start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\...\Run: [BdagentApp] => "C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe" (Geen bestand)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4020241799-2529128990-547240824-1001\...\Run: [] => [X]
Task: {BDD909B8-5E6D-4D87-95AF-9FFB3ABE7CE4} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe  /run (Geen bestand)
Task: {1EF6F679-41E8-4A99-B35B-12252C9613F4} - System32\Tasks\Nahimic2svc32Run => "C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe"  $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Geen bestand)
Task: {73E46680-7E6A-49BD-9024-2A56F0140681} - System32\Tasks\Nahimic2svc64Run => "C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe"  $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Geen bestand)
Task: {408347F0-8BB3-41E0-9D2C-9E7BEFEE1806} - System32\Tasks\Nahimic2UILauncherRun => "C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe"  $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Geen bestand)
Task: {266C0ED4-E9CA-434A-A482-D45ACD04E1F9} - System32\Tasks\Overwolf Updater Task => C:\Users\myron\Desktop\Overwolf\OverwolfUpdater.exe  /RunningFrom Schedule (Geen bestand)
Edge DefaultSearchURL: Default -> hxxps://owebsearch.com/results.php?p=3500&v=401&q={searchTerms}
Edge DefaultSearchKeyword: Default -> oWebster
Edge DefaultSuggestURL: Default -> hxxps://owebsearch.com/gjson.php?q={searchTerms}
Edge Extension: (oWebster) - C:\Users\myron\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kccibgmjmfjdgejncbghjnfpkogoadkj [2023-09-28]
CHR DefaultSearchURL: Default -> hxxps://owebsearch.com/results.php?p=3500&v=401&q={searchTerms}
CHR DefaultSearchKeyword: Default -> oWebster
CHR DefaultSuggestURL: Default -> hxxps://owebsearch.com/gjson.php?q={searchTerms}
CHR Extension: (oWebster) - C:\Users\myron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kccibgmjmfjdgejncbghjnfpkogoadkj [2023-07-17]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2023-08-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2023-08-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2023-08-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== AANDACHT
U1 avgbdisk; geen ImagePath
S1 netfilter2; system32\drivers\netfilter2.sys [X]
2023-11-29 19:00 - 2023-11-29 19:00 - 000001153 _____ C:\Users\myron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2023-11-29 19:00 - 2023-11-29 19:00 - 000000000 ____D C:\Users\myron\Documents\TotalAV
2023-11-29 19:00 - 2023-11-29 19:00 - 000000000 ____D C:\ProgramData\SecuritySuite 
2023-10-02 19:26 - 2023-08-09 10:30 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2023-10-02 19:26 - 2023-08-09 10:30 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2023-10-02 19:26 - 2023-08-09 10:30 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2023-09-28 19:34 - 2023-11-29 19:00 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-09-28 19:34 - 2023-09-28 19:35 - 000000000 ____D C:\ProgramData\TotalAV
2023-12-03 10:20 - 2021-03-05 19:16 - 000000000 ____D C:\ProgramData\AVG
2023-11-25 11:44 - 2022-05-27 20:49 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2023-11-25 11:44 - 2022-05-27 20:49 - 000002662 _____ C:\WINDOWS\system32\Tasks\avfree.migratio
2023-11-25 11:44 - 2022-05-27 20:49 - 000002396 _____ C:\WINDOWS\system32\Tasks\Nahimic2UILauncherRun
2023-11-25 11:44 - 2022-05-27 20:49 - 000002384 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc64Run
2023-11-25 11:44 - 2022-05-27 20:49 - 000002376 _____ C:\WINDOWS\system32\Tasks\Nahimic2svc32Run
AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
EmptyTemp:
Reboot:
end::