-01-06 22:37 – 008995336 _____ (Piriform Software Ltd) C:UsersJintheDownloadsspsetup132.exe
2023-01-06 22:37 – 2023-01-06 22:37 – 000000844 _____ C:UsersPublicDesktopSpeccy.lnk
2023-01-06 22:37 – 2023-01-06 22:37 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpeccy
2023-01-06 22:37 – 2023-01-06 22:37 – 000000000 ____D C:Program FilesSpeccy
2023-01-06 22:18 – 2023-01-06 22:18 – 002766672 _____ (Kaspersky) C:UsersJintheDownloadskis21.3.10.391en_26202.exe
2023-01-06 22:18 – 2023-01-06 22:18 – 000000000 ____D C:ProgramDataKaspersky Lab Setup Files
2023-01-06 21:58 – 2023-01-06 21:58 – 000000000 ____D C:KVRT2020_Data
2023-01-06 21:56 – 2023-01-06 21:58 – 100078424 _____ (AO Kaspersky Lab) C:UsersJintheDownloadsKVRT (1).exe
2023-01-06 21:56 – 2023-01-06 21:56 – 000001236 _____ C:UsersJintheOneDrive – Hogeschool VIVESDocumentenMBAM Scanlog 1.txt
2023-01-06 21:53 – 2023-01-06 21:54 – 100078424 _____ (AO Kaspersky Lab) C:UsersJintheDownloadsKVRT.exe
2023-01-06 21:47 – 2023-01-06 21:47 – 000181816 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys
2023-01-06 21:47 – 2023-01-06 21:47 – 000000000 ____D C:UsersJintheAppDataLocalCrashDumps
2023-01-06 21:38 – 2023-01-06 21:38 – 000000000 ____D C:UsersJintheAppDataLocalmbam
2023-01-06 21:37 – 2023-01-06 21:48 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2023-01-06 21:37 – 2023-01-06 21:48 – 000002028 _____ C:UsersPublicDesktopMalwarebytes.lnk
2023-01-06 21:36 – 2023-01-06 21:45 – 000000000 ____D C:ProgramDataMalwarebytes
2023-01-06 21:35 – 2023-01-06 21:45 – 000000000 ____D C:Program FilesMalwarebytes
2023-01-06 21:34 – 2023-01-06 21:34 – 002542312 _____ (Malwarebytes) C:UsersJintheDownloadsMBSetup (1).exe
2023-01-06 21:32 – 2023-01-06 21:32 – 002542312 _____ (Malwarebytes) C:UsersJintheDownloadsMBSetup.exe
2023-01-05 16:56 – 2023-01-05 16:56 – 000017233 _____ C:UsersJintheDownloadsoefeningen-les-8.xlsx
2022-12-30 17:55 – 2022-12-30 17:55 – 000066431 _____ C:UsersJintheDownloadsBTW regeling en toepassing in het opmaken van werktabel.pptx
2022-12-30 17:55 – 2022-12-30 17:55 – 000066431 _____ C:UsersJintheDownloadsBTW regeling en toepassing in het opmaken van werktabel (1).pptx
2022-12-30 17:55 – 2022-12-30 17:55 – 000056303 _____ C:UsersJintheDownloadsbudget aan klant en eigen budget.pptx
2022-12-28 17:16 – 2022-12-28 17:16 – 022069664 _____ C:UsersJintheDownloads2223_evmark-part1-introduction.pptx
2022-12-28 17:16 – 2022-12-28 17:16 – 008362771 _____ C:UsersJintheDownloads2223EvMark-part2-ROI -Events model (1).pptx
2022-12-25 14:41 – 2022-12-25 14:41 – 000000000 ___HD C:$WinREAgent
2022-12-20 10:13 – 2022-12-20 10:13 – 008669921 _____ C:UsersJintheDownloadsInsert a parting or call-to-action message here. (4).pdf
2022-12-20 10:03 – 2022-12-20 10:03 – 008669919 _____ C:UsersJintheDownloadsInsert a parting or call-to-action message here. (3).pdf
2022-12-20 09:17 – 2022-12-20 09:17 – 008669790 _____ C:UsersJintheDownloadsInsert a parting or call-to-action message here. (2).pdf
2022-12-20 08:56 – 2022-12-20 08:56 – 008665308 _____ C:UsersJintheDownloadsInsert a parting or call-to-action message here. (1).pdf
2022-12-19 22:50 – 2022-12-19 22:50 – 008665308 _____ C:UsersJintheDownloadsInsert a parting or call-to-action message here..pdf
2022-12-19 17:10 – 2022-12-19 17:10 – 000016270 _____ C:UsersJintheDownloadsexcel eventmarketing.xlsx
2022-12-18 15:45 – 2022-12-18 15:45 – 000765667 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (7).xlsx
2022-12-18 15:42 – 2022-12-18 15:42 – 000874720 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (6).xlsx
2022-12-18 15:42 – 2022-12-18 15:42 – 000027076 _____ C:UsersJintheDownloadsdna.xlsx
2022-12-18 15:41 – 2022-12-18 15:41 – 000005567 _____ C:UsersJintheDownloadsNaamloze spreadsheet.xlsx
2022-12-18 15:39 – 2022-12-18 15:39 – 000808895 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (5).xlsx
2022-12-18 15:00 – 2022-12-18 15:00 – 000808895 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (4).xlsx
2022-12-18 14:52 – 2022-12-18 14:52 – 000808895 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (3).xlsx
2022-12-18 14:51 – 2022-12-18 14:51 – 000808895 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (2).xlsx
2022-12-18 13:57 – 2022-12-18 13:57 – 000874720 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1) (1).xlsx
2022-12-18 12:35 – 2022-12-18 12:35 – 000765667 _____ C:UsersJintheDownloads11_05_we_love_events_extra(1)(1).xlsx
2022-12-16 14:12 – 2022-12-16 14:12 – 000002260 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth Pro.lnk
2022-12-16 14:12 – 2022-12-16 14:12 – 000002248 _____ C:UsersPublicDesktopGoogle Earth Pro.lnk
2022-12-16 14:12 – 2022-12-16 14:12 – 000000000 ____D C:Program FilesGoogle
2022-12-13 08:55 – 2022-12-13 08:56 – 164316959 _____ C:UsersJintheDownloadswe_love_events.pptx
2022-12-13 08:54 – 2022-12-13 08:55 – 003371575 _____ C:UsersJintheDownloadsUnconfirmed 87210.crdownload
2022-12-12 23:43 – 2022-12-12 23:46 – 760008334 _____ C:UsersJintheDownloadsFilm_trial_0.mp4
2022-12-12 18:32 – 2022-12-12 18:33 – 249750420 _____ C:UsersJintheDownloadsBuda kunstencentrum ‐ Gemaakt met Clipchamp (1).mp4
2022-12-12 18:32 – 2022-12-12 18:32 – 249750420 _____ C:UsersJintheDownloadsBuda kunstencentrum ‐ Gemaakt met Clipchamp.mp4
2022-12-12 17:10 – 2022-12-12 17:10 – 000830078 _____ C:UsersJintheDownloadsMary’s Irish Pub.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000296498 _____ C:UsersJintheDownloadsBudascoop.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000248568 _____ C:UsersJintheDownloadsKapucijnenstraat.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000244207 _____ C:UsersJintheDownloadsKapucijnenstraat 2.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000198987 _____ C:UsersJintheDownloadsBudascoop 3.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000163143 _____ C:UsersJintheDownloadsMary’s Irish Pub 3.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000161286 _____ C:UsersJintheDownloadsMary’s Irish Pub 2.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000069527 _____ C:UsersJintheDownloadsKorte Kapucijnenstraat.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000055152 _____ C:UsersJintheDownloadsKapucijnenstraat 3.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000055053 _____ C:UsersJintheDownloadsBudascoop 2.m4a
2022-12-12 17:10 – 2022-12-12 17:10 – 000018202 _____ C:UsersJintheDownloadsKapucijnenstraat 4.m4a
2022-12-12 16:42 – 2022-12-12 16:42 – 005962738 _____ C:UsersJintheDownloads319792386_5593668367354261_3619357844994338719_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 021445287 _____ C:UsersJintheDownloads10000000_5741453915970409_5957277961356850562_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 014586892 _____ C:UsersJintheDownloads10000000_5743995792350525_2924663100407136111_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 013093557 _____ C:UsersJintheDownloads10000000_5634037750025784_6285988138095648201_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 010289417 _____ C:UsersJintheDownloads10000000_5552073088247984_4379255049666586268_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 005323110 _____ C:UsersJintheDownloads319871348_8567496726656650_6151231782369475437_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 004691662 _____ C:UsersJintheDownloads319890755_8273825949354357_965459234977775786_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 003183397 _____ C:UsersJintheDownloads319949015_8384255251647687_5649612708240506724_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 000851750 _____ C:UsersJintheDownloads319788031_6233087240053497_5803504419268001349_n.mp4
2022-12-12 16:26 – 2022-12-12 16:26 – 000823739 _____ C:UsersJintheDownloads318333664_8348937205176909_1160488486526444830_n.mp4
2022-12-12 16:25 – 2022-12-12 16:25 – 002472251 _____ C:UsersJintheDownloads318344218_5867487846648242_7107217156748489631_n.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-06 22:52 – 2021-05-04 16:05 – 000000000 ____D C:Program Files (x86)Google
2023-01-06 22:51 – 2019-12-07 10:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2023-01-06 22:38 – 2019-12-07 10:13 – 000000000 ____D C:WINDOWSINF
2023-01-06 21:37 – 2019-12-07 10:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2023-01-06 21:26 – 2022-08-07 17:52 – 000000000 ____D C:UsersJintheAppDataLocalDeployment
2023-01-06 18:58 – 2021-02-05 18:32 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2023-01-06 11:38 – 2021-02-04 10:27 – 000000000 ____D C:WINDOWSSensorFramework
2023-01-06 09:21 – 2019-12-07 10:14 – 000000000 ___HD C:Program FilesWindowsApps
2023-01-06 09:21 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSAppReadiness
2023-01-06 08:42 – 2021-02-12 23:45 – 000000000 ___RD C:UsersJintheCreative Cloud Files
2023-01-06 08:40 – 2021-10-03 15:45 – 000000000 ___RD C:UsersJintheOneDrive – Hogeschool VIVES
2023-01-06 08:39 – 2020-09-21 19:57 – 000000000 __SHD C:UsersJintheIntelGraphicsProfiles
2023-01-06 08:39 – 2019-10-18 07:01 – 000000180 _____ C:WINDOWSsystem32A6D608F0-0BDE-491A-97AE-5C4B05D86E01.bat
2023-01-05 22:35 – 2021-10-03 15:45 – 000000000 ____D C:UsersJintheOneDrive – Hogeschool VIVESDocumentenJinthe
2023-01-05 16:56 – 2020-09-21 19:57 – 000000000 ____D C:UsersJintheAppDataLocalPackages
2023-01-04 11:18 – 2021-02-27 14:16 – 000000000 ___HD C:adobeTemp
2023-01-04 11:16 – 2021-02-05 18:41 – 000003536 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2023-01-04 11:16 – 2021-02-05 18:41 – 000003412 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2023-01-03 10:31 – 2021-02-05 19:09 – 000753738 _____ C:WINDOWSsystem32perfh013.dat
2023-01-03 10:31 – 2021-02-05 19:09 – 000150554 _____ C:WINDOWSsystem32perfc013.dat
2023-01-03 10:31 – 2021-02-05 19:06 – 000759072 _____ C:WINDOWSsystem32perfh00C.dat
2023-01-03 10:31 – 2021-02-05 19:06 – 000146000 _____ C:WINDOWSsystem32perfc00C.dat
2023-01-03 10:31 – 2021-02-05 18:40 – 002566222 _____ C:WINDOWSsystem32PerfStringBackup.INI
2023-01-03 10:29 – 2021-07-15 09:11 – 000003570 _____ C:WINDOWSsystem32TasksSensorFramework-LogonTask-100ee514-48c8-f419-6760-6fb8cb2767cd
2023-01-03 10:26 – 2021-02-05 18:41 – 000000006 ____H C:WINDOWSTasksSA.DAT
2023-01-03 10:26 – 2021-02-05 18:32 – 000008192 ___SH C:DumpStack.log.tmp
2023-01-03 10:26 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSServiceState
2022-12-30 19:10 – 2021-02-05 18:32 – 000460640 _____ C:WINDOWSsystem32FNTCACHE.DAT
2022-12-30 19:09 – 2019-12-07 15:49 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2022-12-30 19:09 – 2019-12-07 15:45 – 000000000 ____D C:WINDOWSen-GB
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSsystem32UNP
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64es-MX
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSystemResources
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSystemApps
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32lv-LV
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32lt-LT
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32et-EE
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Dism
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSProvisioning
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSbcastdvr
2022-12-30 19:09 – 2019-12-07 10:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2022-12-30 19:09 – 2019-12-07 10:03 – 001048576 _____ C:WINDOWSsystem32configBBI
2022-12-29 10:13 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSLiveKernelReports
2022-12-25 14:58 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSCbsTemp
2022-12-25 14:53 – 2021-02-05 18:33 – 003014656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PrintConfig.dll
2022-12-25 14:40 – 2020-09-30 14:30 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2022-12-20 08:50 – 2020-10-10 16:33 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2022-12-20 08:50 – 2020-10-10 16:33 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2022-12-19 23:41 – 2019-12-07 15:45 – 000000000 ____D C:WINDOWSsystem32Driversen-GB
2022-12-19 23:41 – 2019-12-07 10:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2022-12-19 23:41 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2022-12-19 23:41 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32oobe
2022-12-19 23:41 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2022-12-18 10:57 – 2021-02-04 10:10 – 000000000 ____D C:Program FilesMicrosoft Office
2022-12-15 17:50 – 2020-09-21 19:59 – 000000000 ____D C:UsersJintheAppDataRoaminghpqLog
2022-12-14 22:05 – 2020-09-25 21:15 – 000000000 ____D C:WINDOWSsystem32MRT
2022-12-14 22:02 – 2020-09-25 21:15 – 148633544 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2022-12-14 20:14 – 2021-02-12 23:40 – 000000000 ____D C:Program FilesCommon FilesAdobe
2022-12-12 23:49 – 2021-02-05 18:34 – 000000000 ____D C:UsersJinthe
2022-12-10 20:11 – 2021-01-15 10:43 – 000002380 _____ C:UsersJintheAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk
2022-12-10 13:53 – 2021-05-26 16:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office-hulpprogramma’s
2022-12-10 13:11 – 2021-12-11 12:32 – 000003592 _____ C:WINDOWSsystem32TasksOneDrive Reporting Task-S-1-5-21-1734413744-1808926874-3554828221-1002
2022-12-10 13:11 – 2021-02-05 18:41 – 000003382 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1734413744-1808926874-3554828221-1002
2022-12-10 13:11 – 2021-02-05 18:34 – 000002393 _____ C:UsersJintheAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2022-12-09 13:13 – 2019-10-16 05:45 – 000000000 ____D C:WINDOWSsystem32Driverswd
2022-12-09 13:12 – 2021-02-12 23:40 – 000000000 ____D C:Program FilesAdobe
==================== Files in the root of some directories ========
2022-08-30 20:06 – 2022-09-27 09:20 – 000007369 _____ () C:UsersJintheAppDataLocalkrita-sysinfo.log
2022-08-30 20:06 – 2022-09-27 09:20 – 000016252 _____ () C:UsersJintheAppDataLocalkrita.log
2022-09-27 09:20 – 2022-09-27 09:20 – 000000039 _____ () C:UsersJintheAppDataLocalkritadisplayrc
2022-08-30 20:07 – 2022-09-27 09:20 – 000017152 _____ () C:UsersJintheAppDataLocalkritarc
2021-02-12 23:47 – 2021-02-12 23:47 – 000000000 _____ () C:UsersJintheAppDataLocaloobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

Source: Read More

You may also like

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign