hi everyone, i got a email from a hacker with my email adress to my email adress ...
Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: hi everyone, i got a email from a hacker with my email adress to my email adress ...

  1. #1
    Join Date
    Sep 2016
    Posts
    137

    Question hi everyone, i got a email from a hacker with my email adress to my email adress ...

    i have already changed my password on that server
    can you please tell me with wat program i should scan ??
    thank you in advance

    this is the email i got :


    I have to share bad news with you.

    Approximately few months ago I have gained access to your devices, which you use for internet browsing.
    After that, I have started tracking your internet activities.
    Some time ago I hacked you and got access to your email accounts xxxxxxxr@telenet.be .
    Obviously, I have easily hack to log in to your email.

    Your password: xxxxxxxx


    One week later, I have already installed Trojan virus to Operating Systems of all the devices that you use to access your email.
    In fact, it was not really hard at all (since you were following the links from your inbox emails).
    All ingenious is simple. =)
    This software provides me with access to all the controllers of your devices (e.g., your microphone, video camera and keyboard).
    I have downloaded all your information, data, photos, web browsing history to my servers.
    I have access to all your messengers, social networks, emails, chat history and contacts list.
    My virus continuously refreshes the signatures (it is driver-based), and hence remains invisible for antivirus software.

    Likewise, I guess by now you understand why I have stayed undetected until this letter...

    While gathering information about you, I have discovered that you are a big fan of adult websites.
    You really love visiting porn websites and watching exciting videos, while enduring an enormous amount of pleasure.
    Well, I have managed to record a number of your dirty scenes and montaged a few videos, which show the way you masturbate and reach orgasms.

    If you have doubts, I can make a few clicks of my mouse and all your videos will be shared to your friends, colleagues and relatives.
    I have also no issue at all to make them available for public access.
    I guess, you really don't want that to happen, considering the specificity of the videos you like to watch, (you perfectly know what I mean) it will cause a true catastrophe for you.

    Let's settle it this way:
    You transfer $600 USD to me (in bitcoin equivalent according to the exchange rate at the moment of funds transfer), and once the transfer is received, I will delete all this dirty stuff right away.
    After that we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me, I keep my word.

    This is a fair deal and the price is quite low, considering that I have been checking out your profile and traffic for some time by now.
    In case, if you don't know how to purchase and transfer the bitcoins - you can use any modern search engine.


    Here is my bitcoin wallet: bc1qyln4kqydjggqa7pf6aznxxhqmgmd78vzltgtv9

  2. #2
    Join Date
    Sep 1999
    Location
    Largo, Fl.
    Posts
    22,222
    We've all probably gotten that email... Follow the instructions here for a super good scan:

    https://discussions.virtualdr.com/sh...ted-3-21-2015)

  3. #3
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    25,140
    As Steve says those emails are common. The hacker probably got the address and PW from an online database. I have altered them in your original post for privacy now as well.

    Do the scan that Steve suggests to be super extra sure but I would not be concerned that you've really been hacked. I would, however, change the password, if you used the same one, to any other site you log into.


    https://www.forbes.com/sites/daveywi...h=ec72615160c4
    Don't believe everything you think.

    VirtualDr email notices are not working.
    Check back regularly for responses.

    _____________________
    cat lovers click here

  4. #4
    Join Date
    Sep 2016
    Posts
    137

    Thumbs up done the coomodo scan

    thank you both Sir
    i also have done now a malwarebyte scan and the Comodo scan it did find nothing ...
    thank you both for have the answer it is keep me calm now again
    Sir @Steve R Jones and Sir Fink i will do that scan now

    i will report here again when that hacker comes back Sir
    Last edited by sitew; March 2nd, 2023 at 09:12 AM. Reason: done the comodo scan

  5. #5
    Join Date
    Sep 2016
    Posts
    137
    Sir @Steve R Jones and Sir Fink
    Shall i place the scan there where Sir Steve R Jones have write ?
    why do i ask : because i think there is a keylogger in my computer .
    when i press the o then it comes sometimes 2 time like oo ...

    please tell me here if i can copy paste the scan from FRST there

    thank you in advance

  6. #6
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    25,140
    I have moved this thread to the proper intensive care forum. Pls copy all of the requested the scans below. Having said that it sounds more like a keyboard issue but do the scans because better safe than sorry.
    Don't believe everything you think.

    VirtualDr email notices are not working.
    Check back regularly for responses.

    _____________________
    cat lovers click here

  7. #7
    Join Date
    Sep 2016
    Posts
    137
    Sir Fink Sorry to say but this here is a BRAND NEW Keyboard and a very exspancive one it is the G413 Mechanical Keyboard. Features Romer-G switches, lightweight aluminium body, backlit keys, USB passthrough, 12 faceted keycaps

    but yeah it have nothing to do with my keyboard (lol)

    i also know why i write this because i have allowed a program to access here because i thought my son had ordered something ...

    ok i paste the 2 txt here thank you Sir

    first the FRST scan
    Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-03-2023
    Gestart door sitewizard (Beheerder) op DESKTOP-CLOTT6J (Micro-Star International Co., Ltd. MS-7D25) (05-03-2023 13:22:39)
    Gestart vanaf C:\Users\sitewizard\Desktop
    Geladen Profielen: sitewizard
    Platform: Microsoft Windows 10 Pro Versie 22H2 19045.2604 (X64) Taal: Nederlands (Nederland)
    Standaardbrowser: FF
    Boot Modus: Normal

    ==================== Processen (gefilterd) =================

    (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

    (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
    (C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\iush.exe
    (C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\PPUninstaller.exe
    (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
    (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
    (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
    (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
    (explorer.exe ->) () [Bestand niet getekend] C:\Program Files (x86)\Proxy2Service\client.exe
    (explorer.exe ->) (BitTorrent Inc.) [Bestand niet getekend] C:\Users\sitewizard\AppData\Roaming\uTorrent\uTorrent.exe
    (explorer.exe ->) (Microsoft Corporation) [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Windows Sidebar\sidebar.exe
    (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
    (explorer.exe ->) (Samsung Electronics Co., Ltd.) [Bestand niet getekend] C:\ProgramData\CCleaner\CCleaner.exe
    (explorer.exe ->) (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
    (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
    (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    (services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
    (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
    (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
    (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
    (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
    (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
    (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
    (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe <2>
    (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
    (services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

  8. #8
    Join Date
    Sep 2016
    Posts
    137
    second part from FRST

    ==================== Register (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

    HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
    HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2019-04-18] (Power Software Limited -> Power Software Ltd)
    HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT
    HKU\S-1-5-21-606347907-599255135-1780284584-1000\...\MountPoints2: {9b3f34dd-970f-11ec-b44b-806e6f6e6963} - "J:\setup.exe"
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10994528 2022-04-26] (Support.com, Inc. -> SUPERAntiSpyware)
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities\StartupManager.exe [45488 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [MicrosoftEdgeAutoLaunch_89C1EA0ACEA75746A4B0B89D32ED7CA8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [uTorrent] => C:\Users\sitewizard\AppData\Roaming\uTorrent\uTorrent.exe [4709376 2023-01-02] (BitTorrent Inc.) [Bestand niet getekend] <==== AANDACHT
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Run: [CCleaner] => C:\ProgramData\CCleaner\CCleaner.exe [666133504 2023-02-19] (Samsung Electronics Co., Ltd.) [Bestand niet getekend] <==== AANDACHT
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\MountPoints2: H - "H:\stp-se4.exe"
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\MountPoints2: I - "I:\SETUP.exe"
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\MountPoints2: J - "J:\setup.exe"
    HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2266096 2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    HKLM\Software\...\AppCompatFlags\Custom\Beastmaster.exe: [{1d364a19-a2a2-4468-ab6b-b9e3d08b3981}.sdb] -> GOG.com Heroes Chronicles C7
    HKLM\Software\...\AppCompatFlags\Custom\Dragons.exe: [{a0495fab-0c3a-45fc-a745-615b3586004b}.sdb] -> GOG.com Heroes Chronicles C4
    HKLM\Software\...\AppCompatFlags\Custom\Elements.exe: [{f86eef5e-75ab-4732-b557-41541570d4df}.sdb] -> GOG.com Heroes Chronicles C3
    HKLM\Software\...\AppCompatFlags\Custom\FieryMoon.exe: [{3a00c9e9-7a14-44a6-8527-f3f46b8e8670}.sdb] -> GOG.com Heroes Chronicles C6
    HKLM\Software\...\AppCompatFlags\Custom\Sword.exe: [{ac4f005a-8771-4ce6-b58d-52106dddf6bd}.sdb] -> GOG.com Heroes Chronicles C8
    HKLM\Software\...\AppCompatFlags\Custom\Underworld.exe: [{c1d5ddb7-34d0-47cc-9a4c-0b0ad82a7383}.sdb] -> GOG.com Heroes Chronicles C2
    HKLM\Software\...\AppCompatFlags\Custom\Warlords.exe: [{ea59dae3-025b-4868-9f21-bb2b0ceb93e6}.sdb] -> GOG.com Heroes Chronicles C1
    HKLM\Software\...\AppCompatFlags\Custom\WorldTree.exe: [{33c9337b-6b05-455f-ae35-49cd92e148b5}.sdb] -> GOG.com Heroes Chronicles C5
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d364a19-a2a2-4468-ab6b-b9e3d08b3981}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{1d364a19-a2a2-4468-ab6b-b9e3d08b3981}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{33c9337b-6b05-455f-ae35-49cd92e148b5}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{33c9337b-6b05-455f-ae35-49cd92e148b5}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{3a00c9e9-7a14-44a6-8527-f3f46b8e8670}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{3a00c9e9-7a14-44a6-8527-f3f46b8e8670}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{a0495fab-0c3a-45fc-a745-615b3586004b}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{a0495fab-0c3a-45fc-a745-615b3586004b}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{ac4f005a-8771-4ce6-b58d-52106dddf6bd}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{ac4f005a-8771-4ce6-b58d-52106dddf6bd}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{c1d5ddb7-34d0-47cc-9a4c-0b0ad82a7383}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{c1d5ddb7-34d0-47cc-9a4c-0b0ad82a7383}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{ea59dae3-025b-4868-9f21-bb2b0ceb93e6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{ea59dae3-025b-4868-9f21-bb2b0ceb93e6}.sdb [2014-04-01]
    HKLM\Software\...\AppCompatFlags\InstalledSDB\{f86eef5e-75ab-4732-b557-41541570d4df}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{f86eef5e-75ab-4732-b557-41541570d4df}.sdb [2014-04-01]
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-28] (Google LLC -> Google LLC)
    Startup: C:\Users\sitewizard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Proxy2Service.lnk [2022-05-29]
    ShortcutTarget: Proxy2Service.lnk -> C:\Program Files (x86)\Proxy2Service\client.exe () [Bestand niet getekend]
    Startup: C:\Users\sitewizard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar977.lnk [2023-03-05]
    ShortcutTarget: Sidebar977.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [Bestand niet getekend] [Bestand is in gebruik]
    BootExecute: autocheck autochk *

    ==================== Geplande Taken (gefilterd) ============

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    Task: {0150A4EB-D0FF-4908-AFC8-23C8550BACE5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
    Task: {11F60980-8FFC-46E0-90AB-680B6250BF25} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {1EFE8F32-CDBD-4DE3-93A9-92E65FD4E82C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
    Task: {29486F58-8759-4422-9BC5-B92DCC7874AE} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation)
    Task: {298AD506-80C3-44EA-A469-CD132C6863F4} - System32\Tasks\CorelUpdateHelperTask-80888E616CBF5A1F87AE4E71C5668D48 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation)
    Task: {318E728C-95B8-44F3-9813-010BE1DDD6EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-01] (Mozilla Corporation -> Mozilla Foundation)
    Task: {4427721C-D8CB-4E94-A4FB-62D827CC2230} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-02-26] (Google Inc -> Google Inc.)
    Task: {449B1C58-5FB9-4AE9-9003-217FD093D566} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities\Integrator.exe [918960 2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
    Task: {48819A20-E01A-4CFA-8951-6EDC994638D4} - System32\Tasks\update-S-1-5-21-606347907-599255135-1780284584-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
    Task: {4BE5E4C8-F9E1-441A-B17C-48E2C34488DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {5E577D9B-62C6-4960-A693-06B963366048} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-02-26] (Google Inc -> Google Inc.)
    Task: {62B338BA-101F-4C9B-9979-5F9AFCD3300B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {73B09430-B07D-4C47-B702-3AA82E53B156} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-606347907-599255135-1780284584-500 => C:\Users\sitewizard\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand)
    Task: {76E99DE2-7AC1-4D07-85CF-4BE1F6B8E288} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {89F8DF4C-B6FB-44E7-BABC-050B7CE53B76} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {95EDDC0A-A562-495B-8CB6-612B889227C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5253864 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
    Task: {96D56399-5EE8-4909-B0FD-0948A1603753} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
    Task: {9E07D60A-ED90-47F6-84C3-075174B61F32} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {A06BC6ED-B62A-41B6-BF12-E695EF86331D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "87631ff1-69f0-4003-be64-685a9672fa9c" --version "6.09.10300" --silent
    Task: {B099C6BB-1902-46AC-BB44-37CA65D47C85} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {BAF93C6B-C7BE-400C-A3D1-17207DDF1A5A} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {BD56C28B-34DF-4791-924F-8792412B26FD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {BFF0A9FA-2A43-477C-81AA-823150CDED6A} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2021-11-28] (Stanislav Zinukhov -> www.startisback.com)
    Task: {C5D64341-1DE1-49CB-BC9E-CD9688D887A8} - System32\Tasks\SUPERAntiSpyware Scheduled Task f5193d7c-ec85-4c91-807c-0ac3ea1cb730 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:f5193d7c-ec85-4c91-807c-0ac3ea1cb730
    Task: {CA88FB09-8E0E-4A7A-A169-23282CB4C232} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {CC591E65-1F20-4E47-888A-CD5846A5FAA9} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {CCD08FAD-05F6-4AFE-9FBF-FD44F147287C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {D1EC92E2-B235-4796-8901-BD064BC902D2} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    Task: {D4D5A6B8-B6F2-43A8-9904-6901CCD8ABE9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
    Task: {E443CC23-E1F0-4835-8567-80B19AA7CA3B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {E6145F6D-AF56-4C18-AFFD-E7EDE1EFE2E0} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [11072248 2021-09-28] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
    Task: {FC176D6D-7626-420D-842F-06330EDA64E9} - System32\Tasks\CCleanerSkipUAC - sitewizard => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

    (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

    Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f5193d7c-ec85-4c91-807c-0ac3ea1cb730.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\update-S-1-5-21-606347907-599255135-1780284584-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
    Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

    ==================== Internet (gefilterd) ====================

    (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

    Hosts: Er is meer dan ÚÚn item in Hosts. Zie Hosts deel van Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
    Tcpip\..\Interfaces\{2d7cd5b5-ec9f-46f1-a4a0-b3db05fe0a75}: [DhcpNameServer] 195.130.131.5 195.130.130.5

    Edge:
    =======
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\sitewizard\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-05]
    Edge DownloadDir: Default -> C:\downloads
    Edge HomePage: Default -> hxxp://www.fvanca.be/
    Edge StartupUrls: Default -> "hxxp://www.freyavc.be/"
    Edge Extension: (Proper Menubar for Microsoft Edge) - C:\Users\sitewizard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mdffgnflikkenkkjhkgojbgkjabknlob [2022-02-28]
    Edge Extension: (uBlock Origin) - C:\Users\sitewizard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-02-21]
    Edge Extension: (AdGuard-advertentieblokkeerder) - C:\Users\sitewizard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-12-22]
    Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
    Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

    FireFox:
    ========
    FF DefaultProfile: y4g32w4u.default
    FF ProfilePath: C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\y4g32w4u.default [2022-02-26]
    FF ProfilePath: C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release [2023-03-05]
    FF DownloadDir: C:\downloads
    FF Homepage: Mozilla\Firefox\Profiles\f8efrzge.default-release -> hxxp://www.freyavc.be/
    FF Extension: (AdGuard-advertentieblokkeerder) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\adguardadblocker@adguard.com.xpi [2022-12-25]
    FF Extension: (FileCR Assistant) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\extension1@filecr.com.xpi [2022-10-05]
    FF Extension: (To Google Translate) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-03-18]
    FF Extension: (AdBlock - de beste advertentieblokker) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-12-23]
    FF Extension: (Language: English (US)) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2023-02-28]
    FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\marcoagpinto@mail.telepac.pt.xpi [2023-03-01]
    FF Extension: (uBlock Origin) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-02-28]
    FF Extension: (Malwarebytes Browser Guard) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-03-02]
    FF Extension: (Fall Puppy) - C:\Users\sitewizard\AppData\Roaming\Mozilla\Firefox\Profiles\f8efrzge.default-release\Extensions\{b74e6c60-9306-4a5a-b1cd-6911d5b44181}.xpi [2022-02-26]
    FF HKLM-x32\...\Firefox\Extensions: [{06222208-753B-418e-BB9D-12E2D5933ACB}] - C:\Program Files (x86)\4K Software\4K Downloader\4KD_FF.xpi
    FF Extension: (4K Downloader Extension) - C:\Program Files (x86)\4K Software\4K Downloader\4KD_FF.xpi [2019-06-01] [Verouderd] [niet getekend]
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software Xchange\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-606347907-599255135-1780284584-1003: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software Xchange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-606347907-599255135-1780284584-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-606347907-599255135-1780284584-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-606347907-599255135-1780284584-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    Chrome:
    =======
    CHR Profile: C:\Users\sitewizard\AppData\Local\Google\Chrome\User Data\Default [2023-03-05]
    CHR Extension: (Safe Torrent Scanner) - C:\Users\sitewizard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-01-04]
    CHR Extension: (Offline Documenten) - C:\Users\sitewizard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-13]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\sitewizard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-19]
    CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\sitewizard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-14]
    CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
    CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
    CHR HKLM-x32\...\Chrome\Extension: [jpnkpjikgipojkofgjjkfgdhfanggcdm] - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.25.4.8449\BVDChromeExt.crx [2023-02-25]

    ==================== Services (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2022-02-26] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
    R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4054248 2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
    R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2259720 2022-12-06] (Comodo Security Solutions -> Comodo)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Bestand niet getekend]
    S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2022-10-20] (IObit CO., LTD -> IObit)
    R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
    R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
    R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_abf7e4e84f20581c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

    ===================== Drivers (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [94720 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
    R3 ANVSOFT_WaveExtensible; C:\Windows\system32\drivers\ammvrtaudio.sys [38048 2019-12-24] (深圳市安韦尔软件技术有限公司 -> )
    S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [287744 2022-02-27] (Microsoft Corporation) [Bestand niet getekend]
    S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [154112 2022-02-27] (Microsoft Corporation) [Bestand niet getekend]
    S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
    R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
    R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    S1 crlscsi; C:\Windows\SysWow64\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [Bestand niet getekend]
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2022-03-11] (Glarysoft LTD -> Glarysoft Ltd)
    R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-29] (Intel Corporation -> Intel Corporation)
    R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
    R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2022-10-20] (IObit Information Technology -> IObit)
    R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2022-10-20] (IObit Information Technology -> IObit)
    R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2022-10-20] (IObit Information Technology -> IObit)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198112 2023-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-03-05] (Malwarebytes Inc. -> Malwarebytes)
    R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-18] (Microsoft Windows -> Microsoft Corporation)
    U0 Partizan; system32\drivers\Partizan.sys [X]

    ==================== NetSvcs (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    ==================== Een maand (aangemaakt) (gefilterd) =========

    (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

    2023-03-05 13:22 - 2023-03-05 13:23 - 000038887 _____ C:\Users\sitewizard\Desktop\FRST.txt
    2023-03-05 13:22 - 2023-03-05 13:23 - 000000000 ____D C:\FRST
    2023-03-05 13:22 - 2023-03-05 13:22 - 000000000 ____D C:\Users\sitewizard\Desktop\FRST-OlderVersion
    2023-03-05 13:21 - 2023-03-05 13:22 - 002378752 _____ (Farbar) C:\Users\sitewizard\Desktop\FRST64.exe
    2023-03-05 12:12 - 2023-03-05 12:12 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2023-03-04 12:12 - 2023-03-04 12:12 - 000000000 ____D C:\Users\sitewizard\AppData\LocalLow\Abylight Barcelona
    2023-03-04 12:05 - 2023-03-04 12:05 - 000002252 _____ C:\Users\sitewizard\Desktop\One Military Camp.exe - Snelkoppeling.lnk
    2023-03-03 18:32 - 2023-03-03 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
    2023-03-02 18:05 - 2023-03-02 18:29 - 000001285 _____ C:\Users\sitewizard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo Driver Updater.lnk
    2023-03-02 18:02 - 2023-03-02 18:02 - 000000000 ____D C:\Program Files\Ashampoo
    2023-03-02 13:32 - 2023-03-02 13:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2023-03-02 13:32 - 2023-03-02 13:32 - 000000000 ____D C:\Users\sitewizard\AppData\Local\mbam
    2023-03-02 13:32 - 2023-03-02 13:32 - 000000000 ____D C:\ProgramData\Malwarebytes
    2023-03-01 16:54 - 2023-03-01 16:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
    2023-03-01 16:32 - 2023-03-02 11:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2023-02-28 19:33 - 2023-02-28 19:33 - 000000000 ____D C:\Windows\LastGood.Tmp
    2023-02-28 19:31 - 2023-02-25 17:54 - 002172472 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
    2023-02-28 19:31 - 2023-02-25 17:54 - 002172472 _____ C:\Windows\system32\vulkaninfo.exe
    2023-02-28 19:31 - 2023-02-25 17:54 - 001607728 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
    2023-02-28 19:31 - 2023-02-25 17:54 - 001607728 _____ C:\Windows\SysWOW64\vulkaninfo.exe
    2023-02-28 19:31 - 2023-02-25 17:54 - 001487872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2023-02-28 19:31 - 2023-02-25 17:54 - 001479216 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
    2023-02-28 19:31 - 2023-02-25 17:54 - 001479216 _____ C:\Windows\system32\vulkan-1.dll
    2023-02-28 19:31 - 2023-02-25 17:54 - 001227264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2023-02-28 19:31 - 2023-02-25 17:54 - 001211440 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
    2023-02-28 19:31 - 2023-02-25 17:54 - 001211440 _____ C:\Windows\SysWOW64\vulkan-1.dll
    2023-02-28 19:31 - 2023-02-25 17:50 - 001534488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2023-02-28 19:31 - 2023-02-25 17:50 - 001193000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2023-02-28 19:31 - 2023-02-25 17:50 - 000851432 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
    2023-02-28 19:31 - 2023-02-25 17:50 - 000671744 _____ C:\Windows\system32\nvofapi64.dll
    2023-02-28 19:31 - 2023-02-25 17:50 - 000506352 _____ C:\Windows\SysWOW64\nvofapi.dll
    2023-02-28 19:31 - 2023-02-25 17:49 - 002163688 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2023-02-28 19:31 - 2023-02-25 17:49 - 001619968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2023-02-28 19:31 - 2023-02-25 17:49 - 000978432 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2023-02-28 19:31 - 2023-02-25 17:49 - 000758272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2023-02-28 19:31 - 2023-02-25 17:49 - 000741352 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
    2023-02-28 19:31 - 2023-02-25 17:48 - 013765632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2023-02-28 19:31 - 2023-02-25 17:48 - 011645952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2023-02-28 19:31 - 2023-02-25 17:48 - 006083568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2023-02-28 19:31 - 2023-02-25 17:48 - 005911552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
    2023-02-28 19:31 - 2023-02-25 17:48 - 003429872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2023-02-28 19:31 - 2023-02-25 17:48 - 000458280 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
    2023-02-28 19:31 - 2023-02-25 17:47 - 005835264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2023-02-28 19:31 - 2023-02-25 17:47 - 000853504 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
    2023-02-28 19:31 - 2023-02-25 17:46 - 006788440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2023-02-28 19:31 - 2023-02-25 03:00 - 000104256 _____ C:\Windows\system32\nvinfo.pb
    2023-02-25 22:28 - 2023-03-03 18:51 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Bigasoft Video Downloader Pro
    2023-02-25 22:28 - 2023-02-25 22:28 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
    2023-02-25 22:28 - 2023-02-25 22:28 - 000000000 ____D C:\Program Files (x86)\Bigasoft
    2023-02-23 16:41 - 2023-02-28 21:59 - 000000000 ____D C:\ProgramData\Hogwarts Legacy
    2023-02-23 16:41 - 2023-02-23 16:41 - 000000000 ____D C:\Users\sitewizard\AppData\Local\Phoenix
    2023-02-23 16:40 - 2023-02-23 16:40 - 000000397 _____ C:\Users\Public\Desktop\Play Hogwarts Legacy.lnk
    2023-02-23 16:40 - 2023-02-23 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hogwarts Legacy
    2023-02-23 12:04 - 2023-01-19 21:54 - 005162560 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw12.sys
    2023-02-23 12:04 - 2023-01-19 21:54 - 001470528 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter12.dll
    2023-02-20 11:22 - 2023-02-20 11:32 - 000003438 _____ C:\Windows\system32\Tasks\StartIsBack health check
    2023-02-20 11:21 - 2023-02-20 11:32 - 000000000 ____D C:\Program Files (x86)\StartIsBack
    2023-02-19 22:16 - 2023-02-19 22:16 - 000003840 _____ C:\Windows\system32\Tasks\CCleaner
    2023-02-19 22:16 - 2023-02-19 22:16 - 000000000 ____D C:\ProgramData\CCleaner
    2023-02-19 22:15 - 2023-02-19 22:15 - 000684984 _____ (Mozilla Foundation) C:\Users\sitewizard\AppData\LocalLow\freebl3.dll
    2023-02-19 22:15 - 2023-02-19 22:15 - 000627128 _____ (Mozilla Foundation) C:\Users\sitewizard\AppData\LocalLow\mozglue.dll
    2023-02-19 22:15 - 2023-02-19 22:15 - 000254392 _____ (Mozilla Foundation) C:\Users\sitewizard\AppData\LocalLow\softokn3.dll
    2023-02-19 21:49 - 2023-02-20 11:32 - 000003666 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
    2023-02-18 11:38 - 2023-02-18 11:38 - 000002092 _____ C:\Users\sitewizard\Desktop\Pharaoh.exe - Snelkoppeling.lnk
    2023-02-17 14:44 - 2023-02-19 21:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
    2023-02-15 22:02 - 2023-02-15 22:06 - 000000000 ___HD C:\$WinREAgent
    2023-02-15 16:14 - 2023-02-15 16:14 - 000000000 ____D C:\ProgramData\Zebra Technologies
    2023-02-15 15:48 - 2023-02-15 16:18 - 000000000 ____D C:\Users\Public\Documents\DesignStudio Projects
    2023-02-15 15:48 - 2023-02-15 15:48 - 000000000 ____D C:\Program Files\DIFX
    2023-02-15 15:48 - 2023-02-15 15:48 - 000000000 ____D C:\Program Files (x86)\Zebra Technologies
    2023-02-15 15:47 - 2023-02-15 16:14 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Zebra Technologies
    2023-02-15 15:47 - 2023-02-15 15:48 - 000000000 ____D C:\Users\Public\Documents\PrintStudio Projects
    2023-02-15 15:47 - 2023-02-15 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CardStudio2
    2023-02-10 18:26 - 2023-03-04 16:39 - 000003468 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-80888E616CBF5A1F87AE4E71C5668D48
    2023-02-06 14:20 - 2022-08-15 21:34 - 005019728 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw10.sys
    2023-02-06 14:20 - 2022-08-15 21:34 - 001677376 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter10.dll
    2023-02-05 22:16 - 2023-02-05 22:16 - 000000000 ____D C:\Users\sitewizard\AppData\LocalLow\cuidong

  9. #9
    Join Date
    Sep 2016
    Posts
    137
    3th and last part from FRST

    ==================== Een maand (gewijzigd) ==================

    (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

    2023-03-05 13:23 - 2022-02-27 15:10 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\uTorrent
    2023-03-05 13:21 - 2022-02-26 17:19 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
    2023-03-05 13:19 - 2022-02-26 16:23 - 000000000 ____D C:\Users\sitewizard\AppData\LocalLow\Mozilla
    2023-03-05 13:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2023-03-05 13:10 - 2022-02-26 16:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
    2023-03-05 13:02 - 2020-11-18 23:45 - 000000000 ____D C:\Windows\system32\SleepStudy
    2023-03-05 12:25 - 2022-02-26 16:01 - 000000000 ____D C:\Program Files (x86)\Google
    2023-03-05 12:25 - 2022-02-26 15:53 - 000000000 ____D C:\ProgramData\NVIDIA
    2023-03-05 12:19 - 2022-02-26 15:27 - 001771768 _____ C:\Windows\system32\PerfStringBackup.INI
    2023-03-05 12:19 - 2019-12-07 16:14 - 000786070 _____ C:\Windows\system32\perfh013.dat
    2023-03-05 12:19 - 2019-12-07 16:14 - 000154198 _____ C:\Windows\system32\perfc013.dat
    2023-03-05 12:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
    2023-03-05 12:17 - 2022-02-26 19:29 - 000000000 ____D C:\Users\sitewizard\AppData\Local\CrashDumps
    2023-03-05 12:14 - 2022-02-28 11:13 - 000000000 ____D C:\Program Files\CCleaner
    2023-03-05 12:12 - 2022-06-20 18:10 - 000000000 ____D C:\Users\sitewizard\AppData\LocalLow\IGDump
    2023-03-05 12:12 - 2022-02-26 15:24 - 000008192 ___SH C:\DumpStack.log.tmp
    2023-03-05 12:12 - 2020-11-19 00:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2023-03-05 12:11 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
    2023-03-04 21:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2023-03-04 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
    2023-03-04 20:46 - 2020-11-19 00:47 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2023-03-04 18:34 - 2022-02-26 18:41 - 000107064 _____ C:\Windows\system32\Drivers\fvstore.dat
    2023-03-04 12:12 - 2022-02-27 17:20 - 000000000 ____D C:\Users\sitewizard\AppData\Local\D3DSCache
    2023-03-04 11:22 - 2022-02-26 18:06 - 000000430 _____ C:\Windows\Tasks\update-S-1-5-21-606347907-599255135-1780284584-1003.job
    2023-03-03 19:10 - 2022-02-28 23:55 - 000208896 _____ C:\Users\sitewizard\AppData\Roaming\emp.bin
    2023-03-03 18:32 - 2022-02-26 18:06 - 000003426 _____ C:\Windows\system32\Tasks\update-S-1-5-21-606347907-599255135-1780284584-1003
    2023-03-03 18:32 - 2022-02-26 18:06 - 000000424 _____ C:\Users\sitewizard\AppData\Local\UserProducts.xml
    2023-03-03 14:31 - 2023-01-28 21:21 - 000000000 ____D C:\TEMP
    2023-03-03 14:31 - 2022-02-28 12:37 - 000000000 ____D C:\Windows\SysWOW64\directx
    2023-03-02 21:40 - 2020-11-19 00:47 - 000003730 _____ C:\Windows\system32\Tasks\MVRp1yVk9GiMijLRLcic6gsxVSQyeJPF7h
    2023-03-02 21:40 - 2020-11-19 00:47 - 000003606 _____ C:\Windows\system32\Tasks\MVRp1yVk9GiMijLRLcic6gsxVSQyeJPF7h
    2023-03-02 18:17 - 2020-11-18 23:45 - 002084312 _____ C:\Windows\system32\FNTCACHE.DAT
    2023-03-02 18:05 - 2022-02-28 22:24 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Ashampoo
    2023-03-02 18:02 - 2022-02-28 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
    2023-03-02 13:51 - 2023-01-08 19:39 - 000000000 ____D C:\ProgramData\Pinnacle
    2023-03-02 13:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
    2023-03-02 11:07 - 2022-02-26 16:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2023-03-01 17:51 - 2022-03-16 16:03 - 000000000 ____D C:\Program Files (x86)\Image-Line
    2023-03-01 17:51 - 2022-03-10 14:34 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
    2023-03-01 17:51 - 2022-03-10 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
    2023-03-01 16:54 - 2022-02-26 16:23 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2023-02-28 19:40 - 2022-03-12 18:02 - 000000000 ____D C:\ProgramData\ProductData
    2023-02-28 19:35 - 2022-02-26 16:10 - 000000000 ____D C:\Users\sitewizard\AppData\Local\NVIDIA
    2023-02-28 11:43 - 2022-02-26 16:01 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2023-02-27 15:57 - 2022-12-24 11:45 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\vlc
    2023-02-25 22:29 - 2022-03-15 16:33 - 000000000 ____D C:\Users\sitewizard\Documents\Bigasoft Video Downloader Pro
    2023-02-25 17:46 - 2022-12-09 00:47 - 007924696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2023-02-25 03:00 - 2022-02-26 15:53 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2023-02-24 01:38 - 2022-02-26 15:45 - 000000000 ____D C:\Users\sitewizard\AppData\Local\Packages
    2023-02-23 16:41 - 2022-03-15 22:36 - 000000000 ____D C:\Users\Public\Documents\EMPRESS
    2023-02-23 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
    2023-02-20 11:29 - 2022-02-26 15:44 - 000000000 ____D C:\Users\sitewizard
    2023-02-20 11:22 - 2022-02-26 16:50 - 000000000 ____D C:\Users\sitewizard\AppData\Local\StartIsBack
    2023-02-19 22:16 - 2022-02-26 18:19 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Thunderbird
    2023-02-18 11:21 - 2022-02-26 18:19 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
    2023-02-16 20:22 - 2022-12-15 20:23 - 000000000 ____D C:\Users\sitewizard\Documents\The Witcher 3
    2023-02-16 14:40 - 2022-09-21 10:47 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
    2023-02-15 22:25 - 2019-12-07 16:17 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
    2023-02-15 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
    2023-02-15 22:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
    2023-02-15 22:17 - 2020-11-19 00:47 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
    2023-02-15 21:52 - 2022-02-27 20:22 - 000000000 ____D C:\Windows\system32\MRT
    2023-02-15 21:47 - 2022-02-27 20:22 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2023-02-15 15:55 - 2022-02-26 17:09 - 000000000 ___RD C:\Users\sitewizard\programmas
    2023-02-15 15:28 - 2022-09-21 10:47 - 000003472 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
    2023-02-15 15:28 - 2022-02-28 11:13 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
    2023-02-13 00:21 - 2022-03-15 23:24 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\RenPy
    2023-02-09 18:31 - 2022-02-26 16:34 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:31 - 2022-02-26 16:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2023-02-09 18:31 - 2022-02-26 15:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2023-02-09 18:31 - 2022-02-26 15:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2023-02-09 18:30 - 2022-02-26 16:34 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:30 - 2022-02-26 16:34 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2023-02-09 18:28 - 2022-06-24 20:52 - 000000000 ____D C:\Program Files (x86)\Corel
    2023-02-04 20:21 - 2022-03-11 13:36 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Wise Registry Cleaner
    2023-02-04 19:49 - 2022-03-01 15:18 - 000000000 ____D C:\ProgramData\Corel
    2023-02-04 19:40 - 2022-03-12 15:01 - 000000000 ____D C:\Users\sitewizard\AppData\Roaming\Corel
    2023-02-04 19:40 - 2022-03-12 14:54 - 000000000 ____D C:\Program Files\Corel
    2023-02-04 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

    ==================== Bestanden in de root van sommige mappen ========

    2021-05-31 03:51 - 2021-05-31 03:51 - 000000277 _____ () C:\ProgramData\fontcacheev1.dat
    2022-04-02 14:52 - 2006-12-30 13:30 - 000140010 _____ () C:\Program Files (x86)\BiFilter2 manual.pdf
    2022-04-02 14:52 - 2008-07-28 15:00 - 000679936 _____ () C:\Program Files (x86)\BiFilter2.dll
    2022-03-16 17:29 - 2009-09-20 11:00 - 000000320 _____ () C:\Program Files (x86)\Fingerprint.t2k
    2022-03-16 17:29 - 2009-09-20 11:00 - 001730663 _____ () C:\Program Files (x86)\Gladiator DE.pdf
    2022-03-16 17:29 - 2009-09-20 11:00 - 001746205 _____ () C:\Program Files (x86)\Gladiator FR.pdf
    2022-03-16 17:29 - 2009-09-20 11:00 - 004785108 _____ () C:\Program Files (x86)\Gladiator IT.pdf
    2022-03-16 17:29 - 2009-09-20 11:00 - 001704856 _____ () C:\Program Files (x86)\Gladiator SP.pdf
    2022-03-16 17:29 - 2009-09-20 12:00 - 004272128 _____ (Tone2.com Audiosoftware) C:\Program Files (x86)\Gladiator.dll
    2022-03-16 17:29 - 2009-09-20 11:00 - 005137028 _____ () C:\Program Files (x86)\Gladiator.pdf
    2022-03-16 17:29 - 2009-09-20 11:00 - 000058083 _____ () C:\Program Files (x86)\Gladiator2.pdf
    2022-03-16 17:29 - 2009-09-20 11:00 - 000000319 _____ () C:\Program Files (x86)\Gladiator2.t2k
    2022-03-16 17:29 - 2009-09-20 11:00 - 000000319 _____ () C:\Program Files (x86)\Gladiator2exp1.t2k
    2022-03-16 17:29 - 2009-09-20 11:00 - 000000319 _____ () C:\Program Files (x86)\Gladiator2exp2.t2k
    2022-03-16 17:29 - 2009-09-20 11:00 - 000000319 _____ () C:\Program Files (x86)\Gladiator2exp3.t2k
    2022-03-16 17:29 - 2009-09-24 13:28 - 000000001 _____ () C:\Program Files (x86)\gladiatorskin.txt
    2022-04-01 12:35 - 2009-10-23 22:00 - 005811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll
    2022-03-16 17:29 - 2022-04-02 18:37 - 000168990 _____ () C:\Program Files (x86)\unins000.dat
    2022-03-16 17:29 - 2022-04-02 18:37 - 000696886 _____ () C:\Program Files (x86)\unins000.exe
    2022-04-02 14:52 - 2022-04-02 14:52 - 000001734 _____ () C:\Program Files (x86)\unins001.dat
    2022-04-02 14:52 - 2022-04-02 14:52 - 000684313 _____ () C:\Program Files (x86)\unins001.exe
    2023-01-08 20:45 - 2023-01-08 20:45 - 000000198 _____ () C:\Users\sitewizard\AppData\Roaming\DESKTOP-CLOTT6J.MTBF.txt
    2022-02-28 23:55 - 2023-03-03 19:10 - 000208896 _____ () C:\Users\sitewizard\AppData\Roaming\emp.bin
    2022-03-02 14:59 - 2022-03-02 14:59 - 000099384 _____ () C:\Users\sitewizard\AppData\Roaming\inst.exe
    2022-03-02 14:59 - 2022-03-02 14:59 - 000007859 _____ () C:\Users\sitewizard\AppData\Roaming\pcouffin.cat
    2022-03-02 14:59 - 2022-03-02 14:59 - 000001167 _____ () C:\Users\sitewizard\AppData\Roaming\pcouffin.inf
    2022-03-02 14:59 - 2022-03-02 14:59 - 000000055 _____ () C:\Users\sitewizard\AppData\Roaming\pcouffin.log
    2022-03-02 14:59 - 2022-03-02 14:59 - 000082816 _____ (VSO Software) C:\Users\sitewizard\AppData\Roaming\pcouffin.sys
    2022-02-26 18:06 - 2022-02-26 18:06 - 000000003 _____ () C:\Users\sitewizard\AppData\Local\updater.log
    2022-02-26 18:06 - 2023-03-03 18:32 - 000000424 _____ () C:\Users\sitewizard\AppData\Local\UserProducts.xml

    ==================== FCheck ================================

    (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

    FCheck: C:\Windows\SysWOW64\version_IObitDel.dll [2022-12-30] <==== AANDACHT (nul byte bestand/map)

    ==================== SigCheck ============================

    (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

    ==================== Einde van FRST.txt ========================

  10. #10
    Join Date
    Sep 2016
    Posts
    137
    Addition txt

    Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 05-03-2023
    Gestart door sitewizard (05-03-2023 13:24:09)
    Gestart vanaf C:\Users\sitewizard\Desktop
    Microsoft Windows 10 Pro Versie 22H2 19045.2604 (X64) (2022-02-26 14:35:50)
    Boot Modus: Normal
    ==========================================================


    ==================== Accounts: =============================


    (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

    Administrator (S-1-5-21-606347907-599255135-1780284584-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-606347907-599255135-1780284584-503 - Limited - Disabled)
    Gast (S-1-5-21-606347907-599255135-1780284584-501 - Limited - Disabled)
    sitewizard (S-1-5-21-606347907-599255135-1780284584-1003 - Administrator - Enabled) => C:\Users\sitewizard
    WDAGUtilityAccount (S-1-5-21-606347907-599255135-1780284584-504 - Limited - Disabled)

    ==================== Security Center ========================

    (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

    AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
    FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

    ==================== Ge´nstalleerde programma's ======================

    (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gede´nstalleerd worden.)

    ÁTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
    11th Hour (HKLM-x32\...\GOGPACK11H_is1) (Version: 2.0.0.14 - GOG.com)
    4K Downloader 4 (HKLM-x32\...\4K Downloader_is1) (Version: - 4K Software)
    7-Zip 16.03 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1603-000001000000}) (Version: 16.03.00.0 - Igor Pavlov)
    8GadgetPack (HKLM-x32\...\{6452120E-72FC-49D7-AB36-7042CC9746FB}) (Version: 31.0.0 - 8GadgetPack.net)
    Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_3_2) (Version: 23.3.2.458 - Adobe Inc.)
    Adobe Premiere Elements 10 (HKLM\...\{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
    Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
    Age of Empires IV (HKLM-x32\...\Age of Empires IV_is1) (Version: - )
    Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - )
    Ample Guitar M Lite II version 2.3.1 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.3.1 - Ample Sound Technology Co., Ltd.)
    Anno 1800 (HKLM-x32\...\Anno 1800_is1) (Version: - )
    Any Video Converter Ultimate 7.0.6 (HKLM-x32\...\Any Video Converter_is1) (Version: 7.0.6 - lrepacks.ru)
    AnyBurn 4.9 (HKLM\...\AnyBurn_is1) (Version: 4.9 - lrepacks.ru)
    Ashampoo Cover Studio 2017 (HKLM-x32\...\{91B33C97-6D7D-102A-7711-56C011AFB81B}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Driver Updater (HKLM\...\{0A11EA01-9351-AD68-8AFA-02337415E1F8}_is1) (Version: 1.5.2 - Ashampoo GmbH & Co. KG)
    Ashampoo Movie Studio Pro 3 (HKLM-x32\...\{91B33C97-1EC8-D22B-F678-6953B89CE924}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Photo Card v.1.0.0 (HKLM-x32\...\{C92AB6F1-EC2E-85C8-C6D7-5BB8C2F89C7F}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Photo Commander 15 (HKLM-x32\...\{0A11EA01-E0CE-916E-BC94-74670FA71836}_is1) (Version: 15.0.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Slideshow Studio 2017 (HKLM-x32\...\{91B33C97-41EE-3DB7-1FDD-5308E332AC28}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
    Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.2 - Ashampoo GmbH & Co. KG)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
    Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
    Assassin's Creed Origins (HKLM-x32\...\{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1) (Version: - Ubisoft)
    Assassins Creed Valhalla (HKLM-x32\...\Assassins Creed Valhalla_is1) (Version: 0.0.0 - DODI-Repacks)
    Assassin's Creed: Syndicate (HKLM-x32\...\Assassin's Creed: Syndicate_is1) (Version: - )
    AutoPlay Menu Builder 8.0 Build 2459 (HKLM-x32\...\AutoPlay Menu Builder 8.0 Build 2459) (Version: - )
    BiFilter v2.2 (HKLM-x32\...\Tone2 BiFilter2_is1) (Version: - )
    Bigasoft Video Downloader Pro 3.25.4.8449 (HKLM-x32\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation)
    BurnAware Professional version 15.0 (64-bit) (HKLM\...\BurnAware Professional_is1) (Version: 15.0 (64-bit) - M.A.G.)
    calibre 64bit (HKLM\...\{7F0FDECD-A5AF-4509-8E43-6FBED376FFA8}) (Version: 4.11.1 - Kovid Goyal)
    Camel Audio Alchemy (HKLM\...\Alchemy_is1) (Version: 1.55 - Team V.R)
    CardStudio 2.0™ (HKLM-x32\...\{87C54FD2-F856-49CD-899F-AB0EC868D923}) (Version: 2.5.13 - Zebra Technologies)
    CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
    CDMenuPro V6 (HKLM-x32\...\{A2651914-C1AF-4953-B1B7-46E7E50145FE}) (Version: 6.50.00.00 - KS-SW - Klaus Schwenk Software)
    Chasys Draw IES 4.80.01 (HKLM-x32\...\Chasys Draw IES) (Version: 4.80.01 - John Paul Chacha's Lab)
    Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
    Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
    Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 108.0.5359.95 - Comodo)
    COMODO Internet Security Premium (HKLM\...\{9D9A22A4-C382-4340-9843-AB8C54FC9D49}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
    COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
    COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}) (Version: 1.4.159.0 - COMODO) Hidden
    COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.4.478445.159 - Comodo)
    Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - )
    Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
    Corel Graphics - Windows Shell Extension (HKLM\...\_{76E381CE-5AD1-4A02-9CF4-B407B1BE9BE0}) (Version: 24.0.0.293 - Corel Corporation)
    Corel Graphics - Windows Shell Extension (HKLM\...\{76E381CE-5AD1-4A02-9CF4-B407B1BE9BE0}) (Version: 24.0.293 - Corel Corporation) Hidden
    Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{98CFADA3-527D-4A92-9160-EE463FCE95A5}) (Version: 24.0.293 - Corel Corporation) Hidden
    Corel Painter 2023 - Content (HKLM\...\{96C25A58-F676-4E23-95C8-D213AF1D24C8}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - Corex64 (HKLM\...\{ACDD2608-1BDB-4D60-BE1C-4298CF3DA5B2}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - CT (HKLM\...\{A9407672-0C4F-416F-BA23-CD0DF983C5A9}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - DE (HKLM\...\{B14596A4-5A52-4CF5-83BB-C96D8DA71903}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - EN (HKLM\...\{FA81C59A-AC15-445C-B458-A58989B1B91B}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - FR (HKLM\...\{A802D5FD-CA23-4C96-9382-EF8EFEF8A059}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - IPM (HKLM\...\{3D9F7CE8-8674-45A4-9D0D-C9072339DE3D}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - IPM Content (HKLM\...\{12BFEC0C-A3BF-4391-8DCC-B2A0531DBE03}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - JP (HKLM\...\{46B69DDB-E279-4352-BD1C-D614F5FCCA83}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - NNArtAssets (HKLM\...\{8C00EA42-36E4-497B-94F5-A3B96C724969}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - Painter (HKLM\...\{09FB3F14-4EE1-417A-953A-24E4711E90C6}) (Version: 23.0 - Corel Corporation) Hidden
    Corel Painter 2023 - Setup Files (HKLM\...\{F4F4E91D-7D4B-49C2-8C41-440198E47168}) (Version: 23.0.1 - Corel Corporation) Hidden
    Corel Painter 2023 (HKLM\...\_{F4F4E91D-7D4B-49C2-8C41-440198E47168}) (Version: 23.0.0.244 - Corel Corporation)
    Corel Painter Thumbnail Previewer (HKLM\...\{50139369-99B2-496A-8726-D3DC5D6D4235}) (Version: 18.0 - Corel Corporation)
    Corel PaintShop Pro 2022 (HKLM-x32\...\_{8C9BC7E4-5EEA-489D-B666-557A9428A018}) (Version: 24.0.0.113 - Corel Corporation)
    Corel Update Manager (HKLM\...\{451DE9E2-358B-404F-A534-4A6188ED3DF8}) (Version: 2.16.673 - Corel corporation) Hidden
    Corel Update Manager (HKLM\...\{4BAE1A4E-9E7A-4DEB-93DF-F2EB7539C3E2}) (Version: 2.16.673 - Corel corporation) Hidden
    Corel Update Manager (HKLM\...\{76A23204-7636-46EC-95B4-3815E5A61476}) (Version: 2.16.673 - Corel corporation) Hidden
    CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape)
    Deadly Dozen Reloaded (HKLM-x32\...\Deadly Dozen Reloaded_is1) (Version: - )
    Documentation Manager (HKLM\...\{FF48BA8B-1C56-4E08-B570-6871C226B38E}) (Version: 22.70.2.1 - Intel Corporation) Hidden
    DXGL 0.5.10 (HKLM-x32\...\DXGL) (Version: 0.5.10 - William Feely)
    Dying Light 2 (HKLM-x32\...\Dying Light 2_is1) (Version: - )
    Dynamic Application Loader Host Interface Service (HKLM\...\{439E5170-CFC8-4944-8119-746ECF219399}) (Version: 1.0.0.0 - Intel Corporation) Hidden
    eBook Converter Bundle 3.21.1003.430 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.21.1003.430 - eBook Converter Team)
    ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version: - Tone2)
    EveryonePiano 2.2 (HKLM-x32\...\EveryonePiano_is1) (Version: 2.2.10.16 - EveryonePiano.com)
    Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)
    Far Cry 6 (HKLM-x32\...\Far Cry 6_is1) (Version: - )
    FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse)
    Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
    FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
    FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
    Flame Painter 2.5.0 Pro (64bit) (HKLM\...\Flame Painter Pro (64bit)_is1) (Version: 2.5.0 - Escape Motions, s.r.o)
    FlashBrowser version 0.7 (HKLM-x32\...\{73E7F6CF-E0C5-42EC-BC35-1AB1A50D7BFF}_is1) (Version: 0.7 - AS3)
    Flip PDF Professional (HKLM-x32\...\Flip PDF Professional_is1) (Version: - FlipBuilder Solution)
    Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
    Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
    GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
    Gilisoft Video Converter Discovery Edition (HKLM-x32\...\{5A8E9895-569C-96E8-8CA1-1A665682E40C}_is1) (Version: 11.1.0 - GiliSoft International LLC.)
    Gladiator full (HKLM\...\Tone2 Gladiator full_is1) (Version: 2.5.0 - Tone2)
    Gladiator full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: 2.5.0 - Tone2)
    Glary Utilities 5.144.0.170 (HKLM-x32\...\Glary Utilities_is1) (Version: 5.144.0.170 - lrepacks.ru)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
    Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
    Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
    Groschengrab 3 (HKLM-x32\...\Groschengrab 3) (Version: - )
    Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
    Heat (HKLM\...\TinyISO - Heat) (Version: - TinyISO)
    Heroes Chronicles - Clash of the Dragons (HKLM-x32\...\1207661773_is1) (Version: 2.1.0.42 - GOG.com)
    Heroes Chronicles - Conquest of the Underworld (HKLM-x32\...\1207661753_is1) (Version: 2.1.0.43 - GOG.com)
    Heroes Chronicles - Masters of the Elements (HKLM-x32\...\1207661763_is1) (Version: 2.1.0.41 - GOG.com)
    Heroes Chronicles - Revolt of the Beastmasters (HKLM-x32\...\1207661803_is1) (Version: 2.1.0.42 - GOG.com)
    Heroes Chronicles - The Fiery Moon (HKLM-x32\...\1207661793_is1) (Version: 2.1.0.42 - GOG.com)
    Heroes Chronicles - The Sword of Frost (HKLM-x32\...\1207661813_is1) (Version: 2.1.0.42 - GOG.com)
    Heroes Chronicles - The World Tree (HKLM-x32\...\1207661783_is1) (Version: 2.1.0.42 - GOG.com)
    Heroes Chronicles - Warlords of the Wasteland (HKLM-x32\...\1207661743_is1) (Version: 2.1.0.42 - GOG.com)
    Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: 0.0.0 - DODI-Repacks)
    ICA (HKLM-x32\...\{8C9BC7E4-5EEA-489D-B666-557A9428A018}) (Version: 24.0.0.113 - Corel Corporation) Hidden
    Icecream Ebook Reader version 5.04 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.04 - Icecream Apps)
    Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
    Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AF8A5E6C-7485-47FB-9FE4-CF3B43FDB178}) (Version: 18.0.156 - Intel Corporation)
    Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
    Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
    Intel(R) LMS (HKLM\...\{DFFC9992-3A41-4155-A834-9831C6E58D98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2130.16.0.2387 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM\...\{FA6E1882-F6C1-47E1-A6CB-FC1F5460E311}) (Version: 1.0.0.0 - Intel Corporation) Hidden
    Intel(R) Management Engine Driver (HKLM\...\{38F0D70E-8F07-4BF9-A5E0-6946C3D614D8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
    Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
    Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
    Intel(R) Serial IO (HKLM\...\{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 - Intel Corporation) Hidden
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation)
    Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001070-0220-1043-84C8-B8D95FA3C8C3}) (Version: 22.70.1.1 - Intel Corporation)
    Intel« Software Installer (HKLM-x32\...\{6da9b536-2f8d-46a4-9273-1c84169218e8}) (Version: 22.70.2.1 - Intel Corporation) Hidden
    Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
    IObit Uninstaller (HKLM-x32\...\IObit Uninstaller Pro 10.4.0.13) (Version: - )
    IObit Uninstaller 12 (HKLM-x32\...\IObitUninstall) (Version: 12.2.0.7 - IObit)
    IPM_PSP_COM64 (HKLM\...\{9BAC7C47-8142-4703-8447-32C1A97517CC}) (Version: 24.0.0.113 - Corel Corporation) Hidden
    IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
    Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.01.0000 - Jasc Software Inc)
    Joyoshare HEIC Converter 2.0.0.13 (HKLM-x32\...\Joyoshare HEIC Converter_is1) (Version: - Joyoshare, Inc.)
    KC Softwares PhotoToFilm (HKLM-x32\...\KC Softwares PhotoToFilm_is1) (Version: 3.9.7.106 - KC Softwares)
    Kingdom Come Deliverance A Womans Lot (HKLM-x32\...\Kingdom Come Deliverance A Womans Lot_is1) (Version: - )
    Kingdom Come Deliverance The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\Kingdom Come Deliverance The Amorous Adventures ~9066B541_is1) (Version: - )
    Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504u - GOG.com)
    Kontakt 6 PORTABLE (HKLM\...\{9380734D-6F66-4F76-A7D3-6D117FAA4773}_is1) (Version: 6.0.4.64 - Native Instruments)
    LameACM (HKLM-x32\...\LameACM) (Version: - )
    Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
    Lula: The Sexy Empire (HKLM-x32\...\1443433575_is1) (Version: 1.69 F - GOG.com)
    Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - )
    Magic Flare 1.0 (HKLM-x32\...\MagicFlare_1.0) (Version: - )
    MAGIX Cloud Import (HKLM\...\{637FCBFD-7364-4D52-8485-B0487B4ABC09}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
    MAGIX Cloud Import (HKLM\...\MX.{637FCBFD-7364-4D52-8485-B0487B4ABC09}) (Version: 0.1.0.5 - MAGIX Software GmbH)
    MAGIX Movie Edit Pro Premium (HKLM\...\{E8193919-71ED-4D78-949F-1172D7D2B524}) (Version: 20.0.1.65 - MAGIX Software GmbH) Hidden
    MAGIX Movie Edit Pro Premium (HKLM\...\MX.{E8193919-71ED-4D78-949F-1172D7D2B524}) (Version: 20.0.1.65 - MAGIX Software GmbH)
    MAGIX Movie Edit Pro Premium (Migrate Content) (HKLM\...\{093F2C78-2F97-418B-A287-92AB026A19AD}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden
    MAGIX Movie Edit Pro Premium (Templates and effects) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe_Premium) (Version: 1.0.0.0 - MAGIX Software GmbH)
    Malwarebytes version 4.5.23.241 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.23.241 - Malwarebytes)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
    Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
    Microsoft Office Access MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0015-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0044-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (Dutch) 2007 (HKLM-x32\...\{90120000-001A-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office Proof (Dutch) 2007 (HKLM-x32\...\{90120000-001F-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (Dutch) 2007 (HKLM-x32\...\{90120000-002C-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0019-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (Dutch) 2007 (HKLM\...\{90120000-002A-0413-1000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (Dutch) 2007 (HKLM-x32\...\{90120000-006E-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (Dutch) 2007 (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
    Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
    Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 Finalizer (HKLM-x32\...\{5950473A-825B-3019-AF86-55F2F9A95FCB}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Franšais (HKLM\...\{BA14C6F7-A633-3E88-831B-FCC197A5A17D}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (HKLM\...\{36B98E65-CA52-348C-9ED7-77B926A16C2D}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (HKLM\...\{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (HKLM\...\{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (HKLM\...\{2F884A17-E051-3DB7-B093-6274C98740F6}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (HKLM\...\{73A64813-E631-3807-8E78-BA679EDA09A8}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (HKLM\...\{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (HKLM\...\{FB501A6E-CA6D-36DA-8860-17F0E6D89155}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (HKLM\...\{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (HKLM-x32\...\{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (HKLM-x32\...\{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Franšais (HKLM-x32\...\{3371699A-C1EF-3AC3-B094-D338191FA6E9}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (HKLM-x32\...\{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (HKLM-x32\...\{955E1388-E1F1-320A-A018-24616ED60F95}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (HKLM-x32\...\{859C7535-6862-3867-B97E-816795E8AB65}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (HKLM-x32\...\{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (HKLM-x32\...\{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (HKLM-x32\...\{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{10AB056B-1B8C-3E9E-95CC-43C33EB88513}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{AB46A6EF-12D2-3146-A38D-1D6FF1AFFF69}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
    Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Movavi Video Converter Premium 20.2.1 (HKLM\...\Movavi Video Converter Premium_is1) (Version: 20.2.1 - lrepacks.ru)
    Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 110.0.1 (x64 nl)) (Version: 110.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.6.1 - Mozilla)
    Mozilla Thunderbird (x64 nl) (HKLM\...\Mozilla Thunderbird 102.8.0 (x64 nl)) (Version: 102.8.0 - Mozilla)
    MSVCRT Redists (HKLM\...\{400D21B0-FE3E-11E8-9A7B-00155D6302F2}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
    MSVCRT Redists (HKLM\...\{84E336E1-F7A1-11EA-AFD6-00155D8D255C}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
    MSVCRT Redists (HKLM\...\{96B4EEDE-9175-11E6-A113-F4A5ED4DBF67}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
    Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
    Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
    Native Instruments Pro-53 (HKLM-x32\...\Native Instruments Pro-53) (Version: - )
    Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
    Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
    NeoPaint 5 (HKLM-x32\...\{5F570C20-4946-4DE8-9E38-DE81BB0BE484}_is1) (Version: 5.12 - NeoSoft Corp.)
    nGlide 2.10 (HKLM-x32\...\nGlide) (Version: 2.10 - Zeus Software)
    NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
    NVIDIA Grafisch stuurprogramma 531.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.18 - NVIDIA Corporation)
    NVIDIA HD Audio-stuurprogramma 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
    NVIDIA PhysX Systeem Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
    Old Classic Calculator for Windows 11 and Windows 10 (HKLM\...\Old Classic Calculator for Windows 11 and Windows 10_is1) (Version: 2.0 - Winaero)
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.0 - Tracker Software Products Ltd)
    PDF-XChange Editor (HKLM\...\{1DCFF983-646E-4C0D-AE8A-71E99D32DA35}) (Version: 7.0.323.0 - Tracker Software Products (Canada) Ltd.) Hidden
    PDF-XChange Editor (HKLM-x32\...\{185f3d60-b106-4c66-8821-d8ea747819b4}) (Version: 7.0.323.0 - Tracker Software Products (Canada) Ltd.)
    Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
    Pinnacle 3D Title Editor (HKLM\...\{7A863778-80BD-420B-B50B-BF3DD62DBC8A}) (Version: 1.0.10.302 - Corel Corporation)
    Pinnacle Script (HKLM\...\{FEE78E4C-66AA-4BB1-BFFF-E89CA607AC66}) (Version: 1.0 - Corel Corporation) Hidden
    PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
    Proxy2Service version 1.3 (HKLM-x32\...\{BB109C2A-65AA-4508-A395-3769700D927E}}_is1) (Version: 1.3 - )
    PSPPContent (HKLM-x32\...\{682A61B4-9986-42E1-A555-2F3998933BB4}) (Version: 24.0.0.113 - Corel Corporation) Hidden
    PSPPHelp (HKLM-x32\...\{84D6A405-BAE5-40C7-A200-99213338F096}) (Version: 24.0.0.113 - Corel Corporation) Hidden
    PSPPro64 (HKLM\...\{10329320-4334-4FD9-AE6B-6633E5DA9638}) (Version: 24.0.0.113 - Corel Corporation) Hidden
    Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9198.1 - Realtek Semiconductor Corp.)
    Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: v.1.0.1436.28 - Decepticon)
    reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
    Registry Repair 5.0.1.130 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.130 - Glarysoft Ltd)
    Restore Windows Photo Viewer for Windows 10 (HKLM\...\Restore Windows Photo Viewer for Windows 10_is1) (Version: - Authorsoft Corporation)
    RonyaSoft CD DVD Label Maker 3.02 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 3.02 - RonyaSoft)
    Saints Row 2022 Platinum Edition MULTi15 - ElAmigos version 1.1.2 (HKLM-x32\...\{99FDDD5E-A48F-41EE-B6AA-26890C31B412}_is1) (Version: 1.1.2 - Deep Silver)
    Setup (HKLM-x32\...\{AC60903B-BF30-4312-B839-BAF94C3B9906}) (Version: 24.0.0.113 - Uw bedrijfsnaam) Hidden
    ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.1.0 - ShareX Team)
    ShowRoom for PowerPoint (HKLM-x32\...\ShowRoom) (Version: - GlobFX Technologies)
    SiteSpinner Pro V2 (HKLM-x32\...\{334AB98D-DE72-4A9E-A486-2F12AC2FA111}) (Version: 2.91.0 - Virtual Mechanics)
    SiteSpinner V2 (HKLM-x32\...\{01ADD994-DF5D-4AC6-83EE-D40EF5EDDBFF}) (Version: 2.92.17 - Virtual Mechanics)
    Sleeping Dogs: Definitive Edition (HKLM-x32\...\1741843789_is1) (Version: 1.0 - GOG.com)
    SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
    SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
    SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
    SmartSound Sonicfire Pro 5 (HKLM-x32\...\{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) Hidden
    SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
    Sniper Elite 4 (HKLM\...\Sniper Elite 4_is1) (Version: 1.5.0 - )
    SolSuite 2019 19.7 (HKLM-x32\...\SolSuite 2019_is1) (Version: 19.7 - lrepacks.ru)
    StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.9.17 - startisback.com)
    Stronghold: Warlords (HKLM-x32\...\1491012905_is1) (Version: 1.11.24176 - GOG.com)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
    SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
    Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
    SWiSH Max4 (HKLM-x32\...\SWiSH Max4) (Version: 10.10.29.100 - SWiSHzone.com)
    SWiSHmax (HKLM-x32\...\SWiSHmax) (Version: - )
    Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version: - )
    Synfr Cleaner (HKLM-x32\...\{3594B206-6B25-4D41-8D41-D53CB87EA601}_is1) (Version: 2.9.2.5 - Synfr)
    TBS Cover Editor 2.1 (HKLM-x32\...\{0F99457D-9D88-4CB8-8E7D-5B7C464CA8CE}}_is1) (Version: 2.1 - trueboxshot.com)
    The 7th Guest (HKLM-x32\...\GOGPACKT7G_is1) (Version: 2.0.0.17 - GOG.com)
    The Settlers 7 - Paths to a Kingdom (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
    Thunderbird Backup Wizard (HKU\S-1-5-21-606347907-599255135-1780284584-1003\...\Thunderbird Backup Wizard_is1) (Version: - BitRecover)
    ThunderSoft SWF to GIF Converter (4.3.0.0) (HKLM-x32\...\ThunderSoft SWF to GIF Converter_is1) (Version: 4.3.0.0 - ThunderSoft)
    Tone2 Gladiator (HKLM\...\Gladiator_is1) (Version: 3.1.0 - Tone2)
    Tone2 Gladiator VSTi v2.2 (HKLM-x32\...\Tone2 Gladiator VSTi_is1) (Version: - )
    Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
    TunesKit AceMovi 2.1.0.19 (HKLM-x32\...\TunesKit AceMovi_is1) (Version: - TunesKit, Inc.)
    UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
    UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
    UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
    Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
    UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
    VEGAS Pro 14.0 (64-bit) (HKLM\...\{92EC7530-9175-11E6-A34B-F4A5ED4DBF67}) (Version: 14.0.178 - VEGAS)
    VEGAS Pro 16.0 (HKLM\...\{3D82310F-FE3E-11E8-9448-00155D6302F2}) (Version: 16.0.352 - VEGAS)
    VEGAS Pro 18.0 (HKLM\...\{82C2EEEE-F7A1-11EA-B428-00155D8D255C}) (Version: 18.0.334 - VEGAS)
    VLC media player (HKLM\...\{B022B1C5-D067-42CB-98E2-D965E4D74CFE}) (Version: 3.0.18.0 - VideoLAN)
    VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.69 - VSO Software)
    W10Privacy (HKLM-x32\...\W10Privacy) (Version: 3.7.0.9 - Bernd Schuster)
    WarCraft III: Reforged (HKLM-x32\...\WarCraft III: Reforged_is1) (Version: - )
    Watch Dogs Legion (HKLM-x32\...\Watch Dogs Legion_is1) (Version: - )
    Watch_Dogs 2 (HKLM-x32\...\Watch_Dogs 2_is1) (Version: 1.07.141 - Ubisoft)
    WebPconv (HKLM-x32\...\{A2357BB1-25C3-4290-B57A-84C5D8ACE564}) (Version: 6.0 - Romeolight)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation)
    Windows-stuurprogrammapakket - Elatec (Bus) USB (01/18/2019 5.3.0.30) (HKLM\...\64CCEC68EC66DB49F04744E1041F2DFC8F58A2D5) (Version: 01/18/2019 5.3.0.30 - Elatec)
    Windows-stuurprogrammapakket - Elatec (twn4ccidslot) SmartCardReader (01/18/2019 5.3.0.30) (HKLM\...\7151742677BB31E5AED79FD9EFD67812BE4A936F) (Version: 01/18/2019 5.3.0.30 - Elatec)
    WinRAR 5.80 (HKLM\...\WinRAR_is1) (Version: 5.80 - lrepacks.ru)
    Wise Registry Cleaner 10.5.1 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.5.1 - WiseCleaner.com, Inc.)
    Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
    Wondershare Flash Gallery Factory Deluxe 5.2.1.15 (HKLM-x32\...\Wondershare Flash Gallery Factory Deluxe_is1) (Version: 5.2.1.15 - Wondershare Software Co.,Ltd.)
    Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
    Wondershare UniConverter 12.5.3.1 (HKLM\...\Wondershare UniConverter_is1) (Version: 12.5.3.1 - lrepacks.ru)
    Wondershare Video Editor(Build 3.5.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
    Xara Designer Pro+ (HKLM\...\Xara Designer Pro+21.0) (Version: 21.0 - Xara Group Ltd)
    XnView 2.49.3 (HKLM-x32\...\XnView_is1) (Version: 2.49.3 - Gougelet Pierre-e)
    XnViewMP 0.94.2 (HKLM\...\XnViewMP_is1) (Version: 0.94.2 - Gougelet Pierre-e)
    Yasisoft GIF Animator version 3.0 (HKLM-x32\...\{87057CBC-72C9-46BF-BE22-FF6836854762}_is1) (Version: 3.0 - Yasisoft, Inc.)
    YouTube Downloader Pro 7 (HKLM-x32\...\YouTube Downloader Pro_is1) (Version: - Jerry Software)
    YouTube Video Downloader Pro 5 (HKLM-x32\...\YouTube Video Downloader Pro_is1) (Version: - Robin Software)
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

  11. #11
    Join Date
    Sep 2016
    Posts
    137
    part 2 from addition

    Packages:
    =========
    AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation)
    Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.47.3.0_x64__6rarf9sa4v8jt [2023-03-04] (Disney)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-27] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-27] (Microsoft Corporation) [MS Ad]
    NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2023-02-28] (NVIDIA Corp.)
    Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2022-02-27] (Realtek Semiconductor Corp)
    Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-02-08] (Microsoft Studios) [MS Ad]
    Uitbreiding voor MPEG-2-video -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-27] (Microsoft Corporation)
    Ultra File Opener -> C:\Program Files\WindowsApps\D5BE6627.371995F5E41A5_7.2.7.0_x86__9pm2v9747qaaa [2022-04-14] (CompuClever Systems Inc.)
    WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
    WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

    ==================== Aangepaste CLSID (gefilterd): ==============

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    CustomCLSID: HKU\S-1-5-21-606347907-599255135-1780284584-1003_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\sitewizard\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Bestand niet getekend]
    CustomCLSID: HKU\S-1-5-21-606347907-599255135-1780284584-1003_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\sitewizard\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Bestand niet getekend]
    CustomCLSID: HKU\S-1-5-21-606347907-599255135-1780284584-1003_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro+\DesignerPro.exe (The Xara Group Limited -> Xara Group Ltd.)
    CustomCLSID: HKU\S-1-5-21-606347907-599255135-1780284584-1003_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro+\DesignerPro.exe (The Xara Group Limited -> Xara Group Ltd.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
    ContextMenuHandlers1: [4KSoftware.4KConverter] -> {CB28D537-83EB-4054-95A0-D4A24FBD9DE6} => C:\Program Files (x86)\4K Software\4K Downloader\4KC_WS.dll [2019-06-01] (4K Software) [Bestand niet getekend]
    ContextMenuHandlers1: [4KSoftware.4KPlayer] -> {58EE134C-3097-4DFF-9AE2-084F818E44AE} => C:\Program Files (x86)\4K Software\4K Downloader\4KP_WS.dll [2019-06-01] (4K Software) [Bestand niet getekend]
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
    ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
    ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers1: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [Bestand niet getekend]
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
    ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2017-11-30] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers2: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [Bestand niet getekend]
    ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
    ContextMenuHandlers4: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2013-06-25] (GlobalSCAPE, Inc.) [Bestand niet getekend]
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
    ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_abf7e4e84f20581c\nvshext.dll [2023-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [4KSoftware.4KConverter] -> {CB28D537-83EB-4054-95A0-D4A24FBD9DE6} => C:\Program Files (x86)\4K Software\4K Downloader\4KC_WS.dll [2019-06-01] (4K Software) [Bestand niet getekend]
    ContextMenuHandlers6: [4KSoftware.4KPlayer] -> {58EE134C-3097-4DFF-9AE2-084F818E44AE} => C:\Program Files (x86)\4K Software\4K Downloader\4KP_WS.dll [2019-06-01] (4K Software) [Bestand niet getekend]
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [Bestand niet getekend]
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
    ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2020-06-14] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
    ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

    ==================== Codecs (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

    HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Bestand niet getekend]
    HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [202752 2008-03-01] (hxxp://www.mp3dev.org/) [Bestand niet getekend]
    HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Bestand niet getekend]

    ==================== Snelkoppelingen & WMI ========================

    ==================== Geladen Modules (gefilterd) =============

    2023-01-08 19:39 - 2023-01-08 19:39 - 000285440 _____ () [Bestand niet getekend] C:\Program Files (x86)\IObit\IObit Uninstaller\wtsapi32.dll
    2022-03-15 15:50 - 2019-06-01 13:50 - 000055296 _____ (4K Software) [Bestand niet getekend] C:\Program Files (x86)\4K Software\4K Downloader\4KC_WS.dll
    2022-03-15 15:50 - 2019-06-01 13:50 - 000055296 _____ (4K Software) [Bestand niet getekend] C:\Program Files (x86)\4K Software\4K Downloader\4KP_WS.dll
    2022-12-30 12:52 - 1831-01-23 01:50 - 005563392 _____ (ActVerę«™) [Bestand niet getekend] C:\Program Files (x86)\IObit\IObit Uninstaller\version.dll
    2022-12-30 12:53 - 2022-12-30 12:42 - 000279088 _____ (Created by bb2018) [Bestand niet getekend] C:\Program Files (x86)\IObit\IObit Uninstaller\bb2018.dll
    2022-02-27 13:22 - 2013-06-25 10:02 - 000239104 ____N (GlobalSCAPE, Inc.) [Bestand niet getekend] C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll
    2022-02-26 21:47 - 2019-10-17 08:38 - 000645120 _____ (Helmut Buhler) [Bestand niet getekend] C:\Program Files\Windows Sidebar\dwmapi.dll
    2016-09-28 13:54 - 2016-09-28 13:54 - 000076800 _____ (Igor Pavlov) [Bestand niet getekend] C:\Program Files\7-Zip\7-zip.dll

    ==================== Alternate Data Streams (gefilterd) ========

    ==================== Veilige Modus (gefilterd) ==================

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Bestandskoppeling (gefilterd) =================

    (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)

    HKU\S-1-5-21-606347907-599255135-1780284584-1003\Software\Classes\regfile: regedit.exe "%1" <==== AANDACHT

    ==================== Internet Explorer (gefilterd) ==========

    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
    BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
    BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-08-21] (Comodo Security Solutions, Inc. -> COMODO)
    Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2022-02-27] () [Bestand niet getekend]
    Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2022-02-27] () [Bestand niet getekend]

    ==================== Hosts inhoud: =========================

    (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

    2019-12-07 10:14 - 2022-10-30 12:03 - 000003070 _____ C:\Windows\system32\drivers\etc\hosts
    127.0.0.1 reg.wisecleaner.com
    127.0.0.1 keystone.mwbsys.com
    127.0.0.1 telemetry.malwarebytes.com
    127.0.0.1 checkhost.local
    127.0.0.1 checkhost.local
    127.0.0.1 checkhost.local
    109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
    109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
    127.0.0.1 checkhost.local
    127.0.0.1 checkhost.local
    109.94.209.70 fitgirlrepack.games # Fake FitGirl site
    109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
    127.0.0.1 checkhost.local
    109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
    127.0.0.1 checkhost.local
    109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
    109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
    109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
    109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
    109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
    109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
    109.94.209.70 fitgirl-repack.com # Fake FitGirl site
    127.0.0.1 checkhost.local
    127.0.0.1 checkhost.local
    109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
    109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
    109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
    109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
    109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
    127.0.0.1 checkhost.local

    ==================== Andere gebieden ===========================

    (Momenteel is er geen automatische fix voor dit onderdeel.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;%INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\
    HKU\S-1-5-21-606347907-599255135-1780284584-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-21-606347907-599255135-1780284584-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-21-606347907-599255135-1780284584-1003\Control Panel\Desktop\\Wallpaper -> K:\pictures\mijn jpg en avatars\freya kurt sloebertje flavie glasbol aan zee.jpg
    DNS Servers: 195.130.131.5 - 195.130.130.5
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is ingeschakeld.

    Network Binding:
    =============
    Bluetooth-netwerkverbinding: COMODO Internet Security Firewall Driver -> inspect (enabled)
    Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
    Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

    ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

    ==================== Firewall regels (gefilterd) ================

    (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    FirewallRules: [{5AC212C0-4B44-48DC-B7B8-62A6364A8809}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{4D6EBD1B-345D-4102-89D3-FBEAD21EDFEC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{C2E479E2-D2C1-451C-AAC8-6F3045F05DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [{44E3B5B5-96EC-4681-8617-279B82A24104}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [{11B3D1B4-808C-4A7E-94F0-7D09FF69039D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
    FirewallRules: [{B524B505-3605-4282-9F65-0D615AAF491F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
    FirewallRules: [TCP Query User{8EAE32B6-206A-4B29-B147-8381FC990785}C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{B1D2B850-A4D7-4163-83C9-BC458F827D27}C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [{76EBBE71-B750-4117-99B7-01BEEEE1D248}] => (Allow) H:\Mr DJ\Far Cry 4\bin\FarCry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
    FirewallRules: [{C2E0275E-D8B5-458C-8908-9774D24358EA}] => (Allow) H:\Mr DJ\Far Cry 4\bin\FarCry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
    FirewallRules: [{DD648811-EA5D-4D26-A35B-859F784B9CD1}] => (Allow) D:\The Settlers 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH -> Blue Byte GmbH)
    FirewallRules: [{5AD29600-C74E-402F-9CDF-78D474ECC7E5}] => (Allow) D:\The Settlers 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH -> Blue Byte GmbH)
    FirewallRules: [TCP Query User{BB774957-2A71-43CA-9943-710E49349610}H:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) H:\games\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{F9380C54-261D-4924-A040-0BFA3F61E685}H:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) H:\games\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{A2C886FB-C804-4919-8329-8E1F5A56BF64}H:\games\age of empires iii definitive edition\battleserver.exe] => (Block) H:\games\age of empires iii definitive edition\battleserver.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{636707DC-17C3-4547-A122-FB7A4B70A9A0}H:\games\age of empires iii definitive edition\battleserver.exe] => (Block) H:\games\age of empires iii definitive edition\battleserver.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{0B7D5AD9-F6AE-4C05-8BFE-DACD243AFD29}L:\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe] => (Block) L:\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
    FirewallRules: [UDP Query User{045CFBB2-BFC3-4467-9F3A-CC5CDEF9B255}L:\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe] => (Block) L:\skidrowreloaded\2019\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
    FirewallRules: [TCP Query User{C5636399-C5EF-4C74-AD1F-8C0C77F95F07}H:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) H:\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
    FirewallRules: [UDP Query User{FCE0D739-E993-4BBA-948C-89869057E24E}H:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) H:\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
    FirewallRules: [TCP Query User{18A96AC1-BF31-4ECD-A5A0-80101AE6F995}C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{AB113A47-38F6-43DD-9D1B-F2CB152B0AD6}C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sitewizard\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [TCP Query User{F229632E-BF2E-453E-904C-5F051A30A850}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [UDP Query User{E73004CB-D715-4C83-94E6-600ADF4A987C}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [TCP Query User{299132FD-4E4F-42AF-985E-9D174D6E5965}D:\heat\heat.exe] => (Block) D:\heat\heat.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{4DA985E0-D4E9-41BB-A31F-F3715ADF5C46}D:\heat\heat.exe] => (Block) D:\heat\heat.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{8E6D2A6B-4B40-4171-B758-97BF7781D296}D:\games\anno 1800\bin\win64\anno1800.exe] => (Block) D:\games\anno 1800\bin\win64\anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft) [Bestand niet getekend]
    FirewallRules: [UDP Query User{D5A19E6A-E7BD-4470-9AB7-11E72D15E8D1}D:\games\anno 1800\bin\win64\anno1800.exe] => (Block) D:\games\anno 1800\bin\win64\anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft) [Bestand niet getekend]
    FirewallRules: [TCP Query User{769EA462-4B76-42BA-A45C-F1C1F538E334}L:\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) L:\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe (CI Games S.A.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{F4B23B2A-DC89-453D-8393-A39EB68D05D6}L:\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) L:\skidrowreloaded\2021\sniper.ghost.warrior.contracts.2.v09.09.2021-p2p\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe (CI Games S.A.) [Bestand niet getekend]
    FirewallRules: [{F56322DE-3C37-481D-8C7E-B7F3200B2C74}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
    FirewallRules: [{DBCA0A7B-9475-4408-80B4-DF65FD091D36}] => (Allow) C:\Program Files\MAGIX\Movie Edit Pro Premium\2021\Videodeluxe.exe (MAGIX Software GmbH) [Bestand niet getekend]
    FirewallRules: [TCP Query User{F32ED446-6B1F-4E04-8D3E-73120F477993}D:\state of decay 2 - juggernaut edition\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) D:\state of decay 2 - juggernaut edition\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe => Geen bestand
    FirewallRules: [UDP Query User{B8D4EBE8-7F6C-467A-BABC-3BE20D02753A}D:\state of decay 2 - juggernaut edition\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) D:\state of decay 2 - juggernaut edition\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe => Geen bestand
    FirewallRules: [TCP Query User{D804191F-AC8E-4349-A598-3B260380414A}D:\borderlands2\borderlands 2\binaries\win32\borderlands2.exe] => (Block) D:\borderlands2\borderlands 2\binaries\win32\borderlands2.exe (Valve Corp. -> Take-Two Interactive Software, Inc.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{3504EAE8-C5BF-4B81-823A-9C8F71E121CD}D:\borderlands2\borderlands 2\binaries\win32\borderlands2.exe] => (Block) D:\borderlands2\borderlands 2\binaries\win32\borderlands2.exe (Valve Corp. -> Take-Two Interactive Software, Inc.) [Bestand niet getekend]
    FirewallRules: [TCP Query User{E6CF9B16-A1F0-4446-A42B-2C5F7C6128F2}H:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) H:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe (CI Games S.A.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{880268F3-699D-4E4E-B7CC-F076BC0DFC85}H:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) H:\skidrow reloaded\2017\sniper.ghost.warrior.3.spe.steamrip-fisher\sniper ghost warrior 3\win_x64\sgw3.exe (CI Games S.A.) [Bestand niet getekend]
    FirewallRules: [TCP Query User{3C1E02C4-F073-4A8D-A911-A00C0B9AC402}K:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) K:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{29A05B8F-E5A2-44E4-B90E-5FC28B7D2954}K:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe] => (Block) K:\ancient.cities.biological.fa mily.early.access 08 02 2022\ancient cities\art\bin\x64\ancient.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{0BB44F70-A4F5-42B1-970B-8870E6C65E01}D:\games\age of empires iv\reliccardinal.exe] => (Block) D:\games\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
    FirewallRules: [UDP Query User{9DBDC606-2699-42C4-B56D-3110E62459C8}D:\games\age of empires iv\reliccardinal.exe] => (Block) D:\games\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
    FirewallRules: [TCP Query User{E31E5633-0137-439E-BF28-217ED429DC6B}C:\program files (x86)\flashbrowser\flashbrowser.exe] => (Block) C:\program files (x86)\flashbrowser\flashbrowser.exe (AS3) [Bestand niet getekend]
    FirewallRules: [UDP Query User{0B6C900D-339E-4FB5-B89B-1A10F8A91AD6}C:\program files (x86)\flashbrowser\flashbrowser.exe] => (Block) C:\program files (x86)\flashbrowser\flashbrowser.exe (AS3) [Bestand niet getekend]
    FirewallRules: [TCP Query User{9E6D06A7-3A57-40F7-B2B4-99E39B92A665}I:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) I:\games\tom clancy's ghost recon wildlands\grw.exe => Geen bestand
    FirewallRules: [UDP Query User{B9A26795-D17E-4230-A07A-B8EC2AE80D37}I:\games\tom clancy's ghost recon wildlands\grw.exe] => (Block) I:\games\tom clancy's ghost recon wildlands\grw.exe => Geen bestand
    FirewallRules: [TCP Query User{A9754346-3E1B-4DAF-A1FA-DF467518AA10}E:\age.of.empires.ii.definitive.edition.dynasties.of.india-goldberg\age of empires ii definitive edition\aoe2de_s.exe] => (Block) E:\age.of.empires.ii.definitive.edition.dynasties.of.india-goldberg\age of empires ii definitive edition\aoe2de_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
    FirewallRules: [UDP Query User{20311BE0-09FF-41AF-85CB-04729AD35E9C}E:\age.of.empires.ii.definitive.edition.dynasties.of.india-goldberg\age of empires ii definitive edition\aoe2de_s.exe] => (Block) E:\age.of.empires.ii.definitive.edition.dynasties.of.india-goldberg\age of empires ii definitive edition\aoe2de_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
    FirewallRules: [TCP Query User{0D44BB24-8959-4407-B435-C06B7F2C96C9}D:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Block) D:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [UDP Query User{D890A535-52B0-439E-A85D-E360E1B36A34}D:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Block) D:\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [TCP Query User{D501C41C-01EA-459A-9B20-BB5B4C49D3F5}D:\far cry 6\bin\farcry6.exe] => (Block) D:\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [Bestand niet getekend]
    FirewallRules: [UDP Query User{7F3D3DA9-6088-4279-85FE-973E90262112}D:\far cry 6\bin\farcry6.exe] => (Block) D:\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [Bestand niet getekend]
    FirewallRules: [TCP Query User{48D4FB62-8F5F-4A27-96D4-36BC48F93102}H:\games\age of empires definitive edition\aoede_s.exe] => (Block) H:\games\age of empires definitive edition\aoede_s.exe (Microsoft Corporation) [Bestand niet getekend]
    FirewallRules: [UDP Query User{5A196152-9B5B-49DF-A232-EC37F1771956}H:\games\age of empires definitive edition\aoede_s.exe] => (Block) H:\games\age of empires definitive edition\aoede_s.exe (Microsoft Corporation) [Bestand niet getekend]
    FirewallRules: [TCP Query User{D612668B-19C8-4175-9D16-E9838A930109}H:\games\age of empires definitive edition\battleserver.exe] => (Block) H:\games\age of empires definitive edition\battleserver.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{EF671E53-A7B7-49EB-86CE-585F63CDAC18}H:\games\age of empires definitive edition\battleserver.exe] => (Block) H:\games\age of empires definitive edition\battleserver.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{47797424-1B79-4E0A-A35D-77DBB4C54739}L:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Allow) L:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe (Microsoft Corporation) [Bestand niet getekend]
    FirewallRules: [UDP Query User{9B56B401-40B0-4F81-97FB-2F18A2B797A1}L:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe] => (Allow) L:\skidrowreloaded\2019\age.of.empires.ii.hd.v5.8\age of empires ii hd\aok hd.exe (Microsoft Corporation) [Bestand niet getekend]
    FirewallRules: [TCP Query User{C7BDDEC3-5753-498E-BC4B-929837A2C52F}D:\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Block) D:\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
    FirewallRules: [UDP Query User{52482200-0C1B-4184-993E-07CBFB761826}D:\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Block) D:\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
    FirewallRules: [TCP Query User{B2C04ADF-C022-470A-8209-E6672DC4D519}D:\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland) [Bestand niet getekend]
    FirewallRules: [UDP Query User{BA235FBA-B71B-415F-89D9-4C81AC8C8E6A}D:\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland) [Bestand niet getekend]
    FirewallRules: [TCP Query User{6F57D48C-2F87-43B2-A012-EA05770E7BB5}D:\saints row 2022\sr5\saintsrow_vulkan.exe] => (Block) D:\saints row 2022\sr5\saintsrow_vulkan.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{6216DBEE-A469-4637-97A8-62F1C75C8AF0}D:\saints row 2022\sr5\saintsrow_vulkan.exe] => (Block) D:\saints row 2022\sr5\saintsrow_vulkan.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{99F29754-8505-4D10-9461-0362BBC2F1C5}D:\games\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [UDP Query User{5A7259CE-CA8B-4C0F-92E1-60900E23B4DA}D:\games\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe (Warhorse Studios sro) [Bestand niet getekend]
    FirewallRules: [TCP Query User{7304F521-5EBC-4D44-9723-E7B78509AB48}D:\red dead redemption 2\rdr2.exe] => (Block) D:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [Bestand niet getekend]
    FirewallRules: [UDP Query User{C633E451-AE5D-4AF4-B320-17755FA814A6}D:\red dead redemption 2\rdr2.exe] => (Block) D:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [Bestand niet getekend]
    FirewallRules: [{61E42D79-091D-44A8-9558-BDA574F429D5}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{66A41345-2139-4827-B8EF-BD4BE53E8211}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [TCP Query User{9326E7E3-3208-4EC4-A4B6-D0D053C1E624}D:\stronghold warlords\bin\win32_galaxy_release\strongholdwarlords.exe] => (Block) D:\stronghold warlords\bin\win32_galaxy_release\strongholdwarlords.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{A2891439-047D-48B4-BA56-A1BC95E50803}D:\stronghold warlords\bin\win32_galaxy_release\strongholdwarlords.exe] => (Block) D:\stronghold warlords\bin\win32_galaxy_release\strongholdwarlords.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{DCE8ED76-A168-4279-94CB-89B829A9EA80}C:\users\sitewizard\programmas\torrent programmas\utorrent.exe] => (Allow) C:\users\sitewizard\programmas\torrent programmas\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{44F73FD3-B026-46BB-9D8A-7FF836ED4DB0}C:\users\sitewizard\programmas\torrent programmas\utorrent.exe] => (Allow) C:\users\sitewizard\programmas\torrent programmas\utorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [{69D97299-FF4B-424F-863C-3AA3920B1F2E}] => (Allow) C:\Users\sitewizard\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [{050C6E44-7CA4-4D24-9228-5DE194E33357}] => (Allow) C:\Users\sitewizard\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Bestand niet getekend]
    FirewallRules: [TCP Query User{9784AEEB-F2C8-471D-A6D7-6B65197240C7}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [UDP Query User{3A74612C-EDF3-4445-9CF3-55F9499A620F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [TCP Query User{C2A3B90C-CCC3-436A-ACD1-EC364F2E6132}D:\kingdoms.reborn.rise.of.valhalla.early.access\kingdoms.reborn.rise.of.valhalla.early.access\puncity\binaries\win64\prototypecity-win64-shipping.exe] => (Block) D:\kingdoms.reborn.rise.of.valhalla.early.access\kingdoms.reborn.rise.of.valhalla.early.access\puncity\binaries\win64\prototypecity-win64-shipping.exe (Earthshine) [Bestand niet getekend]
    FirewallRules: [UDP Query User{26CFB2CC-6A1A-4761-9F48-996961FC5BA9}D:\kingdoms.reborn.rise.of.valhalla.early.access\kingdoms.reborn.rise.of.valhalla.early.access\puncity\binaries\win64\prototypecity-win64-shipping.exe] => (Block) D:\kingdoms.reborn.rise.of.valhalla.early.access\kingdoms.reborn.rise.of.valhalla.early.access\puncity\binaries\win64\prototypecity-win64-shipping.exe (Earthshine) [Bestand niet getekend]
    FirewallRules: [TCP Query User{02AC9479-203A-4B46-BFFE-967ED25DD1AB}E:\game downloads van sites\skidrowreloaded\2022\starsand the beetle\starsand.the.beetle.early.access\starsand.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\starsand the beetle\starsand.the.beetle.early.access\starsand.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{4D395089-213B-4087-B9E2-32164BC42819}E:\game downloads van sites\skidrowreloaded\2022\starsand the beetle\starsand.the.beetle.early.access\starsand.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\starsand the beetle\starsand.the.beetle.early.access\starsand.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{09474CA6-9B50-4EA8-A1B3-F22742C941FD}E:\game downloads van sites\skidrowreloaded\2022\state of decay 2 (2018)\state of decay 2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\state of decay 2 (2018)\state of decay 2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe (Undead Labs, LLC) [Bestand niet getekend]
    FirewallRules: [UDP Query User{06ED74E9-A761-4DB4-B168-F89687FD032D}E:\game downloads van sites\skidrowreloaded\2022\state of decay 2 (2018)\state of decay 2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\state of decay 2 (2018)\state of decay 2\stateofdecay2\binaries\win64\stateofdecay2-win64-shipping.exe (Undead Labs, LLC) [Bestand niet getekend]
    FirewallRules: [TCP Query User{B8C6149E-8D43-4343-B2DC-BC3F035AF2D2}E:\game downloads van sites\skidrowreloaded\2022\ranch simulator hunting rifle early access\ranch.simulator.hunting.rifle.early.access\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\ranch simulator hunting rifle early access\ranch.simulator.hunting.rifle.early.access\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [Bestand niet getekend]
    FirewallRules: [UDP Query User{BBC2F7F8-CC86-4B8E-8586-6E95CA7D3B5A}E:\game downloads van sites\skidrowreloaded\2022\ranch simulator hunting rifle early access\ranch.simulator.hunting.rifle.early.access\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\ranch simulator hunting rifle early access\ranch.simulator.hunting.rifle.early.access\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [Bestand niet getekend]
    FirewallRules: [TCP Query User{266376C0-4FD2-4C05-84BE-3A3EE30442C9}E:\game downloads van sites\skidrowreloaded\2022\farthest.frontier.early.access.zip\farthest.frontier.early.access\farthest frontier.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\farthest.frontier.early.access.zip\farthest.frontier.early.access\farthest frontier.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{91CD5477-913A-466A-9B88-53CD5B4454CC}E:\game downloads van sites\skidrowreloaded\2022\farthest.frontier.early.access.zip\farthest.frontier.early.access\farthest frontier.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2022\farthest.frontier.early.access.zip\farthest.frontier.early.access\farthest frontier.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{1260A5DC-1AD3-4318-9221-B677FF294B9F}E:\game downloads van sites\skidrowreloaded\2023\ancient wars sparta definitive edition\ancient.wars.sparta.definitive.edition.anniversary.early.access\vulkan\spartade.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\ancient wars sparta definitive edition\ancient.wars.sparta.definitive.edition.anniversary.early.access\vulkan\spartade.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{19CAED36-BD2E-4A7B-BF28-FAAA84B23260}E:\game downloads van sites\skidrowreloaded\2023\ancient wars sparta definitive edition\ancient.wars.sparta.definitive.edition.anniversary.early.access\vulkan\spartade.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\ancient wars sparta definitive edition\ancient.wars.sparta.definitive.edition.anniversary.early.access\vulkan\spartade.exe () [Bestand niet getekend]
    FirewallRules: [{062EA4EA-5508-43BF-9BF4-165958DCD79F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [{47552CCC-3EA2-4927-88B9-36E0ACB3F2AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [{64BFF23C-64AC-43DE-9A7A-98B5ECC7064B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [{6541D946-7C69-4E13-A38F-ECD60D5CCAEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
    FirewallRules: [TCP Query User{16B2DA29-BFF9-4080-99E1-25183583A1DE}D:\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Bestand niet getekend]
    FirewallRules: [UDP Query User{54106AF4-D6E9-4F62-8F5E-3FE30A572F53}D:\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Bestand niet getekend]
    FirewallRules: [{63FDF829-DE01-4E46-AF90-1C8D1D4E5E60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [TCP Query User{CB40CA5C-B1C1-4D31-BE52-EBCCCB8EC647}E:\game downloads van sites\skidrowreloaded\2023\frozenheim.archetypes-goldberg\frozenheim.archetypes-goldberg\frozenheim\binaries\win64\frozenheim-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\frozenheim.archetypes-goldberg\frozenheim.archetypes-goldberg\frozenheim\binaries\win64\frozenheim-win64-shipping.exe => Geen bestand
    FirewallRules: [UDP Query User{22261A34-8220-4042-B1C8-5BDD85CF5D96}E:\game downloads van sites\skidrowreloaded\2023\frozenheim.archetypes-goldberg\frozenheim.archetypes-goldberg\frozenheim\binaries\win64\frozenheim-win64-shipping.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\frozenheim.archetypes-goldberg\frozenheim.archetypes-goldberg\frozenheim\binaries\win64\frozenheim-win64-shipping.exe => Geen bestand
    FirewallRules: [{F3102188-CA22-460D-AD6F-D1BD31C6E9B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{36FA1E10-7F6F-46E0-A9BD-C32E8D4EA7B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{CA8AEE77-F9B3-4C70-9AF8-58C84743F053}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{51F3B8E1-1544-4B45-9077-6CEB26CC4C35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [TCP Query User{E4C26B51-AAF5-4D90-90F3-7D7F07B91C2E}C:\downloads\malwarebytes anti-malware premium version 4.2.0.82 2022 nieuw\setup files\licensemalwarebytes.exe] => (Allow) C:\downloads\malwarebytes anti-malware premium version 4.2.0.82 2022 nieuw\setup files\licensemalwarebytes.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{4E9837BA-42C1-4815-B815-CB73A683B7BD}C:\downloads\malwarebytes anti-malware premium version 4.2.0.82 2022 nieuw\setup files\licensemalwarebytes.exe] => (Allow) C:\downloads\malwarebytes anti-malware premium version 4.2.0.82 2022 nieuw\setup files\licensemalwarebytes.exe () [Bestand niet getekend]
    FirewallRules: [TCP Query User{888C6BC1-B8C3-4D30-B084-5FD6302E39D7}E:\game downloads van sites\skidrowreloaded\2023\one.military.camp.early.access\one.military.camp.early.access\one military camp.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\one.military.camp.early.access\one.military.camp.early.access\one military camp.exe () [Bestand niet getekend]
    FirewallRules: [UDP Query User{214E673C-CD14-44C8-97C1-3D99D2D41D1D}E:\game downloads van sites\skidrowreloaded\2023\one.military.camp.early.access\one.military.camp.early.access\one military camp.exe] => (Block) E:\game downloads van sites\skidrowreloaded\2023\one.military.camp.early.access\one.military.camp.early.access\one military camp.exe () [Bestand niet getekend]
    FirewallRules: [{9C40A668-CB81-446B-8F29-F65E3216CA78}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\4K Software\4K Downloader\4KDownloader.exe] => Enabled:4K Downloader
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\4K Software\4K Downloader\Modules\MS_ytdl.exe] => Enabled:MS_ytdl

  12. #12
    Join Date
    Sep 2016
    Posts
    137
    3th part from addition txt

    ==================== Herstelpunten =========================

    25-02-2023 22:25:52 Bigasoft Video Downloader Pro 3.24.6.8118 restore point
    02-03-2023 18:08:07 Ashampoo_Driver_Updater_Restore_Point
    02-03-2023 18:20:14 Ashampoo_Driver_Updater_Restore_Point
    03-03-2023 15:24:05 The Guild 3 MULTi10 - ElAmigos version 1.0.5 H1 restore point
    03-03-2023 23:27:05 The Guild 3 MULTi10 - ElAmigos version 1.0.5 H1 restore point

    ==================== Defecte Apparaatbeheer Apparaten ============


    ==================== Eventlog fouten: ========================

    Applicatiefouten:
    ==================
    Error: (03/04/2023 05:49:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Naam van toepassing met fout: speed.exe, versie: 0.0.0.0, tijdstempel: 0x438e4c8c
    Naam van module met fout: speed.exe, versie: 0.0.0.0, tijdstempel: 0x438e4c8c
    Uitzonderingscode: 0x80000003
    Foutmarge: 0x00065228
    Id van proces met fout: 0x1850
    Starttijd van toepassing met fout: 0x01d94eb51d13ca5d
    Pad naar toepassing met fout: C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\speed.exe
    Pad naar module met fout: C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\speed.exe
    Rapport-id: c62b8dac-d06b-42e2-9937-ad7ab4becb97
    Volledige pakketnaam met fout:
    Relatieve toepassings-id van pakket met fout:

    Error: (03/04/2023 11:20:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Het programma explorer.exe, versie 10.0.19041.2604 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm.

    Proces-id: 1730

    Starttijd: 01d94e7dbbae5dba

    Eindtijd: 0

    Toepassingspad: C:\Windows\explorer.exe

    Rapport-id: af8923c9-d9a1-4d43-820e-fbced9c5789d

    Volledige pakketnaam met fout:

    Relatieve toepassings-id van pakket met fout:

    Type vastlopen: Unknown

    Error: (03/03/2023 01:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Naam van toepassing met fout: svchost.exe_WpnUserService, versie: 10.0.19041.1806, tijdstempel: 0x7dcad237
    Naam van module met fout: wpncore.dll, versie: 10.0.19041.2546, tijdstempel: 0x1a76b7de
    Uitzonderingscode: 0xc0000005
    Foutmarge: 0x000000000001cc73
    Id van proces met fout: 0x3568
    Starttijd van toepassing met fout: 0x01d94dbc558008c5
    Pad naar toepassing met fout: C:\Windows\system32\svchost.exe
    Pad naar module met fout: C:\Windows\System32\wpncore.dll
    Rapport-id: 07983e61-e5ab-4dbf-a825-bad78f74ad0c
    Volledige pakketnaam met fout:
    Relatieve toepassings-id van pakket met fout:

    Error: (03/02/2023 06:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.19041.546, tijdstempel: 0x1d3a15e7
    Naam van module met fout: KERNELBASE.dll, versie: 10.0.19041.2546, tijdstempel: 0xe8e9ac9b
    Uitzonderingscode: 0xc000027b
    Foutmarge: 0x000000000010fd12
    Id van proces met fout: 0xb3c
    Starttijd van toepassing met fout: 0x01d94d2c07ae2db9
    Pad naar toepassing met fout: C:\Windows\system32\backgroundTaskHost.exe
    Pad naar module met fout: C:\Windows\System32\KERNELBASE.dll
    Rapport-id: 2b8933ae-ce1c-4877-b3c6-306089ffeefc
    Volledige pakketnaam met fout: Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe
    Relatieve toepassings-id van pakket met fout: App

    Error: (03/02/2023 06:20:13 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd.
    .
    Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.


    Bewerking:
    Schrijvergegevens verzamelen

    Context:
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {f5537934-d7e1-4582-ba0a-c48dadb7f1a4}

    Error: (03/02/2023 06:08:05 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd.
    .
    Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.


    Bewerking:
    Schrijvergegevens verzamelen

    Context:
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {583fe012-104c-414c-bb0d-904f4cd52f39}

    Error: (03/02/2023 01:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.19041.546, tijdstempel: 0x1d3a15e7
    Naam van module met fout: KERNELBASE.dll, versie: 10.0.19041.2546, tijdstempel: 0xe8e9ac9b
    Uitzonderingscode: 0xc000027b
    Foutmarge: 0x000000000010fd12
    Id van proces met fout: 0x2cf0
    Starttijd van toepassing met fout: 0x01d94d0631cd2f12
    Pad naar toepassing met fout: C:\Windows\system32\backgroundTaskHost.exe
    Pad naar module met fout: C:\Windows\System32\KERNELBASE.dll
    Rapport-id: 8d65d16f-22ba-41a5-b302-0dd15eec62fb
    Volledige pakketnaam met fout: Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe
    Relatieve toepassings-id van pakket met fout: App

    Error: (03/02/2023 01:37:41 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_ON.


    Systeemfouten:
    =============
    Error: (03/05/2023 12:17:48 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-CLOTT6J)
    Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding
    "2147942767"
    is opgetreden bij het uitvoeren van de opdracht
    C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

    Error: (03/05/2023 12:11:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS

    Error: (03/04/2023 06:35:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS

    Error: (03/04/2023 11:21:32 AM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS

    Error: (03/03/2023 01:28:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: De Windows Push Notifications User Service_541e4a5-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

    Error: (03/02/2023 06:25:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS

    Error: (03/02/2023 06:21:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS

    Error: (03/02/2023 06:16:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\crlscsi.SYS


    Windows Defender:
    ================
    Date: 2022-03-11 13:19:10
    Description:
    Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...0&enterprise=0
    Naam: PUA:Win32/Presenoker
    Ernst: Laag
    Categorie: Mogelijk ongewenste software
    Pad: file:_C:\Program Files (x86)\uTorrent\uTorrent.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: NT AUTHORITY\SYSTEM
    Procesnaam: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

    Date: 2022-03-11 13:19:10
    Description:
    Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...0&enterprise=0
    Naam: PUA:Win32/Presenoker
    Ernst: Laag
    Categorie: Mogelijk ongewenste software
    Pad: file:_C:\Program Files (x86)\uTorrent\uTorrent.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: NT AUTHORITY\SYSTEM
    Procesnaam: C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

    Date: 2022-03-11 13:19:10
    Description:
    Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...0&enterprise=0
    Naam: PUA:Win32/Presenoker
    Ernst: Laag
    Categorie: Mogelijk ongewenste software
    Pad: file:_C:\Program Files (x86)\uTorrent\uTorrent.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: NT AUTHORITY\SYSTEM
    Procesnaam: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

    Date: 2022-03-11 13:18:03
    Description:
    Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...6&enterprise=0
    Naam: Trojan:Win32/Tiggre!plock
    Ernst: Ernstig
    Categorie: Trojaans paard
    Pad: file:_C:\Program Files (x86)\Wise\Wise Registry Cleaner\Activator.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: DESKTOP-CLOTT6J\sitewizard
    Procesnaam: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

    Date: 2022-03-11 13:18:03
    Description:
    Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...6&enterprise=0
    Naam: Trojan:Win32/Tiggre!plock
    Ernst: Ernstig
    Categorie: Trojaans paard
    Pad: file:_C:\Program Files (x86)\Wise\Wise Registry Cleaner\Activator.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: DESKTOP-CLOTT6J\sitewizard
    Procesnaam: C:\Windows\System32\dllhost.exe
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3
    Event[0]:

    Date: 2022-03-11 13:18:44
    Description:
    Microsoft Defender Antivirus heeft een niet-kritieke fout gevonden tijdens het nemen van maatregelen ten aanzien van malware of andere mogelijk ongewenste software.
    Zie het volgende voor meer informatie:
    https://go.microsoft.com/fwlink/?lin...6&enterprise=0
    Naam: Trojan:Win32/Tiggre!plock
    Ernst: Ernstig
    Categorie: Trojaans paard
    Pad: file:_C:\Program Files (x86)\Wise\Wise Registry Cleaner\Activator.exe
    Detectieoorsprong: Lokale computer
    Detectietype: Concreet
    Detectiebron: Real-timebeveiliging
    Gebruiker: NT AUTHORITY\SYSTEM
    Procesnaam: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    Actie: Quarantaine
    Actiestatus: No additional actions required
    Foutcode: 0x80070021
    Foutbeschrijving: Het proces heeft geen toegang tot het bestand omdat een gedeelte van het bestand door een ander proces is vergrendeld.
    Versie van beveiligingsinformatie: AV: 1.359.1764.0, AS: 1.359.1764.0, NIS: 1.359.1764.0
    Engineversie: AM: 1.1.18900.3, NIS: 1.1.18900.3

    CodeIntegrity:
    ===============
    Date: 2023-03-05 13:22:43
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

    Date: 2023-03-05 13:22:43
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Geheugen info ===========================

    BIOS: American Megatrends International, LLC. 1.A0 01/09/2023
    Moederbord: Micro-Star International Co., Ltd. PRO Z690-A WIFI DDR4(MS-7D25)
    Processor: 12th Gen Intel(R) Core(TM) i9-12900KF
    Percentage geheugen in gebruik: 10%
    Totaal fysiek RAM-geheugen: 65387.02 MB
    Beschikbaar fysiek RAM-geheugen: 58771.29 MB
    Totaal Virtueel geheugen: 75115.02 MB
    Beschikbaar Virtueel geheugen: 66812.55 MB

    ==================== Schijven ================================

    Drive c: () (Fixed) (Total:1862.39 GB) (Free:1605.02 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
    Drive d: (SSD Schijf D) (Fixed) (Total:3726.01 GB) (Free:2360.04 GB) (Model: Samsung SSD 870 QVO 4TB) NTFS
    Drive e: (SSD Schijf E) (Fixed) (Total:3726.01 GB) (Free:1479.23 GB) (Model: Samsung SSD 870 QVO 4TB) NTFS
    Drive f: (SSD Schijf F) (Fixed) (Total:1863 GB) (Free:1836.43 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
    Drive g: (My Book) (Fixed) (Total:1862.98 GB) (Free:270.05 GB) (Model: WD My Book 1140 USB Device) NTFS
    Drive h: (LaCie) (Fixed) (Total:4657.53 GB) (Free:733.2 GB) (Model: LaCie P9230 SCSI Disk Device) NTFS
    Drive k: (Elements) (Fixed) (Total:2794.49 GB) (Free:629.37 GB) (Model: WD Elements 107C USB Device) NTFS
    Drive l: (LaCie) (Fixed) (Total:7452.02 GB) (Free:2104.93 GB) (Model: LaCie P9237 Desktop SCSI Disk Device) NTFS

    \\?\Volume{7812943c-6ba5-4e32-af66-7d4a4de4a66c}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
    \\?\Volume{afdb48bd-d41f-4e7c-b1fc-58821340b135}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Partitietabel ====================

    ==========================================================
    Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 4 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 00021365)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
    Attempted reading MBR returned 0 bytes.
    Could not read MBR for disk 5.
    Attempted reading MBR returned 0 bytes.
    Could not read MBR for disk 6.

    ==========================================================
    Disk: 7 (Size: 7452 GB) (Disk ID: 32582FFB)

    Partition: GPT.

    ==================== Einde van Addition.txt =======================

    thank you Sir Fink and Sir Steve R Jones for the Help

    for now i have not see a email / spam from that hacker anymore
    Maybe this is because i have forwarded it to the vardacht@safeonweb.be from my country and the Police here
    maybe they have blocked the guy and closed his internet
    but i know that he have installed a program here ...
    Last edited by sitew; March 5th, 2023 at 01:37 PM.

  13. #13
    Join Date
    Sep 2016
    Posts
    137
    there is also another .dll that is not correct here when i start this new computer ..
    after i installed adobe photoshop it say now when i start the computer that the file (.dll) C:/Windows\System32\wbem\wbemprox.dll
    is not coorrect for windows 10 pro x64...

  14. #14
    Join Date
    Feb 2000
    Location
    Idaho Falls, Idaho, USA
    Posts
    17,973
    So your wbemprox.dll error message only started to appear AFTER you installed Photoshop?

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    As the other posters said, this type of email is pretty common and I'm sure anyone of us received it.
    Your email address can be obtained in many ways. Hacked database of some institution, you used email address with, or it could be even randomly created by some programs hackers use.
    There is really nothing to worry about, especially since your FRST logs are clean.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •