[RESOLVED] because i do not know anymore where to post this...

[sitew]

to make a little here and NOT a big story ..

i have windows 10 pro installed (digital registered )
i have a foxcom motherboard and 16gb ram

i sometimes see in my system bar below a strange icon ansd when i hover over with the mouse then, i see Quarsar client not connected ...

ok i have / use a ftp program here and i have also a Utorrent 2.2.1 program installed because this version is not having bloodware .

ok now i have been looking online and it came out that i needed to install Combocleaner and let it run wat i have done ...

i hope i can post here a few lightshots pictures because after the scan ( that have took 7 hours ) i took the pictures from the result ... it have found 15 reds and 5 orange issues ...

here are the pictures ( i hope i do NO harm now by posting them here) Screenshot_1.jpg
Screenshot_2.jpgScreenshot_3.jpgScreenshot_4.jpg

i hope you can see the pictures

ok after that i went to safe mode and clean them manually

so my question now i can one admin / moderator from the section security check it please ???

i do not know if Sir Broni / Brony is still here because he did cleaned / helped me a few years ago

i will check back in day's
because i'm not on my computer tomorrow

[fink]

You should follow the same procedure you did last time. I will move this to the intensive care forum and then you can run the programs recommended in this sticky at the top of that forum and copy/paste the results below.

https://discussions.virtualdr.com/sh...ted-3-21-2015)

[sitew]

@fink thank you Sir for the help and answer

[sitew]

@fink thank you Sir for the help and answer

i will do the scan tomorrow my friend Sir because we are here evening now and a scan take 5 hours ...

then i will copy / paste the 2 results here

ps : well it was a long time ago that is why i ask some super visor advice and guidance
it is alway's good to have a teacher forum that is reachable

[Broni]

I'll take care of you

[sitew]

I'll take care of you

thank you Sir Broni
i can't scan with this program https://prnt.sc/hDrpzY-ho9VG because the scan button is grey a and i do not know wat square i need to check below ...

can you please tell me wat i need to do ??
thank you in advance

[Broni]

Leave checkmarks as they're. Delete your FRST file, download fresh one and try again.
From your screenshot I don't see "Scan" button being greyed out.

[sitew]

ok Sir i do it now
thank you

[Broni]

[sitew]

Hi Sir @Broni i did the scan now and here is the addition txt first part because i only can send / post 50000 char ...

i hope that you will NOT have problems with the language because it is in dutch ... (sorry for that )

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14-02-2022 01
Gestart door Site (22-02-2022 16:51:45)
Gestart vanaf C:\Users\Site\Desktop
Microsoft Windows 10 Pro Versie 21H1 19043.1526 (X64) (2020-08-02 17:23:15)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================


(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

Administrator (S-1-5-21-3199363119-606788724-3210624172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3199363119-606788724-3210624172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3199363119-606788724-3210624172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3199363119-606788724-3210624172-501 - Limited - Disabled)
Site (S-1-5-21-3199363119-606788724-3210624172-1001 - Administrator - Enabled) => C:\Users\Site
WDAGUtilityAccount (S-1-5-21-3199363119-606788724-3210624172-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version: - )
7-Zip 16.03 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1603-000001000000}) (Version: 16.03.00.0 - Igor Pavlov)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH)
Add/Remove Pro (Freeware) (HKLM-x32\...\Add/Remove Pro (Freeware)_is1) (Version: - Super Win Software, Inc.)
Adguard (HKLM-x32\...\{4cfd0c20-22b6-471e-8614-67f512a2d9aa}) (Version: 6.2.437.2171 - Performix LLC)
Adguard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 6.2.437.2171 - Performix LLC) Hidden
Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_3) (Version: 21.0.3 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Premiere Elements 10 (HKLM\...\{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 2021 (HKLM-x32\...\PRE_19_1) (Version: 19.0 - Adobe Inc.)
Age of Empires Definitive Edition (HKLM-x32\...\Age of Empires Definitive Edition_is1) (Version: - )
Age of Empires II: D.E. (HKLM-x32\...\Age of Empires II: D.E._is1) (Version: - )
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III Definitive Edition (HKLM-x32\...\Age of Empires III Definitive Edition_is1) (Version: - )
Age of Empires III Definitive Edition The African Royals (HKLM-x32\...\Age of Empires III Definitive Edition The African Royals_is1) (Version: - )
Age of Mythology Extended Edition Tale of the Dragon (HKLM-x32\...\Age of Mythology Extended Edition Tale of the Dragon_is1) (Version: - )
Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - )
American Truck Simulator Utah (HKLM-x32\...\American Truck Simulator Utah_is1) (Version: - )
Animated Banner Maker Licensed to Registered User version 1.7.6.10 (HKLM-x32\...\{62576E59-A624-4966-8D63-EED1290D1ACF}_is1) (Version: 1.7.6.10 - PCWinSoft Software)
Anno 1503 A.D. (HKLM-x32\...\1438074791_is1) (Version: 2.0.0.5 - GOG.com)
Anno 1602 - Creation of a New World (HKLM-x32\...\1438168222_is1) (Version: 2.0.0.6 - GOG.com)
Anno 1701 A.D. (HKLM-x32\...\1438075172_is1) (Version: 2.0.0.3 - GOG.com)
Anno 1800 Digital Deluxe Edition (HKLM-x32\...\Anno 1800 Digital Deluxe Edition_is1) (Version: - )
Any Video Converter Ultimate 6.3.6 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Any Video Downloader Pro 7 (HKLM-x32\...\Any Video Downloader Pro_is1) (Version: - Any Video Software)
AnyBurn 4.9 (HKLM\...\AnyBurn_is1) (Version: 4.9 - lrepacks.ru)
AquaSoft DiaShow 12 Ultimate (HKLM-x32\...\AquaSoft DiaShow 12 Ultimate) (Version: 12.2.02.00788 - AquaSoft)
ARIA Engine v1.9.0.2 (HKLM\...\ARIA Engine_is1) (Version: v1.9.0.2 - Plogue Art et Technologie, Inc)
Arturia Pigments (HKLM\...\Pigments_is1) (Version: 1.1.2.539 - Arturia & Team V.R)
Ashampoo Cover Studio 2017 (HKLM-x32\...\{91B33C97-6D7D-102A-7711-56C011AFB81B}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Studio Pro 2 (HKLM-x32\...\{91B33C97-A5B8-503E-AFB5-F144AAEA35F8}_is1) (Version: 2.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Card v.1.0.0 (HKLM-x32\...\{C92AB6F1-EC2E-85C8-C6D7-5BB8C2F89C7F}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 15 (HKLM-x32\...\{0A11EA01-E0CE-916E-BC94-74670FA71836}_is1) (Version: 15.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2017 (HKLM-x32\...\{91B33C97-41EE-3DB7-1FDD-5308E332AC28}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.2 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1) (Version: - Ubisoft)
Assassins Creed Valhalla (HKLM-x32\...\Assassins Creed Valhalla_is1) (Version: - )
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Aurora 3D Text & Logo Maker version 16.01.07 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 16.01.07 - Aurora3D Software)
AutoPlay Menu Builder 8.0 Build 2459 (HKLM-x32\...\AutoPlay Menu Builder 8.0 Build 2459) (Version: - )
Avant Browser (remove only) (HKLM-x32\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
AVS Audio Converter 10.0.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 10.0.1.607 - Online Media Technologies Ltd.)
AVS Audio Editor 10.0.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 10.0.1.547 - Online Media Technologies Ltd.)
AVS Disc Creator 6.2.1 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 6.2.1.560 - Online Media Technologies Ltd.)
AVS Document Converter 4.2.4 (HKLM-x32\...\AVS Document Converter_is1) (Version: 4.2.4.269 - Online Media Technologies Ltd.)
AVS Image Converter 5.2.4 (HKLM-x32\...\AVS Image Converter_is1) (Version: 5.2.4.303 - Online Media Technologies Ltd.)
AVS Media Player 5.2.1 (HKLM-x32\...\AVS Media Player_is1) (Version: 5.2.1.138 - Online Media Technologies Ltd.)
AVS Photo Editor 3.2.4 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 3.2.4.168 - Online Media Technologies Ltd.)
AVS Registry Cleaner 4.1.5 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 4.1.5.291 - Online Media Technologies Ltd.)
AVS Video Converter 12.1.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 12.1.1.660 - Online Media Technologies Ltd.)
AVS Video Editor 9.4.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 9.4.1.360 - Online Media Technologies Ltd.)
AVS Video ReMaker 6.4.1 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 6.4.1.240 - Online Media Technologies Ltd.)
Belgium e-ID middleware 4.4.27 (build 4277) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A74277}) (Version: 4.4.4277 - Belgian Government)
Bigasoft Video Downloader Pro 3.23.6.7807 (HKLM-x32\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation)
Boris FX Sapphire Plug-ins 2019.0 for After Effects and Compatible Products (HKLM\...\GenArts Sapphire AE_is1) (Version: 12.000 - Boris FX, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 98.1.35.103 - De auteurs van Brave)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1087 - AB Team, d.o.o.)
BurnAware Professional 10 (HKLM-x32\...\BurnAware Professional_is1) (Version: - Burnaware)
calibre 64bit (HKLM\...\{7F0FDECD-A5AF-4509-8E43-6FBED376FFA8}) (Version: 4.11.1 - Kovid Goyal)
Camel Audio Alchemy (HKLM\...\Alchemy_is1) (Version: 1.55 - Team V.R)
Camel Audio Alchemy (HKLM-x32\...\Camel Audio Alchemy) (Version: 1.55.0 - Camel Audio)
CCleaner (HKLM\...\{15F2E6A3-053D-49CC-8E41-C70F30B1D22E}) (Version: 5.39.6399 - Piriform Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform)
CDMenuPro V6 (HKLM-x32\...\{A2651914-C1AF-4953-B1B7-46E7E50145FE}) (Version: 6.50.00.00 - KS-SW - Klaus Schwenk Software)
Chasys Draw IES 5.05.01 (HKLM-x32\...\Chasys Draw IES) (Version: 5.05.01 - John Paul Chacha's Lab)
Cheatbook Database 2012 (HKLM-x32\...\Cheatbook Database 2012) (Version: - )
ChrisPC VideoTube Downloader Pro 12.17.19 (HKLM-x32\...\{6006089C-84B5-4F18-8113-9876543210ED}_is1) (Version: - Chris P.C. srl)
Clean Space version 7.44 (HKLM-x32\...\Clean Space_7_is1) (Version: 7.44 - CYROBO)
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 97.0.4692.99 - Comodo)
COMODO Internet Security Premium (HKLM\...\{A7E6482D-B9FE-48EA-AB47-9CDA8582554C}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}) (Version: 1.4.159.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.4.478445.159 - Comodo)
Conan Exiles (HKLM-x32\...\Conan Exiles_is1) (Version: - )
ConverterLite 1.6.11.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.11.0 - ConverterLite)
Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - )
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.0.581 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{95555783-E5F3-40B2-99C7-7345C39EFF76}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Painter 2017 - Content (HKLM\...\{2E67836E-3087-4F6A-88F6-E30F96618ADC}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Core (HKLM\...\{05945C4C-CF26-4C7C-BDAF-BA3AF0654EBF}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Corex64 (HKLM\...\{ABE58ECC-2366-4C3D-8D22-F7C6CFCC68C6}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - CT (HKLM\...\{244AB8D2-9305-40A2-B103-E6C266DDC484}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - DE (HKLM\...\{0F53601B-2091-4811-AE21-62728E4D768C}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - EN (HKLM\...\{CF892806-28B0-49DD-8CD9-6390F56BC202}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - FR (HKLM\...\{65E8DA73-4A21-4A55-8B47-5DB96AFA195A}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM (HKLM\...\{ACC572DA-DF2E-4B0B-8BCA-B6E7E4C6E0F3}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM Content (HKLM\...\{FAD58DDC-E46E-4230-9722-A2A8C7528454}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - JP (HKLM\...\{055A9D5C-B21F-4745-8F29-9CDCB2EA40BF}) (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 (HKLM\...\_{0EB4382B-8422-4059-8027-3403DE8E8C3F}) (Version: 16.0.0.400 - Corel Corporation)
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.11.552 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content (x64) (HKLM\...\{54F024CB-16AF-4CC0-9BC2-D2507E7C6C01}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.2.0.688 - Corel Corporation)
CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.3.0 - Globalscape)
CyberLink PhotoDirector 8 (HKLM-x32\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.2031.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.0.0894 - Disc Soft Ltd)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
discoDSP Discovery v2.7 (HKLM-x32\...\discoDSP Discovery v2.7_is1) (Version: 2.7 - discoDSP)
DVD and CD Cover Print (HKLM-x32\...\DVD and CD Cover Print) (Version: 3.0 - North Cardinal Software)
DXGL 0.5.10 (HKLM-x32\...\DXGL) (Version: 0.5.10 - William Feely)
EaseUS Partition Master 14.5 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
EaseUS Tools M Beta 0.7.1 (HKLM-x32\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version: - EaseUS)
Easy Cut Studio 4.105 (HKLM-x32\...\Easy Cut Studio_is1) (Version: - Craft Edge)
Easy GIF Animator 7.3 (HKLM-x32\...\Easy GIF Animator_is1) (Version: 7.0 - Karlis Blumentals)
eBook Converter Bundle 3.21.1003.430 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.21.1003.430 - eBook Converter Team)
ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version: - Tone2)
Electronic Arts Game Updater (HKLM-x32\...\Electronic Arts Game Updater) (Version: - )
Extreme Picture Finder 3.59.1 (HKLM-x32\...\Extreme Picture Finder_is1) (Version: 3.59.1 - Extreme Internet Software)
Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Flame Painter 2.5.0 Pro (64bit) (HKLM\...\Flame Painter Pro (64bit)_is1) (Version: 2.5.0 - Escape Motions, s.r.o)
Flip PDF Professional (HKLM-x32\...\Flip PDF Professional_is1) (Version: - FlipBuilder Solution)
FLV-Media Player 1.6 (HKLM-x32\...\FLV-Media Player) (Version: 1.6 - HYBRIDWEB)
FormatFactory 5.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.6.0.0 - Free Time)
Fotostory 2016 Deluxe Update (HKLM\...\{47AA6328-E58F-45F0-87E7-631E249C470C}) (Version: 15.0.4.115 - MAGIX Software GmbH) Hidden
Free Photo Viewer (HKLM-x32\...\Free Photo Viewer_is1) (Version: 1.3 - 10-Strike Software)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
Gilisoft Video Converter Discovery Edition (HKLM-x32\...\{5A8E9895-569C-96E8-8CA1-1A665682E40C}_is1) (Version: 11.1.0 - GiliSoft International LLC.)
GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Gladiator full (HKLM\...\Tone2 Gladiator full_is1) (Version: 2.5.0 - Tone2)
Gladiator full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: 2.5.0 - Tone2)
Glary Utilities PRO 5.95 (HKLM-x32\...\Glary Utilities 5) (Version: 5.95.0.117 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.107 - Google Inc.) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.89 - Gridinsoft LLC)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Heritage of Kings - The Settlers (HKLM-x32\...\1207658793_is1) (Version: 1.06.0217 v3 - GOG.com)
Heroes Chronicles (HKLM-x32\...\GOGPACKHEROESCHRONICLES_is1) (Version: 2.0.0.38 - GOG.com)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
Icecream Ebook Reader version 5.04 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.04 - Icecream Apps)
Icon Processor (HKLM-x32\...\Icon Processor) (Version: 3.17 - IconEmpire)
IconHandler 64 bit (HKLM\...\{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}) (Version: 2.0 - Corel Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Infected Mushroom Manipulator (HKLM\...\Polyverse Infected Mushroom Manipulator_is1) (Version: 1.0.3 - Polyverse & Team V.R)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
IObit Uninstaller (HKLM-x32\...\IObit Uninstaller Pro 10.4.0.13) (Version: - )
IPM_Common_x64 (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.11.552 - Your Company Name) Hidden
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.01.0000 - Jasc Software Inc)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Joyoshare HEIC Converter 2.0.0.13 (HKLM-x32\...\Joyoshare HEIC Converter_is1) (Version: - Joyoshare, Inc.)
Kai's Power Tools 5 (HKLM-x32\...\Kai's Power Tools 5) (Version: - )
Kibisis 1.0 (HKLM-x32\...\Kibisis_1.0) (Version: - )
Kingdom Come Deliverance The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\Kingdom Come Deliverance The Amorous Adventures ~9066B541_is1) (Version: - )
KPT Gel (HKLM-x32\...\KPT Gel) (Version: - )
KPT(R) Collection (HKLM-x32\...\KPT Collection) (Version: - )
KPT(R) effects(TM) (HKLM-x32\...\KPT effects) (Version: - )
LameACM (HKLM-x32\...\LameACM) (Version: - )
Leisure Suit Larry Wet Dreams Dont Dry (HKLM-x32\...\Leisure Suit Larry Wet Dreams Dont Dry_is1) (Version: - )
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Lumberjacks Dynasty (HKLM-x32\...\Lumberjacks Dynasty_is1) (Version: - )
Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - )
Macromedia Dreamweaver MX (HKLM-x32\...\{8B4AB829-DFD3-436D-B808-D9733D76C590}) (Version: 6.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Macromedia Fireworks MX (HKLM-x32\...\{930B2432-43D4-11D5-9871-00C04F8EEB39}) (Version: 6 - Macromedia)
Macromedia Flash MX (HKLM-x32\...\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}) (Version: 6 - Macromedia)
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7 - Macromedia)
Macromedia FreeHand 10 (HKLM-x32\...\{4D826618-59C6-11D4-976E-00C04F8EEB39}) (Version: 10 - Macromedia)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Mafia III Definitive Edition (HKLM-x32\...\Mafia III Definitive Edition_is1) (Version: - )
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v14.0.3) (Version: - Red Giant LLC)
Magic Flare 1.0 (HKLM-x32\...\MagicFlare_1.0) (Version: - )
MAGIX Movie Edit Pro 2014 Premium (HKLM\...\{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Movie Edit Pro 2014 Premium (HKLM-x32\...\MX.{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Photostory 2016 Deluxe (HKLM\...\{8F50B146-0656-4FA6-B0E1-94F76B6C5D7A}) (Version: 15.0.2.108 - MAGIX Software GmbH) Hidden
MAGIX Photostory 2016 Deluxe (HKLM\...\MX.{8F50B146-0656-4FA6-B0E1-94F76B6C5D7A}) (Version: 15.0.2.108 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (HKLM\...\{6D987A58-8C03-4ED5-8572-A12574033E2F}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{6D987A58-8C03-4ED5-8572-A12574033E2F}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Video deluxe 2014 Premium Update (HKLM\...\{C1ED55D0-8C1A-4E62-8B11-73A55B001041}) (Version: 13.0.2.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware versie 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.1.0.2 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 11.1.137.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60828 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM\...\MiniTool Power Data Recovery) (Version: 8.8.0 - MiniTool Software Limited)
MoneyFalls Coin Pusher Simulator (HKLM-x32\...\MoneyFalls Coin Pusher Simulator) (Version: - DARKSiDERS)
Movavi Video Converter Premium 20.2.1 (HKLM\...\Movavi Video Converter Premium_is1) (Version: 20.2.1 - lrepacks.ru)
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 97.0.1 (x64 nl)) (Version: 97.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)
Mozilla Thunderbird (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 91.6.1 (x86 nl)) (Version: 91.6.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.4.0.81 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.5.1.64 - Native Instruments)
Native Instruments Pro-53 (HKLM-x32\...\Native Instruments Pro-53) (Version: - )
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
nGlide 2.10 (HKLM-x32\...\nGlide) (Version: 2.10 - Zeus Software)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
NIUBI Partition Editor Technician Edition V7.3.6 (HKLM-x32\...\NIUBISoft-NPE) (Version: V7.3.6 - NIUBI Technology Co., Ltd.)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office Timeline (HKLM-x32\...\{580FE73A-CE3C-478F-8DBF-C88654115905}) (Version: 4.5.1 - Office Timeline)
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 83.0.4254.62 (HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Opera 83.0.4254.62) (Version: 83.0.4254.62 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Painter 2017 - Setup Files (HKLM\...\{0EB4382B-8422-4059-8027-3403DE8E8C3F}) (Version: 16.0 - Corel Corporation) Hidden
Password Recovery Bundle 2018 (HKLM-x32\...\Password Recovery Bundle 2018_is1) (Version: - Top Password Software, Inc.)
PCMedik (HKLM-x32\...\PCMedik_is1) (Version: 8.2.8.2021 - PGWARE LLC)
PDF-XChange Editor (HKLM\...\{5C198985-6833-4F92-BE9A-33FC8ACC1025}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{344e7cdb-4fda-4dc1-9dd8-1fa7b1694d7c}) (Version: 6.0.321.0 - Tracker Software Products (Canada) Ltd.)
Photo Effects Studio 3.0 (HKLM-x32\...\{A97C9A80-DD35-48DF-8D57-308B2DE116E2}_is1) (Version: - AMS Software)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - )
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PhotoLine 20.0.0.1 (HKLM\...\PhotoLine_is1) (Version: 20.0.0.1 - Computerinsel GmbH)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.04 - NCH Software)
Plogue sforzando v1.877 (HKLM\...\__ARIA_1014___is1) (Version: v1.877 - Plogue)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Railroad Corporation Civil War (HKLM-x32\...\Railroad Corporation Civil War_is1) (Version: - )
Railway Empire Down Under (HKLM-x32\...\Railway Empire Down Under_is1) (Version: - )
reaConverter Pro (HKLM-x32\...\{110E8928-C9C8-487F-9513-3DD5E2923607}) (Version: 7.560 - reaSoft Development) Hidden
reaConverter Pro (HKLM-x32\...\reaConverter Pro 7.560) (Version: 7.560 - reaSoft Development)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.33045 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version: - )
Registry Repair 5.0.1.108 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.108 - Glarysoft Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Rise of Nations Extended Edition (HKLM-x32\...\Rise of Nations Extended Edition_is1) (Version: 1.05 - Decepticon)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version: - )
RogueKiller version 12.12.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.6.0 - Adlice Software)
Scrolling LED Gif Generator (HKLM-x32\...\{D0CCD4B7-09B1-4887-B7D5-481A157B4BDE}) (Version: 4.2.1 - Otto Schellekens)
SeaMonkey 2.53.1 (x64 en-US) (HKLM\...\SeaMonkey 2.53.1 (x64 en-US)) (Version: 2.53.1 - Mozilla)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.1.0 - ShareX Team)
SIFU (HKLM-x32\...\SIFU_is1) (Version: - )
SiteSpinner V2 (HKLM-x32\...\{01ADD994-DF5D-4AC6-83EE-D40EF5EDDBFF}) (Version: 2.92.17 - Virtual Mechanics)
Skype versie 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) Hidden
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
Sniper Ghost Warrior 3 (HKLM-x32\...\1151479345_is1) (Version: 3.8.6 - GOG.com)
SolSuite 2017 v17.0 (HKLM-x32\...\SolSuite_is1) (Version: 17.0 - TreeCardGames)
Star Control Origins (HKLM-x32\...\Star Control Origins_is1) (Version: - )
StartIsBack++ (HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartIsBack) (Version: 2.9.17 - startisback.com)
Stellar Photo Recovery (HKLM-x32\...\Stellar Photo Recovery_is1) (Version: 10.0.0.3 - Stellar Information Technology Pvt Ltd.)
Stronghold Warlords (HKLM-x32\...\Stronghold Warlords_is1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
SWF to GIF Animator 1.0 (HKLM-x32\...\SWF to GIF Animator_is1) (Version: - swftogif.com)
SWiSH Max4 (HKLM-x32\...\SWiSH Max4) (Version: 10.10.29.100 - SWiSHzone.com)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version: - )
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version: - )
Sytrus (HKLM-x32\...\Sytrus) (Version: - Image-Line bvba)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.60828 - Microsoft Corporation)
TBS Cover Editor 2.1 (HKLM-x32\...\{0F99457D-9D88-4CB8-8E7D-5B7C464CA8CE}}_is1) (Version: 2.1 - trueboxshot.com)
The 7th Guest: 25th Anniversary Edition (HKLM-x32\...\1270716073_is1) (Version: 1.0 - GOG.com)
The Settlers 3 - Ultimate Collection (HKLM-x32\...\GOGPACKSETTLERS3_is1) (Version: 2.0.0.17 - GOG.com)
The Settlers II - 10th Anniversary (HKLM-x32\...\1207659163_is1) (Version: 11757 - GOG.com)
The Settlers II - 10th Anniversary (HKLM-x32\...\GOGPACKSETTLERS210TH_is1) (Version: 2.0.0.8 - GOG.com)
The Settlers IV GOLD (HKLM-x32\...\GOGPACKSETTLERS4GOLD_is1) (Version: 2.0.0.4 - GOG.com)
This Land Is My Land (HKLM-x32\...\This Land Is My Land_is1) (Version: - )
Thunderbird Backup Wizard (HKLM-x32\...\Thunderbird Backup Wizard_is1) (Version: - BitRecover)
ThunderSoft SWF to GIF Converter (4.3.0.0) (HKLM-x32\...\ThunderSoft SWF to GIF Converter_is1) (Version: 4.3.0.0 - ThunderSoft)
Tone2 Gladiator (HKLM\...\Gladiator_is1) (Version: 3.0.0 - Tone2)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
Trapcode Suite (HKLM\...\Trapcode Suite v16.0.3) (Version: - Red Giant LLC)
Tropico 6 Vigilancia y Seguridad (HKLM-x32\...\Tropico 6 Vigilancia y Seguridad_is1) (Version: - )
TunesKit AceMovi 2.1.0.19 (HKLM-x32\...\TunesKit AceMovi_is1) (Version: - TunesKit, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraMixer (HKLM\...\UltraMixer6_is1) (Version: - UltraMixer Digital Audio Solutions)
Universal Viewer Pro version 6.7.4.0 (HKLM-x32\...\Universal Viewer Pro_is1) (Version: 6.7.4.0 - UVviewsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{92EC7530-9175-11E6-A34B-F4A5ED4DBF67}) (Version: 14.0.178 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{3D82310F-FE3E-11E8-9448-00155D6302F2}) (Version: 16.0.352 - VEGAS)
VEGAS Pro 18.0 (HKLM\...\{82C2EEEE-F7A1-11EA-B428-00155D8D255C}) (Version: 18.0.334 - VEGAS)
VFX Suite (HKLM\...\VFX Suite v1.5.2) (Version: - Red Giant LLC)
VideoStudio MyDVD (HKLM-x32\...\{7521A578-BDF3-412C-8959-57498EBBEDD9}) (Version: 1.0.129 - Uw bedrijfsnaam) Hidden
VideoStudio MyDVD (HKLM-x32\...\{91345797-EF07-41D2-85F4-BFF200B6A0A3}) (Version: 1.0 - Corel)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.54 - VSO Software)
W10Privacy (HKLM-x32\...\W10Privacy) (Version: 3.7.0.3 - Bernd Schuster)
WACUP 1.0.13.5864 (HKLM-x32\...\Winamp) (Version: 1.0.13.5864 - Darren Owen aka DrO)
Watch Dogs Legion (HKLM-x32\...\Watch Dogs Legion_is1) (Version: - )
Watch_Dogs 2 (HKLM-x32\...\Watch_Dogs 2_is1) (Version: 1.07.141 - Ubisoft)
Waves Musicians Bundle v5.0 (HKLM-x32\...\Waves Musicians Bundle v5.0) (Version: - )
WebPconv (HKLM-x32\...\{A2357BB1-25C3-4290-B57A-84C5D8ACE564}) (Version: 6.0 - Romeolight)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Pc-statuscontrole (HKLM\...\{D1F16371-7951-41EB-A367-507D779F1E64}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows-stuurprogrammapakket - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Windows-stuurprogrammapakket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Windows-stuurprogrammapakket - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wise Registry Cleaner 10.5.1 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.5.1 - WiseCleaner.com, Inc.)
Wolfenstein Youngblood (HKLM-x32\...\Wolfenstein Youngblood_is1) (Version: - )
Wondershare Filmora 10.1.2.1 (HKLM\...\Wondershare Filmora_is1) (Version: 10.1.2.1 - lrepacks.ru)
Wondershare Flash Gallery Factory Standard 5.2.0.9 (HKLM-x32\...\Wondershare Flash Gallery Factory Standard_is1) (Version: 5.2.0.9 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.1.3) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.1.3 - Wondershare Software)
Wondershare Video Editor(Build 3.5.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
Xfer Records LFOTool v1.29 Beta 6 x64 (HKLM\...\Xfer Records LFOTool v1.29 Beta 6 x64_is1) (Version: - )
XnView 2.49.3 (HKLM-x32\...\XnView_is1) (Version: 2.49.3 - Gougelet Pierre-e)
XnViewMP 0.94.2 (HKLM\...\XnViewMP_is1) (Version: 0.94.2 - Gougelet Pierre-e)
Yasisoft GIF Animator version 3.0 (HKLM-x32\...\{87057CBC-72C9-46BF-BE22-FF6836854762}_is1) (Version: 3.0 - Yasisoft, Inc.)
YouTube Downloader Converter 7 (HKLM-x32\...\YouTube Downloader Converter_is1) (Version: - Muziza)
YouTube Downloader Pro 7 (HKLM-x32\...\YouTube Downloader Pro_is1) (Version: - Jerry Software)
YT Downloader 7 (HKLM-x32\...\YT Downloader_is1) (Version: - YT Applications)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_EN_is1) (Version: 19.1610.2.5 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

[Broni]

Language doesn't bother me.
The above log looks incomplete and I also need second log.

[sitew]

Hi Sir @Broni i did the scan now and here is the addition txt part 2

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.13.66.0_x86__kgqvnymyfvs32 [2022-01-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.211.900.0_x64__kgqvnymyfvs32 [2022-02-15] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-17] (NVIDIA Corp.)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad]

==================== Aangepaste CLSID (gefilterd): ==============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Site\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Bestand niet getekend]
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Site\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Bestand niet getekend]
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{da3306b1-2554-420b-8d0e-6bd29bb4d8ed}\localserver32 -> C:\Users\Site\AppData\Local\StartIsBack\UpdateCheck.exe (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBack64.dll (Stanislav Zinukhov -> www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{FCEA18FF-BC55-4E63-94D7-1B2EFBFE706F}\Shell\Open\Command -> C:\Users\Site\AppData\Local\StartIsBack\StartIsBackCfg.exe (Stanislav Zinukhov -> )
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Bestand niet getekend]
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [Bestand niet getekend]
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Geen bestand
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> Geen bestand
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [Bestand niet getekend]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Bestand niet getekend]
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Geen bestand
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> Geen bestand
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2015-10-22] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers4: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Bestand niet getekend]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [Bestand niet getekend]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Geen bestand
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_0f23ad8529e377b6\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Geen bestand
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2015-10-22] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> Geen bestand
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (gefilterd) ====================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1562432 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Bestand niet getekend]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Bestand niet getekend]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [202752 2008-03-01] (hxxp://www.mp3dev.org/) [Bestand niet getekend]
HKLM\...\Drivers32: [VIDC.VP80] => C:\Windows\SysWOW64\vp8vfw.dll [581632 2011-09-13] (Optima SC Inc.) [Bestand niet getekend]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [Bestand niet getekend]
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-12-07] (Microsoft Windows -> Intel Corporation)

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camel Audio\Alchemy\Camel Audio Website.lnk -> hxxp://www.camelaudio.com
ShortcutWithArgument: C:\Users\Site\programmas\Corel VideoStudio MY DVD\VideoStudio X10 Training.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudioX10

==================== Geladen Modules (gefilterd) =============

2017-03-15 17:08 - 2017-03-15 17:08 - 000732672 _____ () [Bestand niet getekend] C:\Program Files (x86)\Adguard\brolib32.dll
2022-02-22 15:14 - 2022-02-22 15:14 - 000012800 _____ () [Bestand niet getekend] C:\Users\Site\AppData\Local\Temp\tmpD950.tmp
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [Bestand niet getekend] C:\Program Files\FormatFactory\ShellEx_108.dll
2016-10-02 14:09 - 2018-07-02 13:09 - 000335360 _____ (GlobalSCAPE, Inc.) [Bestand niet getekend] C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll
2017-12-08 23:59 - 2017-12-07 23:23 - 000608256 _____ (Helmut Buhler) [Bestand niet getekend] C:\Program Files\Windows Sidebar\dwmapi.dll
2016-09-28 12:54 - 2016-09-28 12:54 - 000076800 _____ (Igor Pavlov) [Bestand niet getekend] C:\Program Files\7-Zip\7-zip.dll
2020-08-02 17:49 - 2020-08-02 17:49 - 000113664 _____ (Microsoft Corporation) [Bestand niet getekend] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2020-07-08 17:05 - 2017-12-18 15:35 - 000151024 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2014-09-13 12:46 - 2014-09-13 12:46 - 000901120 _____ (Robert Simpson, et al.) [Bestand niet getekend] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (gefilterd) ========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\MountUUP:$WIMMOUNTDATA [674]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438813.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438813.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFC71ESP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WISPTIS.EXE:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhipihkifh [0]
AlternateDataStreams: C:\ProgramData\TEMP:4C7A7CBB [115]

==================== Veilige Modus (gefilterd) ==================

==================== Bestandskoppeling (gefilterd) =================

==================== Internet Explorer (gefilterd) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://users.telenet.be/freya_expo/
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {1525943E-ECDC-4FF3-A9CB-DFF04BD53B06} URL = hxxp://www.the-arena.co.uk/default.aspx?sc={searchTerms}
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {1AE5D04E-0057-4576-8914-680AD0DD1E15} URL = hxxp://www.youtube.com/results?search_query={searchTerms}
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {60F3A79F-98F5-4979-B96B-2A1EC90BEACE} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {D006AEBC-CE65-4D80-A9DA-C5A5E25B7BBB} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {E7EF9407-08CC-4952-9E9A-7D5BCEE79ED6} URL = hxxp://www.graysonline.com/Search.aspx?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> {EA780AE4-F520-4058-A02D-23323B5CEF58} URL = hxxp://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc -> Google Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\ssv.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-02] (Google Inc -> Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-02] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc -> Google Inc.)

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\localhost -> localhost

==================== Hosts inhoud: =========================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2016-07-16 12:47 - 2021-12-01 15:27 - 000002162 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.r2rdownload.com
127.0.0.1 api.adguard.com
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
127.0.0.1 www.pgware.com
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
127.0.0.1 www.blumentals.net

==================== Andere gebieden ===========================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\RogueKiller;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3199363119-606788724-3210624172-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Site\Pictures\freya kurt sloebertje flavie glasbol aan zee.jpg
DNS Servers: 195.130.130.5 - 195.130.131.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is ingeschakeld.

Network Binding:
=============
Ethernet 2: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "vdcss"
HKLM\...\StartupApproved\Run: => "AdobePSE19AutoAnalyzer"
HKLM\...\StartupApproved\Run: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\StartupFolder: => "Gangsters2Setup.lnk"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\StartupFolder: => "Cruelty1.js"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\Run: => "clnspc 7 check updates and quit"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\StartupApproved\Run: => "Office Timeline Performance Helper"

==================== Firewall regels (gefilterd) ================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [UDP Query User{9DCD8212-822E-43DE-950C-E127747D337E}D:2\games\heat\heat.exe] => (Block) D:2\games\heat\heat.exe => Geen bestand
FirewallRules: [TCP Query User{E05A9BF2-51C6-46EC-874E-E05ED095B3CA}D:2\games\heat\heat.exe] => (Block) D:2\games\heat\heat.exe => Geen bestand
FirewallRules: [UDP Query User{86334E94-1171-4DF9-86B6-D606E2D5759E}I:\games\anno 1701 ad\anno1701addon.exe] => (Block) I:\games\anno 1701 ad\anno1701addon.exe (Related Designs Software GmbH) [Bestand niet getekend]
FirewallRules: [TCP Query User{F3903569-7266-4A29-9B43-D2AF4B7FEA91}I:\games\anno 1701 ad\anno1701addon.exe] => (Block) I:\games\anno 1701 ad\anno1701addon.exe (Related Designs Software GmbH) [Bestand niet getekend]
FirewallRules: [UDP Query User{6CED96E9-78C5-4471-9457-377A5C7ED05B}I:\games\anno 1701 ad\anno1701.exe] => (Block) I:\games\anno 1701 ad\anno1701.exe (Related Designs Software -> Related Designs Software GmbH)
FirewallRules: [TCP Query User{922B588B-84E8-44CD-B70B-556A9C6E8097}I:\games\anno 1701 ad\anno1701.exe] => (Block) I:\games\anno 1701 ad\anno1701.exe (Related Designs Software -> Related Designs Software GmbH)
FirewallRules: [{8EAFCA2A-0B9A-4E33-85F2-0E77ADA87E1E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{6A89578A-5CB7-4791-9E3E-1C479C1D3BC0}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{DC2C8D05-C507-4A96-BB68-633DA115D839}I:\games\railway empire down under\railwayempire.exe] => (Block) I:\games\railway empire down under\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH) [Bestand niet getekend]
FirewallRules: [TCP Query User{E7098AC1-224A-4A95-BB95-975A7397E4BE}I:\games\railway empire down under\railwayempire.exe] => (Block) I:\games\railway empire down under\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH) [Bestand niet getekend]
FirewallRules: [UDP Query User{A38E2CF3-ED10-4CE7-9A75-6893E64FB053}I:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) I:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe (CI Games S.A.) [Bestand niet getekend]
FirewallRules: [TCP Query User{10C2E4F3-5C0C-4A1E-B08D-E0029F5AF338}I:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) I:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe (CI Games S.A.) [Bestand niet getekend]
FirewallRules: [UDP Query User{C4BC4785-37EF-4C91-B2DC-CAF4077349B7}K:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Block) K:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe (Microsoft Corporation) [Bestand niet getekend]
FirewallRules: [TCP Query User{C8881901-ED89-4AD6-9508-3B2B5BC98586}K:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Block) K:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe (Microsoft Corporation) [Bestand niet getekend]
FirewallRules: [UDP Query User{15249025-58D8-405F-9E4B-1B6B648D5222}D:0\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Block) D:0\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe => Geen bestand
FirewallRules: [TCP Query User{FA41CDBD-87F8-4186-B838-B496C4BE868F}D:0\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Block) D:0\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe => Geen bestand
FirewallRules: [UDP Query User{DB530310-A21D-4E11-A7B0-D5938A199C14}I:\games\age of empires definitive edition\battleserver.exe] => (Block) I:\games\age of empires definitive edition\battleserver.exe () [Bestand niet getekend]
FirewallRules: [TCP Query User{3329A03F-76D0-47C2-AABF-BFE23526FFC0}I:\games\age of empires definitive edition\battleserver.exe] => (Block) I:\games\age of empires definitive edition\battleserver.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{485A1748-6ABC-4D47-9515-3E0F35AF767A}I:\games\age of empires definitive edition\aoede_s.exe] => (Block) I:\games\age of empires definitive edition\aoede_s.exe (Microsoft Corporation) [Bestand niet getekend]
FirewallRules: [TCP Query User{FC2D21EA-EA98-4C60-9F37-976667151F25}I:\games\age of empires definitive edition\aoede_s.exe] => (Block) I:\games\age of empires definitive edition\aoede_s.exe (Microsoft Corporation) [Bestand niet getekend]
FirewallRules: [UDP Query User{7362FDF6-0904-4986-B802-36668749CC8E}I:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) I:\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [TCP Query User{2F03F867-EC32-40F7-81EE-5E191649FFF6}I:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) I:\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [UDP Query User{7605DCD8-974E-4148-9EEC-230A28E31449}D:0\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe] => (Block) D:0\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe => Geen bestand
FirewallRules: [TCP Query User{7FD962CC-98FB-4D84-BA7A-D5E9A00F6DF1}D:0\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe] => (Block) D:0\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe => Geen bestand
FirewallRules: [UDP Query User{E19FAE13-7623-4775-94E4-D66A775061F2}D:0\games install\ocean city racing\binaries\win32\udk.exe] => (Block) D:0\games install\ocean city racing\binaries\win32\udk.exe => Geen bestand
FirewallRules: [TCP Query User{7C86B7BD-400C-4D6A-A3E3-7154A4625879}D:0\games install\ocean city racing\binaries\win32\udk.exe] => (Block) D:0\games install\ocean city racing\binaries\win32\udk.exe => Geen bestand
FirewallRules: [UDP Query User{B2940917-79F5-45D1-BABD-D227AE5484F8}D:0\sitewizard adobe after effects templates\after effects templates en tutorials\sapphire 2019 plugin for ae avx of xpremiere pro x64\setup files\rlm\rlm_windows\rlm\rlm.exe] => (Allow) D:0\sitewizard adobe after effects templates\after effects templates en tutorials\sapphire 2019 plugin for ae avx of xpremiere pro x64\setup files\rlm\rlm_windows\rlm\rlm.exe => Geen bestand
FirewallRules: [TCP Query User{464C02A0-E96F-41D5-A0C7-6B92CB3AA406}D:0\sitewizard adobe after effects templates\after effects templates en tutorials\sapphire 2019 plugin for ae avx of xpremiere pro x64\setup files\rlm\rlm_windows\rlm\rlm.exe] => (Allow) D:0\sitewizard adobe after effects templates\after effects templates en tutorials\sapphire 2019 plugin for ae avx of xpremiere pro x64\setup files\rlm\rlm_windows\rlm\rlm.exe => Geen bestand
FirewallRules: [UDP Query User{27970E77-C909-4A15-AC91-5E6E697B1DCD}D:0\games install\railway empire great britain and ireland\railwayempire.exe] => (Block) D:0\games install\railway empire great britain and ireland\railwayempire.exe => Geen bestand
FirewallRules: [TCP Query User{5271A22A-17AB-48B2-BC71-DE1534AC18D3}D:0\games install\railway empire great britain and ireland\railwayempire.exe] => (Block) D:0\games install\railway empire great britain and ireland\railwayempire.exe => Geen bestand
FirewallRules: [UDP Query User{03D55CC8-FCD6-48EF-91A7-CA9569EA9932}D:1\tptb downloads 2013\games\pc-rise of venice-teamcrossfire\rise of venice\riseofvenice.exe] => (Block) D:1\tptb downloads 2013\games\pc-rise of venice-teamcrossfire\rise of venice\riseofvenice.exe => Geen bestand
FirewallRules: [TCP Query User{8EEDA777-D1CF-4E95-A028-9B0E057D7A91}D:1\tptb downloads 2013\games\pc-rise of venice-teamcrossfire\rise of venice\riseofvenice.exe] => (Block) D:1\tptb downloads 2013\games\pc-rise of venice-teamcrossfire\rise of venice\riseofvenice.exe => Geen bestand
FirewallRules: [UDP Query User{C701CA90-2F46-4867-9BBC-68FA3F599DF2}H:\teamos 2018\games\pirates of the polygon\pirates of the polygon sea\pirates of the polygon sea.exe] => (Block) H:\teamos 2018\games\pirates of the polygon\pirates of the polygon sea\pirates of the polygon sea.exe => Geen bestand
FirewallRules: [TCP Query User{38287F43-A918-4180-9322-35D6D6F6D296}H:\teamos 2018\games\pirates of the polygon\pirates of the polygon sea\pirates of the polygon sea.exe] => (Block) H:\teamos 2018\games\pirates of the polygon\pirates of the polygon sea\pirates of the polygon sea.exe => Geen bestand
FirewallRules: [UDP Query User{8206700F-BD14-46A5-A422-CC741D04465F}F:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
FirewallRules: [TCP Query User{2895952A-3F42-4812-BA37-D097519639D8}F:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
FirewallRules: [{7B41474C-17A4-473C-8FC7-556F027529A4}] => (Allow) C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe () [Bestand niet getekend]
FirewallRules: [{8773CF69-0B40-4A7B-B724-00C02D80A201}] => (Allow) C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe () [Bestand niet getekend]
FirewallRules: [{E90765A7-C8E2-43A5-BB43-06FDCB80CCEB}] => (Allow) C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe () [Bestand niet getekend]
FirewallRules: [{6B4B8D66-F6F3-452F-907D-3B14C7F012AB}] => (Allow) C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe () [Bestand niet getekend]
FirewallRules: [{6815FC5C-8A1A-4592-92A3-3268103EB274}] => (Allow) C:\Program Files (x86)\Topaz Labs\Applications\64Bit\photoFXlab.exe () [Bestand niet getekend]
FirewallRules: [{C94BC5E3-A3D0-4B12-B889-FA997C51D6DB}] => (Allow) C:\Program Files (x86)\Topaz Labs\Applications\64Bit\photoFXlab.exe () [Bestand niet getekend]
FirewallRules: [{98E70666-63E1-4FEA-986F-926B97FE3DA4}] => (Allow) C:\Program Files (x86)\Topaz Labs\Applications\64Bit\photoFXlab.exe () [Bestand niet getekend]
FirewallRules: [{5B88BBA3-EC66-4173-8A5A-A0E40DE585B9}] => (Allow) C:\Program Files (x86)\Topaz Labs\Applications\64Bit\photoFXlab.exe () [Bestand niet getekend]
FirewallRules: [{975E57AA-8591-410F-88A7-874D13972D41}] => (Allow) C:\Program Files (x86)\MAGIX\Movie Edit Pro 2014 Premium\videodeluxe.exe (Magix AG -> MAGIX AG)
FirewallRules: [{5DB65A26-8EE8-46DB-BEA0-0F7094551E2B}] => (Allow) C:\Program Files (x86)\MAGIX\Movie Edit Pro 2014 Premium\videodeluxe.exe (Magix AG -> MAGIX AG)
FirewallRules: [{68F65354-A01D-47B6-BA80-416B92CBD883}] => (Allow) C:\Program Files (x86)\MAGIX\Movie Edit Pro 2014 Premium\videodeluxe.exe (Magix AG -> MAGIX AG)
FirewallRules: [{17A5C11D-D076-4CE4-959D-2A3188A72676}] => (Allow) C:\Program Files (x86)\MAGIX\Movie Edit Pro 2014 Premium\videodeluxe.exe (Magix AG -> MAGIX AG)
FirewallRules: [UDP Query User{1134F860-1BFE-49EC-8609-B898A800C693}F:\borderlands2 no steam\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\borderlands2 no steam\borderlands 2\binaries\win32\borderlands2.exe (Valve Corp. -> Take-Two Interactive Software, Inc.) [Bestand niet getekend]
FirewallRules: [TCP Query User{322B5F5C-3CE8-4482-931B-5A03E57DEAD5}F:\borderlands2 no steam\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\borderlands2 no steam\borderlands 2\binaries\win32\borderlands2.exe (Valve Corp. -> Take-Two Interactive Software, Inc.) [Bestand niet getekend]
FirewallRules: [{F8A8E768-F339-484F-9825-5988D0C3082C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{775EF3DB-1A06-43DE-B0FE-42117EC192D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7EF2AAC-F18B-4AAD-A9E1-9B346ADB8BD1}] => (Allow) H:\Mr DJ\Far Cry 4\bin\FarCry4.exe => Geen bestand
FirewallRules: [{5F63D974-612A-4FD7-A236-5B1A6BC74919}] => (Allow) H:\Mr DJ\Far Cry 4\bin\FarCry4.exe => Geen bestand
FirewallRules: [TCP Query User{52F39578-9B9A-4E48-9DD9-FCB6626AFE14}E:\games kazaalite\emipre earth\ee\empire earth.exe] => (Block) E:\games kazaalite\emipre earth\ee\empire earth.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{5942EB51-36E1-4DAD-93BB-E922E47B3C9F}E:\games kazaalite\emipre earth\ee\empire earth.exe] => (Block) E:\games kazaalite\emipre earth\ee\empire earth.exe () [Bestand niet getekend]
FirewallRules: [{AEE9C9B2-D762-43C3-B834-9DEAF0347268}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Performix LLC -> Performix LLC)
FirewallRules: [TCP Query User{1BD0B121-6455-431D-B9C7-1B256A7BCA2A}D:0\games install\nibu\basegame\binaries\win64\basegame-win64-shipping.exe] => (Block) D:0\games install\nibu\basegame\binaries\win64\basegame-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{08E7D43C-F506-4FE4-A68D-6F0917BB693A}D:0\games install\nibu\basegame\binaries\win64\basegame-win64-shipping.exe] => (Block) D:0\games install\nibu\basegame\binaries\win64\basegame-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{24CE9220-B1B8-4A0B-9F19-13964ECA0FD1}D:0\skidrowreloaded\2019\assassin's creed iii remastered\aciii.exe] => (Block) D:0\skidrowreloaded\2019\assassin's creed iii remastered\aciii.exe => Geen bestand
FirewallRules: [UDP Query User{D15CB84C-5697-42DD-892C-8DA0FA346DC1}D:0\skidrowreloaded\2019\assassin's creed iii remastered\aciii.exe] => (Block) D:0\skidrowreloaded\2019\assassin's creed iii remastered\aciii.exe => Geen bestand
FirewallRules: [{35AD8D6D-7DB1-41BB-BAC0-2D9EE0DBABFB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{31B88F2C-3778-42A3-A66D-6BF3A013A2DD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C0F98852-553B-4EE9-8050-3EEE2794B4C2}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{FC707487-44CA-4120-BDD8-5037DE3F1D5F}D:0\games\borderlands - the pre-sequel - remastered\binaries\win32\borderlandspresequel.exe] => (Block) D:0\games\borderlands - the pre-sequel - remastered\binaries\win32\borderlandspresequel.exe => Geen bestand
FirewallRules: [UDP Query User{36381198-6CD4-476A-A3E7-B682C72DD945}D:0\games\borderlands - the pre-sequel - remastered\binaries\win32\borderlandspresequel.exe] => (Block) D:0\games\borderlands - the pre-sequel - remastered\binaries\win32\borderlandspresequel.exe => Geen bestand
FirewallRules: [TCP Query User{3F61E1D9-00B3-406D-A89D-DFA2D7237FF5}D:0\skidrowreloaded\2019\outlaws of the old west\windowsserver\outlaws\binaries\win64\outlawsserver-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2019\outlaws of the old west\windowsserver\outlaws\binaries\win64\outlawsserver-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{AE250C15-CAB0-4070-8662-795C538E0AEA}D:0\skidrowreloaded\2019\outlaws of the old west\windowsserver\outlaws\binaries\win64\outlawsserver-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2019\outlaws of the old west\windowsserver\outlaws\binaries\win64\outlawsserver-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{316EDE96-F5D3-4570-AFA6-D81CEC87853F}D:0\skidrowreloaded\2019\railroad corporation\railroadcorporationsteam.exe] => (Block) D:0\skidrowreloaded\2019\railroad corporation\railroadcorporationsteam.exe => Geen bestand
FirewallRules: [UDP Query User{FC4CF615-3469-4FCE-A5A7-ACEFB7C5A6D6}D:0\skidrowreloaded\2019\railroad corporation\railroadcorporationsteam.exe] => (Block) D:0\skidrowreloaded\2019\railroad corporation\railroadcorporationsteam.exe => Geen bestand
FirewallRules: [TCP Query User{5CF4C0FB-0F33-487B-8720-27C0C7AC5A1C}D:0\skidrowreloaded\2019\nether the untold chapter\binaries\win64\nether.exe] => (Block) D:0\skidrowreloaded\2019\nether the untold chapter\binaries\win64\nether.exe => Geen bestand
FirewallRules: [UDP Query User{2A4E8FDA-A435-4DF6-9A3F-718F619A57DF}D:0\skidrowreloaded\2019\nether the untold chapter\binaries\win64\nether.exe] => (Block) D:0\skidrowreloaded\2019\nether the untold chapter\binaries\win64\nether.exe => Geen bestand
FirewallRules: [TCP Query User{8979AD59-FBD3-46EE-9AC7-CE039F9B185B}D:1\games install\railway empire great britain and ireland\railwayempire.exe] => (Block) D:1\games install\railway empire great britain and ireland\railwayempire.exe => Geen bestand
FirewallRules: [UDP Query User{C300289D-5B9C-4ABF-A45A-7144C7D3A8F0}D:1\games install\railway empire great britain and ireland\railwayempire.exe] => (Block) D:1\games install\railway empire great britain and ireland\railwayempire.exe => Geen bestand
FirewallRules: [TCP Query User{1AD2D7E0-C8A0-4C8E-9C70-75B0C345ABEC}D:0\skidrowreloaded\2020\tony stewart's all-american racing\allamericanracing.exe] => (Block) D:0\skidrowreloaded\2020\tony stewart's all-american racing\allamericanracing.exe => Geen bestand
FirewallRules: [UDP Query User{2C8FFF5A-1999-4534-BDB6-15CFF3BE6931}D:0\skidrowreloaded\2020\tony stewart's all-american racing\allamericanracing.exe] => (Block) D:0\skidrowreloaded\2020\tony stewart's all-american racing\allamericanracing.exe => Geen bestand
FirewallRules: [TCP Query User{43A4D57D-3CA2-4B50-A742-532BDF374EB1}D:0\skidrowreloaded\2020\control ultimate edition\control ultimate edition\control_dx11.exe] => (Block) D:0\skidrowreloaded\2020\control ultimate edition\control ultimate edition\control_dx11.exe => Geen bestand
FirewallRules: [UDP Query User{D9107E54-C05B-4EBB-ADD1-66F922E546AA}D:0\skidrowreloaded\2020\control ultimate edition\control ultimate edition\control_dx11.exe] => (Block) D:0\skidrowreloaded\2020\control ultimate edition\control ultimate edition\control_dx11.exe => Geen bestand
FirewallRules: [TCP Query User{E4481D83-8C16-4C43-9F6A-198DD75CED4F}D:0\skidrowreloaded\2020\barn.finders.build.16469-goldberg\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\barn.finders.build.16469-goldberg\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{DA3B3D78-EE17-4E97-B54C-AC12CECCE9D9}D:0\skidrowreloaded\2020\barn.finders.build.16469-goldberg\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\barn.finders.build.16469-goldberg\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{560C4634-27B0-4414-967B-DCE9F2477B3E}D:0\skidrowreloaded\2020\halo.3.odst-chronos\halo - the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\halo.3.odst-chronos\halo - the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{525DEC0C-06B0-433C-80D6-F26DEA9CA548}D:0\skidrowreloaded\2020\halo.3.odst-chronos\halo - the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\halo.3.odst-chronos\halo - the master chief collection\mcc\binaries\win64\mcc-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{008C1D30-9E8E-47D7-9EFF-ED75FEA77CAC}K:\skidrowreloaded\2020\port.royale.4.v1.1-goldberg\port royale 4\portroyale4.exe] => (Block) K:\skidrowreloaded\2020\port.royale.4.v1.1-goldberg\port royale 4\portroyale4.exe (Gaming Minds Studios GmbH) [Bestand niet getekend]
FirewallRules: [UDP Query User{ABE1E7D8-4A30-46CC-8F23-03630E716DC0}K:\skidrowreloaded\2020\port.royale.4.v1.1-goldberg\port royale 4\portroyale4.exe] => (Block) K:\skidrowreloaded\2020\port.royale.4.v1.1-goldberg\port royale 4\portroyale4.exe (Gaming Minds Studios GmbH) [Bestand niet getekend]
FirewallRules: [TCP Query User{199854DF-5620-4AFC-BE3C-9CD7111EFB16}D:0\skidrowreloaded\2020\the waylanders khaldun\the waylanders\waylanders\binaries\win64\waylanders-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\the waylanders khaldun\the waylanders\waylanders\binaries\win64\waylanders-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{8C35636B-9219-4F70-97E3-B6E7CCEFE6F6}D:0\skidrowreloaded\2020\the waylanders khaldun\the waylanders\waylanders\binaries\win64\waylanders-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\the waylanders khaldun\the waylanders\waylanders\binaries\win64\waylanders-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{D4C3E714-22A6-430F-B4FA-1D7624B2FCF5}D:0\skidrowreloaded\2020\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{38E60462-74E2-4CE3-8BEB-5739478BE74E}D:0\skidrowreloaded\2020\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{527C8808-1807-48DA-A417-4CC480ED53C0}I:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) I:\games\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{188A1CD0-4758-492C-9194-69FEEC0F2AC1}I:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) I:\games\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{117C4B90-6B53-422D-B8DF-24FDEB82EE8D}I:\games\age of empires iii definitive edition\battleserver.exe] => (Block) I:\games\age of empires iii definitive edition\battleserver.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{1A71B371-81C8-42C5-9543-561463915811}I:\games\age of empires iii definitive edition\battleserver.exe] => (Block) I:\games\age of empires iii definitive edition\battleserver.exe () [Bestand niet getekend]
FirewallRules: [TCP Query User{52B7D7AB-BD2B-477F-81E5-7147828FD721}D:0\skidrowreloaded\2020\leisure.suit.larry.wet.dreams.dry.twice-chronos\leisure suit larry - wet dreams dry twice\leisure suit larry - wet dreams dry twice.exe] => (Block) D:0\skidrowreloaded\2020\leisure.suit.larry.wet.dreams.dry.twice-chronos\leisure suit larry - wet dreams dry twice\leisure suit larry - wet dreams dry twice.exe => Geen bestand
FirewallRules: [UDP Query User{A37EB3D3-A935-481A-8F1D-F0A116A6A792}D:0\skidrowreloaded\2020\leisure.suit.larry.wet.dreams.dry.twice-chronos\leisure suit larry - wet dreams dry twice\leisure suit larry - wet dreams dry twice.exe] => (Block) D:0\skidrowreloaded\2020\leisure.suit.larry.wet.dreams.dry.twice-chronos\leisure suit larry - wet dreams dry twice\leisure suit larry - wet dreams dry twice.exe => Geen bestand
FirewallRules: [TCP Query User{A264B9CD-3ED1-4B91-90B7-8E9C6364B850}D:0\skidrowreloaded\2020\surviving.the.aftermath.tainted.earth.early.access\survivingtheaftermath\aftermath64.exe] => (Block) D:0\skidrowreloaded\2020\surviving.the.aftermath.tainted.earth.early.access\survivingtheaftermath\aftermath64.exe => Geen bestand
FirewallRules: [UDP Query User{B6A2C259-DF96-419E-A253-0AEADEA02522}D:0\skidrowreloaded\2020\surviving.the.aftermath.tainted.earth.early.access\survivingtheaftermath\aftermath64.exe] => (Block) D:0\skidrowreloaded\2020\surviving.the.aftermath.tainted.earth.early.access\survivingtheaftermath\aftermath64.exe => Geen bestand

[sitew]

FirewallRules: [TCP Query User{9437BBAF-5743-49FF-9D71-422D50AB840B}D:0\skidrowreloaded\2020\surviving the aftermath expedition\survivingtheaftermath\aftermath64.exe] => (Block) D:0\skidrowreloaded\2020\surviving the aftermath expedition\survivingtheaftermath\aftermath64.exe => Geen bestand
FirewallRules: [UDP Query User{8BE5EB30-4884-4074-B50F-7BC2E15E14B8}D:0\skidrowreloaded\2020\surviving the aftermath expedition\survivingtheaftermath\aftermath64.exe] => (Block) D:0\skidrowreloaded\2020\surviving the aftermath expedition\survivingtheaftermath\aftermath64.exe => Geen bestand
FirewallRules: [TCP Query User{38094DF6-1DA1-456C-8CE4-2E3ACF12A2DC}D:0\skidrowreloaded\2020\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{C1C67C87-164F-428F-A15D-7611D65802E0}D:0\skidrowreloaded\2020\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{B15C5E16-927A-48E8-8588-59D0802A9A64}D:0\skidrowreloaded\2020\truck.life.welcome.to.hainan-goldberg\truck life\trucklife.exe] => (Block) D:0\skidrowreloaded\2020\truck.life.welcome.to.hainan-goldberg\truck life\trucklife.exe => Geen bestand
FirewallRules: [UDP Query User{50F24E19-B3FB-482D-BF88-3EC21C9E0D97}D:0\skidrowreloaded\2020\truck.life.welcome.to.hainan-goldberg\truck life\trucklife.exe] => (Block) D:0\skidrowreloaded\2020\truck.life.welcome.to.hainan-goldberg\truck life\trucklife.exe => Geen bestand
FirewallRules: [TCP Query User{C1387249-EBD0-4E6D-BBB7-B0740235E68B}D:0\skidrowreloaded\2020\lumberjack dynasty\lumberjacks dynasty\lumberjacksdynasty.exe] => (Block) D:0\skidrowreloaded\2020\lumberjack dynasty\lumberjacks dynasty\lumberjacksdynasty.exe => Geen bestand
FirewallRules: [UDP Query User{9A3AE95D-AA26-45D7-A670-C510BA33A485}D:0\skidrowreloaded\2020\lumberjack dynasty\lumberjacks dynasty\lumberjacksdynasty.exe] => (Block) D:0\skidrowreloaded\2020\lumberjack dynasty\lumberjacks dynasty\lumberjacksdynasty.exe => Geen bestand
FirewallRules: [TCP Query User{44C32C7A-8355-44AF-A13D-A9EFD209C00C}D:0\skidrowreloaded\2020\shaolin.vs.wutang.2.early.access\shaolin vs wutang 2\svw 2.exe] => (Block) D:0\skidrowreloaded\2020\shaolin.vs.wutang.2.early.access\shaolin vs wutang 2\svw 2.exe => Geen bestand
FirewallRules: [UDP Query User{036447CA-5AA6-4293-B7BE-8E1FFA9E6873}D:0\skidrowreloaded\2020\shaolin.vs.wutang.2.early.access\shaolin vs wutang 2\svw 2.exe] => (Block) D:0\skidrowreloaded\2020\shaolin.vs.wutang.2.early.access\shaolin vs wutang 2\svw 2.exe => Geen bestand
FirewallRules: [TCP Query User{84A15743-494C-4DA9-AC48-1E57901D8A0C}D:0\skidrowreloaded\2020\bright.memory.v26.11.2020-goldberg\brightmemory_ep1\brightmemory_ep1\binaries\win64\brightmemory_ep1-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\bright.memory.v26.11.2020-goldberg\brightmemory_ep1\brightmemory_ep1\binaries\win64\brightmemory_ep1-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{76900351-5D90-4729-8839-BB3D8CCA9E9C}D:0\skidrowreloaded\2020\bright.memory.v26.11.2020-goldberg\brightmemory_ep1\brightmemory_ep1\binaries\win64\brightmemory_ep1-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\bright.memory.v26.11.2020-goldberg\brightmemory_ep1\brightmemory_ep1\binaries\win64\brightmemory_ep1-win64-shipping.exe => Geen bestand
FirewallRules: [{670C67AE-563F-4189-9273-6551CBF4ACD6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B10E3E8E-F46E-49C2-9B2E-909A12860BDF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F14A59CA-5B57-4117-B4B1-1892883B368C}D:0\skidrowreloaded\2020\state.of.decay.2.juggernaut.edition.lethal.zone-p2p\state.of.decay.2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\state.of.decay.2.juggernaut.edition.lethal.zone-p2p\state.of.decay.2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{F303A3B1-D5FB-4B9E-B5C2-FC9E784C9C35}D:0\skidrowreloaded\2020\state.of.decay.2.juggernaut.edition.lethal.zone-p2p\state.of.decay.2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2020\state.of.decay.2.juggernaut.edition.lethal.zone-p2p\state.of.decay.2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{5A0211E5-2DD2-4237-BF79-9C915FE5F667}D:0\skidrowreloaded\2020\lumberjack furniture part 2\lumberjacks dynasty\lumberjacksdynasty.exe] => (Block) D:0\skidrowreloaded\2020\lumberjack furniture part 2\lumberjacks dynasty\lumberjacksdynasty.exe => Geen bestand
FirewallRules: [UDP Query User{A0205343-76FA-41F3-9C38-08E183A4D781}D:0\skidrowreloaded\2020\lumberjack furniture part 2\lumberjacks dynasty\lumberjacksdynasty.exe] => (Block) D:0\skidrowreloaded\2020\lumberjack furniture part 2\lumberjacks dynasty\lumberjacksdynasty.exe => Geen bestand
FirewallRules: [TCP Query User{5D0B652C-0FB3-43CA-A7FC-5CB6CCF2C5A3}D:0\skidrowreloaded\2020\acient cities early acces\ancient.cities.early.access\art\bin\x64\ancient.exe] => (Block) D:0\skidrowreloaded\2020\acient cities early acces\ancient.cities.early.access\art\bin\x64\ancient.exe => Geen bestand
FirewallRules: [UDP Query User{8F418DA3-7D92-49CB-9181-6DF36FEC43B9}D:0\skidrowreloaded\2020\acient cities early acces\ancient.cities.early.access\art\bin\x64\ancient.exe] => (Block) D:0\skidrowreloaded\2020\acient cities early acces\ancient.cities.early.access\art\bin\x64\ancient.exe => Geen bestand
FirewallRules: [TCP Query User{B0AD372A-8D21-4150-A8DB-8D6CC3B3902B}D:0\skidrowreloaded\2020\cyberpunk.2077.steam.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:0\skidrowreloaded\2020\cyberpunk.2077.steam.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Geen bestand
FirewallRules: [UDP Query User{25F8C90F-75A8-4312-BC14-A36A88825402}D:0\skidrowreloaded\2020\cyberpunk.2077.steam.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:0\skidrowreloaded\2020\cyberpunk.2077.steam.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Geen bestand
FirewallRules: [{DC87CEAC-5575-499B-AA55-76ADE2C4E30C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1AE60922-116C-46BC-98B0-56D6CF0CFA36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{020C39B9-D9E0-48FF-9EB2-B3A6BAFFD812}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66139DA3-8EEF-42BB-99D2-211058F617E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3614BB4D-C965-427F-A490-8673FC9B7519}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A630D9A3-0BA4-4D12-A9F0-D701F409EC94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{59EE27F0-9255-453C-89DC-F060C01AC0DE}I:\games\anno 1800\bin\win64\anno1800.exe] => (Block) I:\games\anno 1800\bin\win64\anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft) [Bestand niet getekend]
FirewallRules: [UDP Query User{3495D254-42E6-4953-86EB-AE06A06FAEF0}I:\games\anno 1800\bin\win64\anno1800.exe] => (Block) I:\games\anno 1800\bin\win64\anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft) [Bestand niet getekend]
FirewallRules: [{B9DD7BC8-96E7-406C-85EF-3B1DB2E0C2DC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DBCCDE1A-6DCC-4DB7-90C7-32EB473F05DB}] => (Allow) LPort=2869
FirewallRules: [{9DABBCEA-1D99-4B3A-A091-C3E66928F20E}] => (Allow) LPort=1900
FirewallRules: [{C633482A-B657-4B75-BE94-FCA6B4B4A1DF}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{E34B71E3-1390-40DB-AACF-F11C2D6FFC19}D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\battleserver.exe] => (Block) D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\battleserver.exe => Geen bestand
FirewallRules: [UDP Query User{44B39F45-0613-4154-A5FB-57DF36DC94E6}D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\battleserver.exe] => (Block) D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\battleserver.exe => Geen bestand
FirewallRules: [TCP Query User{D1975BC1-1870-426E-BA74-DA9B0674F5C0}D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\aoe3de_s.exe] => (Block) D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\aoe3de_s.exe => Geen bestand
FirewallRules: [UDP Query User{D817B217-27C0-45D9-ABD0-C09F77F3B9EF}D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\aoe3de_s.exe] => (Block) D:0\skidrowreloaded\2021\age.of.empires.iii.definitive.edition.build.6276774-goldberg\aoe3de_s.exe => Geen bestand
FirewallRules: [TCP Query User{48B7C7FC-7837-4209-84DD-22CA4D866133}D:0\skidrowreloaded\2021\gold.rush.the.game.v1.5.5.14771-goldberg\gold rush the game\goldrushthegame.exe] => (Block)
D:0\skidrowreloaded\2021\gold.rush.the.game.v1.5.5.14771-goldberg\gold rush the game\goldrushthegame.exe => Geen bestand
FirewallRules: [UDP Query User{2DE6B347-8D6A-4D7D-B761-E2C74AA1B9F9}D:0\skidrowreloaded\2021\gold.rush.the.game.v1.5.5.14771-goldberg\gold rush the game\goldrushthegame.exe] => (Block) D:0\skidrowreloaded\2021\gold.rush.the.game.v1.5.5.14771-goldberg\gold rush the game\goldrushthegame.exe => Geen bestand
FirewallRules: [TCP Query User{9785EE06-1ECB-4D15-9EC6-29A77A077951}I:\games\stronghold warlords\bin\win32_release\strongholdwarlords.exe] => (Block) I:\games\stronghold warlords\bin\win32_release\strongholdwarlords.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{26EF97D9-AA8F-4C6C-AC62-961D1ACD0905}I:\games\stronghold warlords\bin\win32_release\strongholdwarlords.exe] => (Block) I:\games\stronghold warlords\bin\win32_release\strongholdwarlords.exe () [Bestand niet getekend]
FirewallRules: [TCP Query User{90BC71AD-69F8-426F-B14C-05A3895CC1C6}D:0\skidrowreloaded\2021\medieval dynasty 0.4.0.2\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2021\medieval dynasty 0.4.0.2\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{8E3EB61F-2C4D-4065-B39E-F99E0CD5ABA8}D:0\skidrowreloaded\2021\medieval dynasty 0.4.0.2\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2021\medieval dynasty 0.4.0.2\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{043B0C8C-0246-42C2-9003-ADC1FA3B4305}D:0\skidrowreloaded\2021\endzone a world apart collect and explore early access\endzone.a.world.apart.collect.and.explore.early.access\endzone.exe] => (Block) D:0\skidrowreloaded\2021\endzone a world apart collect and explore early access\endzone.a.world.apart.collect.and.explore.early.access\endzone.exe => Geen bestand
FirewallRules: [UDP Query User{327DC88D-2E44-429E-9DEA-8A9BD86D19F0}D:0\skidrowreloaded\2021\endzone a world apart collect and explore early access\endzone.a.world.apart.collect.and.explore.early.access\endzone.exe] => (Block) D:0\skidrowreloaded\2021\endzone a world apart collect and explore early access\endzone.a.world.apart.collect.and.explore.early.access\endzone.exe => Geen bestand
FirewallRules: [TCP Query User{2D05964E-B76E-4615-85F9-C837793720F3}E:\traffic giant\trafficgiant.exe] => (Block) E:\traffic giant\trafficgiant.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{04B9DE74-F0CD-401E-BB7D-7BC290230CD1}E:\traffic giant\trafficgiant.exe] => (Block) E:\traffic giant\trafficgiant.exe () [Bestand niet getekend]
FirewallRules: [{41390D9B-1868-4666-B465-52CAA7109852}] => (Block) C:\Program Files\GridinSoft Anti-Malware\gsam.exe (GridinSoft, LLC -> Gridinsoft LLC)
FirewallRules: [{B797FB3B-5D78-4024-A077-E12228F4FBD1}] => (Block) C:\Program Files\GridinSoft Anti-Malware\gsam.exe (GridinSoft, LLC -> Gridinsoft LLC)
FirewallRules: [{32A74A43-ECBE-48DC-B442-034AEEB23256}] => (Allow) I:\Mr DJ\Far Cry 4\bin\FarCry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{77E5A86C-48BD-4C07-AFD3-D3C890083185}] => (Allow) I:\Mr DJ\Far Cry 4\bin\FarCry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{3A7182EB-DC00-4376-BA47-5528F4548DCB}J:\heat.alpha.23-sse\heat\heat.exe] => (Block) J:\heat.alpha.23-sse\heat\heat.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{43F8DD2C-CB0F-48B8-A923-5CC0EB1C8869}J:\heat.alpha.23-sse\heat\heat.exe] => (Block) J:\heat.alpha.23-sse\heat\heat.exe () [Bestand niet getekend]
FirewallRules: [TCP Query User{84539194-CE74-41D1-B43A-FE4BB8A1A8F3}I:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) I:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe (Microsoft Corporation) [Bestand niet getekend]

FirewallRules: [UDP Query User{C312F0B0-71B2-470F-A2E9-5EBDCBF255DB}I:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) I:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe (Microsoft Corporation) [Bestand niet getekend]
FirewallRules: [TCP Query User{8C00B2CC-143D-4E9A-9497-58929E5C9E51}I:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) I:\games\age of empires iii definitive edition the african royals\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [UDP Query User{2D81D76C-9A55-4EC3-A484-86697A6AA58B}I:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) I:\games\age of empires iii definitive edition the african royals\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [TCP Query User{72813A5E-1546-4D0A-9956-A12FBD7604DF}F:\games\age of empires ii - definitive edition\aoe2de_s.exe] => (Block) F:\games\age of empires ii - definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DD59C738-8069-45D8-9820-233AEC3DE554}F:\games\age of empires ii - definitive edition\aoe2de_s.exe] => (Block) F:\games\age of empires ii - definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E3266287-3608-4F3A-A757-7E3ACDD37E26}F:\games\age of empires ii - definitive edition\battleserver\battleserver.exe] => (Block) F:\games\age of empires ii - definitive edition\battleserver\battleserver.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{F6D4B78D-E52E-4A41-887F-2791793D1F89}F:\games\age of empires ii - definitive edition\battleserver\battleserver.exe] => (Block) F:\games\age of empires ii - definitive edition\battleserver\battleserver.exe () [Bestand niet getekend]
FirewallRules: [TCP Query User{D61D13E6-017F-41CB-8109-C44DDBCD6298}D:0\skidrowreloaded\2021\icarus.v0.5.0.76930.beta\icarus beta\icarus\binaries\win64\icarus-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2021\icarus.v0.5.0.76930.beta\icarus beta\icarus\binaries\win64\icarus-win64-shipping.exe => Geen bestand
FirewallRules: [UDP Query User{5AAF815F-7558-45BF-851B-6EFEB2DE46D2}D:0\skidrowreloaded\2021\icarus.v0.5.0.76930.beta\icarus beta\icarus\binaries\win64\icarus-win64-shipping.exe] => (Block) D:0\skidrowreloaded\2021\icarus.v0.5.0.76930.beta\icarus beta\icarus\binaries\win64\icarus-win64-shipping.exe => Geen bestand
FirewallRules: [TCP Query User{359CB37E-4A7C-4AA3-B63A-9AC4F6FEF393}D:0\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:0\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => Geen bestand
FirewallRules: [UDP Query User{2F546D7E-F342-4B09-97DA-DD1C85077DD9}D:0\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:0\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => Geen bestand
FirewallRules: [TCP Query User{97320A8D-23DF-478D-B19B-6BDC07D8441B}D:1\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:1\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => Geen bestand

FirewallRules: [UDP Query User{36B63FDD-D980-439C-9B00-9501B64816C3}D:1\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:1\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => Geen bestand
FirewallRules: [TCP Query User{4A2952D6-0A67-4225-8487-77FDEEFB8D98}D:0\rg mechanics\swf games\the farmthis gallery free download\the farmthis gallery\farmthis\farmthisgallery.exe] => (Block) D:0\rg mechanics\swf games\the farmthis gallery free download\the farmthis gallery\farmthis\farmthisgallery.exe => Geen bestand
FirewallRules: [UDP Query User{109F5296-DF34-4C83-90C6-9275189F1486}D:0\rg mechanics\swf games\the farmthis gallery free download\the farmthis gallery\farmthis\farmthisgallery.exe] => (Block) D:0\rg mechanics\swf games\the farmthis gallery free download\the farmthis gallery\farmthis\farmthisgallery.exe => Geen bestand
FirewallRules: [TCP Query User{9D9D111C-C1A9-4E79-8EB9-33478FD17874}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{59153CA5-4452-4C9A-9915-312B878C6BB2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{56B7C2C1-B64A-4FB8-860F-408BF219C764}D:0\rg mechanics\ichio games\milf odissey\milfodyssey-0.0.5-pc\milfodyssey.exe] => (Block) D:0\rg mechanics\ichio games\milf odissey\milfodyssey-0.0.5-pc\milfodyssey.exe => Geen bestand
FirewallRules: [UDP Query User{11551A3E-55EE-4D82-A1B6-3118206819C5}D:0\rg mechanics\ichio games\milf odissey\milfodyssey-0.0.5-pc\milfodyssey.exe] => (Block) D:0\rg mechanics\ichio games\milf odissey\milfodyssey-0.0.5-pc\milfodyssey.exe => Geen bestand
FirewallRules: [TCP Query User{48029326-01FA-421F-AECB-1210BF1353F3}C:\program files (x86)\avant browser\webkit\webkit.exe] => (Allow) C:\program files (x86)\avant browser\webkit\webkit.exe (Avant Force -> The Chromium Authors)
FirewallRules: [UDP Query User{C7FA83B8-5234-478A-B157-E42382443C20}C:\program files (x86)\avant browser\webkit\webkit.exe] => (Allow) C:\program files (x86)\avant browser\webkit\webkit.exe (Avant Force -> The Chromium Authors)
FirewallRules: [TCP Query User{B6030911-7842-4F74-BBC4-F001FA736BF4}D:0\mijn windows 10 pc\utorrent 2.2.1 build 25154 voor tptb\utorrent.exe] => (Allow) D:0\mijn windows 10 pc\utorrent 2.2.1 build 25154 voor tptb\utorrent.exe => Geen bestand
FirewallRules: [UDP Query User{DE45BD6E-B43D-47DE-8A5B-5F478EFA451F}D:0\mijn windows 10 pc\utorrent 2.2.1 build 25154 voor tptb\utorrent.exe] => (Allow) D:0\mijn windows 10 pc\utorrent 2.2.1 build 25154 voor tptb\utorrent.exe => Geen bestand
FirewallRules: [{1D7DDD4A-3B34-4F95-A5FA-255FF4A43C7F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{EF585173-B9DC-468D-A211-6717F3B1A02E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{EDDE0643-A663-4DC7-AD2F-238F6E34B579}I:\skidrow reloaded\2017\dying.light.the.following.enhanced.edition.reinforcements-reloaded\dying light the following enhanced edition\dyinglightgame.exe] => (Block) I:\skidrow reloaded\2017\dying.light.the.following.enhanced.edition.reinforcements-reloaded\dying light the following enhanced edition\dyinglightgame.exe (Techland Sp. z o.o. -> Techland) [Bestand niet getekend]
FirewallRules: [UDP Query User{D7EF91CD-12EB-4080-979D-8B6276DE9559}I:\skidrow reloaded\2017\dying.light.the.following.enhanced.edition.reinforcements-reloaded\dying light the following enhanced edition\dyinglightgame.exe] => (Block) I:\skidrow reloaded\2017\dying.light.the.following.enhanced.edition.reinforcements-reloaded\dying light the following enhanced edition\dyinglightgame.exe (Techland Sp. z o.o. -> Techland) [Bestand niet getekend]
FirewallRules: [{D30BBAA0-397C-4359-BD58-254A1F32A15E}] => (Allow) C:\Program Files\Opera\83.0.4254.27\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D6864A2F-284C-47B4-AF3F-4335EC8367EF}D:0\skidrowreloaded\2022\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) D:0\skidrowreloaded\2022\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe => Geen bestand
FirewallRules: [UDP Query User{57E5054D-60EA-4272-8D9A-417C23A23618}D:0\skidrowreloaded\2022\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) D:0\skidrowreloaded\2022\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe => Geen bestand
FirewallRules: [TCP Query User{E7E6DE35-40BE-4531-B01A-B4247F8D58D2}J:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) J:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{E1054211-A140-43AA-B8BA-3D823A21D1EC}J:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) J:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe () [Bestand niet getekend]
FirewallRules: [{CE067518-471C-471A-9F94-E81607769409}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CB132054-B95F-4A71-8C5A-B63B84DEFF7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EAED24C6-98A6-4ECD-B780-DE79CDB264AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8B301D4-2504-4B75-AE18-22C1FE0B30BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43E2472F-4DE5-4B52-857D-B776FB0A17C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6956DFE-46CB-46B3-A3F5-CE3785A87ACF}] => (Allow) C:\Program Files\Opera\83.0.4254.62\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A0C89A1B-0858-4FD4-B39F-022A4BDAFE8B}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Herstelpunten =========================

19-02-2022 20:53:37 Gepland controlepunt

==================== Defecte Apparaatbeheer Apparaten ============

Name: Microsoft-muis (PS/2)
Description: Microsoft-muis (PS/2)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standaard PS/2-toetsenbord
Description: Standaard PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Eventlog fouten: ========================

Applicatiefouten:
==================
Error: (02/22/2022 01:58:18 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: De Windows Beveiligingscentrum-service kan geen exemplaren van FirewallProduct uit de datastore laden.

Error: (02/22/2022 01:24:57 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: De Windows Beveiligingscentrum-service kan geen exemplaren van FirewallProduct uit de datastore laden.

Error: (02/22/2022 01:15:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten.
.

Error: (02/22/2022 01:15:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten.
]

Error: (02/22/2022 01:15:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten.
.

Error: (02/22/2022 01:15:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten.
]

Error: (02/22/2022 12:25:22 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: De Windows Beveiligingscentrum-service kan geen exemplaren van FirewallProduct uit de datastore laden.

Error: (02/21/2022 09:20:17 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: De Windows Beveiligingscentrum-service kan geen exemplaren van FirewallProduct uit de datastore laden.


Systeemfouten:
=============
Error: (02/22/2022 01:54:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De RasMan-service is afhankelijk van de SstpSvc-service, die vanwege de volgende fout niet kan worden gestart:
De bewerking is voltooid.

Error: (02/22/2022 01:53:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 13:20:46 op ‎22-‎2-‎2022 is onverwacht gebeurd.

Error: (02/22/2022 01:21:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De RasMan-service is afhankelijk van de SstpSvc-service, die vanwege de volgende fout niet kan worden gestart:
De bewerking is voltooid.

Error: (02/22/2022 12:38:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80240017: Beveiligingsinformatie-update voor Microsoft Defender Antivirus - KB2267602 (versie 1.359.685.0).

Error: (02/22/2022 12:20:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De RasMan-service is afhankelijk van de SstpSvc-service, die vanwege de volgende fout niet kan worden gestart:
De bewerking is voltooid.

Error: (02/21/2022 09:23:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Microsoft Defender Antivirus Service-service is gestopt met de volgende foutcode:
%%2147942402 = Het systeem kan het opgegeven bestand niet vinden..

Error: (02/21/2022 09:16:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De RasMan-service is afhankelijk van de SstpSvc-service, die vanwege de volgende fout niet kan worden gestart:
De bewerking is voltooid.

Error: (02/21/2022 09:16:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 20:36:36 op ‎21-‎2-‎2022 is onverwacht gebeurd.

[sitew]

Windows Defender:
================
Date: 2022-02-20 20:17:08
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
https://go.microsoft.com/fwlink/?lin...2&enterprise=0
Naam: Trojan:O97M/Mountsi.D!ml
Ernst: Ernstig
Categorie: Trojaans paard
Pad: amsi:_\Device\HarddiskVolume4\Windows\SysWOW64\cscript.exe
Detectieoorsprong: Onbekend
Detectietype: Snel pad
Detectiebron: Systeem
Gebruiker: NT AUTHORITY\SYSTEM
Procesnaam: Unknown
Versie van beveiligingsinformatie: AV: 1.359.235.0, AS: 1.359.235.0, NIS: 1.359.235.0
Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-20 20:17:08
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
https://go.microsoft.com/fwlink/?lin...6&enterprise=0
Naam: TrojanDownloader:Win32/Nemucod!ml
Ernst: Ernstig
Categorie: Downloadprogramma in Trojaans paard
Pad: file:_C:\Users\Site\AppData\Local\Temp\t.js; file:_C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.js; regkey:_HKCU@S-1-5-21-3199363119-606788724-3210624172-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\t; runkey:_HKCU@S-1-5-21-3199363119-606788724-3210624172-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\t; startup:_C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.js
Detectieoorsprong: Lokale computer
Detectietype: Snel pad
Detectiebron: Systeem
Gebruiker: NT AUTHORITY\SYSTEM
Procesnaam: Unknown
Versie van beveiligingsinformatie: AV: 1.359.235.0, AS: 1.359.235.0, NIS: 1.359.235.0
Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-20 11:35:39
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
https://go.microsoft.com/fwlink/?lin...6&enterprise=0
Naam: TrojanDownloader:Win32/Nemucod!ml
Ernst: Ernstig
Categorie: Downloadprogramma in Trojaans paard
Pad: file:_C:\Users\Site\AppData\Local\Temp\t.js; file:_C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.js
Detectieoorsprong: Lokale computer
Detectietype: Snel pad
Detectiebron: Real-timebeveiliging
Gebruiker: DESKTOP-C38E2HK\Site
Procesnaam: C:\Windows\SysWOW64\cscript.exe
Versie van beveiligingsinformatie: AV: 1.359.235.0, AS: 1.359.235.0, NIS: 1.359.235.0
Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-20 11:35:36
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
https://go.microsoft.com/fwlink/?lin...6&enterprise=0
Naam: TrojanDownloader:Win32/Nemucod!ml
Ernst: Ernstig
Categorie: Downloadprogramma in Trojaans paard
Pad: file:_C:\Users\Site\AppData\Local\Temp\t.js; file:_C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.js
Detectieoorsprong: Lokale computer
Detectietype: Snel pad
Detectiebron: Real-timebeveiliging
Gebruiker: DESKTOP-C38E2HK\Site
Procesnaam: C:\Windows\SysWOW64\cscript.exe
Versie van beveiligingsinformatie: AV: 1.359.235.0, AS: 1.359.235.0, NIS: 1.359.235.0
Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-20 11:35:31
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
https://go.microsoft.com/fwlink/?lin...6&enterprise=0
Naam: TrojanDownloader:Win32/Nemucod!ml
Ernst: Ernstig
Categorie: Downloadprogramma in Trojaans paard
Pad: file:_C:\Users\Site\AppData\Local\Temp\t.js; file:_C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.js
Detectieoorsprong: Lokale computer
Detectietype: Snel pad
Detectiebron: Real-timebeveiliging
Gebruiker: DESKTOP-C38E2HK\Site
Procesnaam: C:\Windows\SysWOW64\cscript.exe
Versie van beveiligingsinformatie: AV: 1.359.235.0, AS: 1.359.235.0, NIS: 1.359.235.0
Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3
Event[0]:

Date: 2022-02-20 22:44:35
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie: 1.359.570.0
Vorige versie van beveiligingsinformatie: 1.359.567.0
Updatebron: Gebruiker
Type beveiligingsinformatie: AntiSpyware
Updatetype: Delta
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie: 1.1.18900.3
Vorige engineversie: 1.1.18900.3
Foutcode: 0x80509004
Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates.

Date: 2022-02-20 22:44:35
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie: 1.359.570.0
Vorige versie van beveiligingsinformatie: 1.359.567.0
Updatebron: Gebruiker
Type beveiligingsinformatie: AntiVirus
Updatetype: Delta
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie: 1.1.18900.3
Vorige engineversie: 1.1.18900.3
Foutcode: 0x80509004
Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates.

Date: 2022-02-20 20:24:44
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.359.235.0
Updatebron: Microsoft-updateserver
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.18900.3
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.

Date: 2022-02-20 20:14:15
Description:
Real-timebeveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten.

Date: 2022-02-11 16:41:56
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.357.303.0
Updatebron: Microsoft Centrum voor beveiliging tegen malware
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\NETWORK SERVICE
Huidige engineversie:
Vorige engineversie: 1.1.18900.2
Foutcode: 0x80070102
Foutbeschrijving: Time-out van wachtbewerking.

CodeIntegrity:
===============
Date: 2022-02-22 16:58:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2022-02-22 16:58:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Geheugen info ===========================

BIOS: American Megatrends Inc. A46F1020 02/23/2011
Moederbord: Foxconn P67A/P67A-S
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage geheugen in gebruik: 26%
Totaal fysiek RAM-geheugen: 16366.63 MB
Beschikbaar fysiek RAM-geheugen: 12066.08 MB
Totaal Virtueel geheugen: 32750.63 MB
Beschikbaar Virtueel geheugen: 26271.66 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:491.13 GB) (Free:293.09 GB) NTFS
Drive d: () (Fixed) (Total:74.51 GB) (Free:59.48 GB) FAT32
Drive e: () (Fixed) (Total:74.51 GB) (Free:44.33 GB) FAT32
Drive f: () (Fixed) (Total:439.45 GB) (Free:87.76 GB) NTFS
Drive i: (LaCie) (Fixed) (Total:4657.53 GB) (Free:557.31 GB) NTFS
Drive j: (Elements) (Fixed) (Total:2794.49 GB) (Free:622.82 GB) NTFS
Drive k: (LaCie) (Fixed) (Total:7452.02 GB) (Free:1319.15 GB) NTFS
Drive l: (My Book) (Fixed) (Total:1862.98 GB) (Free:276.07 GB) NTFS

\\?\Volume{6170fdbe-0000-0000-0000-100000000000}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{6170fdbe-0000-0000-0000-d0ce7a000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS

==================== MBR & Partitietabel ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 12E4A931)
Partition 1: (Active) - (Size=74.5 GB) - (Type=0C)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: C033C033)
Partition 1: (Active) - (Size=74.5 GB) - (Type=0C)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6170FDBE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=491.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=847 MB) - (Type=27)
Partition 4: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==========================================================
Disk: 5 (Size: 7452 GB) (Disk ID: 32582FFB)

Partition: GPT.

==========================================================
Disk: 6 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 00021365)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Einde van Addition.txt =======================

[sitew]

here is the FRST txt part 1

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 14-02-2022 01
Gestart door Site (Beheerder) op DESKTOP-C38E2HK (22-02-2022 16:44:29)
Gestart vanaf C:\Users\Site\Desktop
Geladen Profielen: Site
Platform: Microsoft Windows 10 Pro Versie 21H1 19043.1526 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Edge
Boot Modus: Normal

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe ->) (Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (Microsoft Corporation) [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(explorer.exe ->) (Performix LLC -> Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (MAGIX AG) [Bestand niet getekend] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_0f23ad8529e377b6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Performix LLC -> Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Red Giant LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(wscript.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe

==================== Register (gefilterd) ===================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [10140904 2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653928 2021-01-26] (Adobe Inc. -> Adobe)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455304 2016-10-02] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [10140904 2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [567368 2016-10-05] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [clnspc 7 check updates and quit] => C:\Program Files (x86)\Clean Space 7\cleanspace.exe [1187544 2020-03-20] (Yury Saprykin -> CyRobo)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [14968 2020-07-30] (Office Timeline, LLC -> OfficeTimeline LLC)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5715728 2017-11-21] (Performix LLC -> Performix LLC)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10985776 2022-01-13] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2022-01-02] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [MicrosoftEdgeAutoLaunch_440EF7AFA175C7639819209491969DDE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Shell] => wscript.exe /E:jscript C:\Users\Public\70WE7XVMLUTZLSFOW1LD
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [t] => wscript.exe //B "C:\Users\Site\AppData\Local\Temp\t.js" <==== AANDACHT
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [Cruelty_crypted] => wscript.exe //B "C:\Users\Site\AppData\Local\Temp\Cruelty_crypted.js" <==== AANDACHT
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [2022] => wscript.exe //B "C:\Users\Site\AppData\Local\Temp\2022.js" <==== AANDACHT
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\MountPoints2: H - "H:\setup.exe"
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\MountPoints2: {9578d9d2-eac9-11ea-8f81-d0278867429d} - "N:\setup.exe"
HKLM\...\Print\Monitors\PDF-XChange V6 Printer Port Monitor (Lite): C:\Windows\system32\pxcpm5L.dll [150720 2017-03-06] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\...\AppCompatFlags\Custom\1503Startup.exe: [{1391f2e7-40d1-4f1a-971b-be93446bccd2}.sdb] -> GOG.com Anno 1503
HKLM\Software\...\AppCompatFlags\Custom\1602.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\1602Edit.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\Anno1701.exe: [{3514e397-891c-44b5-8c04-9e8ea8e96995}.sdb] -> GOG.com Anno 1701
HKLM\Software\...\AppCompatFlags\Custom\Anno1701AddOn.exe: [{3514e397-891c-44b5-8c04-9e8ea8e96995}.sdb] -> GOG.com Anno 1701
HKLM\Software\...\AppCompatFlags\Custom\Porsche.exe: [{896a1a01-57e6-4417-9843-5b49611891dd}.sdb] -> Wac's Porsche Unleashed Patch
HKLM\Software\...\AppCompatFlags\Custom\S3.EXE: [{f707a2f1-2ed1-4560-a087-97aa176c3777}.sdb] -> GOG.com The Settlers 3
HKLM\Software\...\AppCompatFlags\Custom\S3_multi.EXE: [{f707a2f1-2ed1-4560-a087-97aa176c3777}.sdb] -> GOG.com The Settlers 3
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1391f2e7-40d1-4f1a-971b-be93446bccd2}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1391f2e7-40d1-4f1a-971b-be93446bccd2}.sdb [2015-08-04]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{3514e397-891c-44b5-8c04-9e8ea8e96995}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{3514e397-891c-44b5-8c04-9e8ea8e96995}.sdb [2015-08-04]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{896a1a01-57e6-4417-9843-5b49611891dd}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{896a1a01-57e6-4417-9843-5b49611891dd}.sdb [2003-05-24]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb [2015-07-28]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{f707a2f1-2ed1-4560-a087-97aa176c3777}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{f707a2f1-2ed1-4560-a087-97aa176c3777}.sdb [2013-03-06]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\98.1.35.103\Installer\chrmstp.exe [2022-02-17] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-02-22]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\WINDOWS\Installer\{8F99975A-8D39-43CD-8055-D11901CE0502}\app_icon.exe (Geen bestand)
Startup: C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar864.lnk [2022-02-22]
ShortcutTarget: Sidebar864.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [Bestand niet getekend] [Bestand is in gebruik]
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) ============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0290B114-2801-4E99-A34E-DF7E54AE42B6} - System32\Tasks\Opera scheduled Autoupdate 1557328410 => C:\Program Files\Opera\launcher.exe [2333904 2022-02-15] (Opera Software AS -> Opera Software)
Task: {0383EDD1-E736-45C3-A6D6-AD384B5C9352} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {09479933-86EC-4E12-8D0C-8ED760109F02} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0A41988D-3381-4F84-813D-0844AB522D2B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ACEB9D0-3877-4440-B22A-61C00EF70334} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-11-27] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {0BB309D0-A655-4992-A941-1F0BADBE1C42} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {139315E1-0B72-40F9-96F9-2DEB55B6AD1F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {19653648-3546-47F3-8B90-E7B692FCB6F6} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3199363119-606788724-3210624172-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {1FF53AE1-C53C-4E89-83D8-C5329B3F2460} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {290A866D-7C62-44F3-950B-5AD551780060} - System32\Tasks\{566E50C7-4811-4EF4-8E37-8F7760BBCD59} => C:\Windows\system32\pcalua.exe -a "D:\Wave programs\daemon tools\daemon347.exe" -d "D:\Wave programs\daemon tools"
Task: {2A27DDFE-FF4D-4276-B1DD-8FFBB4838E2B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582722151 => C:\Program Files\Opera\launcher.exe [2333904 2022-02-15] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {2A81327E-7CFD-4C9B-BCF8-A75857EBCA64} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {2CA708E9-8257-431C-88DF-0D49897EFB04} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33DE04E9-B77B-44AF-9817-51687DB072FF} - System32\Tasks\CCleanerSkipUAC - Site => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3750E9E7-494F-4914-91A6-D1F130DE21D1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {37F18336-F92D-4BB6-839F-64F40FA880B6} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {3879B8F9-0765-4E95-A312-B5E75A3A7889} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D628A89-527F-4A81-BFDF-14646208962C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {47E9A25C-3FF5-40C4-8905-28B0DAA316EA} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {52C24B2A-6536-405B-8F0D-DD07FE2C45E2} - System32\Tasks\GlaryUpdate 5 => C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.exe [43472 2018-04-02] (Glarysoft LTD -> Glarysoft Ltd)
Task: {57DA030D-96C2-493B-97D9-95C5E0BC1D76} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [1371648 2012-05-19] (Microsoft Corporation) [Bestand niet getekend] [Bestand is in gebruik]
Task: {58ED21E4-0E96-489C-A23A-EF8B43412B17} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BFD31A9-0DE8-4129-8674-39188B8B3ADA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2092720 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {61F9A1BB-01E0-4463-84F8-D350DFF9264A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {685F8C76-FEAA-4C01-8742-03F4786AF7B1} - System32\Tasks\update-S-1-5-21-3199363119-606788724-3210624172-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {6D90DA22-3819-4C84-A43B-3ECEB4789C1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-02] (Google Inc -> Google Inc.)
Task: {76133B0C-12C0-4B87-90E2-5500CC284177} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915408 2018-04-02] (Glarysoft LTD -> Glarysoft Ltd)
Task: {811D11CD-2906-4408-B28C-E65343E07C1F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {84DDD8C5-269E-402E-9309-B5EC473D6752} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {908D66E3-666D-463D-8EC1-0E47C1AFB31A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {931975BD-79D2-41C1-BE49-72116D73FF2D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {96AD354B-944D-481F-BF1A-FE58C8AEE5E3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B9764F8-2C05-4389-A884-9935D5B0562C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A64AFD4F-29EC-4FE0-B2B9-ACCD58CCBE77} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9566F37-735B-4E2A-8ACD-ED696FC86A68} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B27AF306-7326-4A9C-A003-3BB304B2D523} - System32\Tasks\CorelUpdateHelperTask-4B4C28E7D96F8E9D15B46C1A8D7CB621 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {B3982A9E-B7DC-4FEA-8989-07B86B7F4542} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BACA7ABC-3414-4BC9-AFC3-DE975E1D18F4} - System32\Tasks\Uninstaller_SkipUac_Site => C:\Program Files (x86)\IObit Uninstaller\IObitUninstaler.exe [6688256 2021-03-25] (IObit) [Bestand niet getekend]
Task: {C437CFB1-E0D2-4A87-A665-5FE5080B756D} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [11072248 2021-09-28] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {C6306E8E-EB14-4ECE-83A7-6818DAABFBFC} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-11-27] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D88758CF-9771-4C9A-9E9B-D31398ECFA30} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7993340f-28a2-4dfc-9dad-d4af4b912183 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" /TASK:7993340f-28a2-4dfc-9dad-d4af4b912183
Task: {D8A1047B-0760-4B4F-9359-228AB557ACB3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFE63FD0-419E-4763-B865-58AB22D56975} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E1B2BC09-D9BD-41E7-908E-B999DCCD3D33} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E492EF6D-8383-4642-996C-98BC8D6D230C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-02] (Google Inc -> Google Inc.)
Task: {E84103AD-6788-4E81-81E1-490A91D81697} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F6949AE0-5397-40A4-B022-7F22B632925F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD7F9A9A-9706-4121-8F4C-E110A74AB418} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {FEA0305D-9FFA-427B-8DDB-F396B941E4B1} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 7993340f-28a2-4dfc-9dad-d4af4b912183.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3199363119-606788724-3210624172-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5
Tcpip\..\Interfaces\{be4723c1-e50a-407f-8b6b-99a3697d0962}: [DhcpNameServer] 195.130.130.5 195.130.131.5
Tcpip\..\Interfaces\{dbbb466a-1c66-4cca-9b7c-2df9946919af}: [DhcpNameServer] 195.130.130.5 195.130.131.5