Login

Register

Login

Register

Edge keeps opening at random new windows… | #firefox | #chrome | #microsoftedge | #cybersecurity | #infosecurity | #hacker


It just started to happen, I tried to reboot but doesnt work.

onScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021

Ran by Meg de Jager (administrator) on MSI (Micro-Star International Co., Ltd. GF62 8RE) (06-09-2021 16:37:38)

Running from C:UsersMeg de JagerDownloads

Loaded Profiles: Meg de Jager & Administrator

Platform: Windows 10 Pro Version 21H2 22000.176 (X64) Language: Dutch (Netherlands) -> English (United States)

Default browser: “C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSApplicationmsedge.exe” –single-argument %1

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:Program Files (x86)AdguardAdguard.exe

(Adguard Software Limited -> Adguard Software Ltd) C:Program Files (x86)AdguardAdguardSvc.exe

(A-Volute SAS -> A-Volute) C:UsersMeg de JagerAppDataLocalNhNotifSysnahimicnahimicNotifSys.exe

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicService.exe

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicSvc64.exe

(A-Volute SAS -> Nahimic) C:WindowsSysWOW64NahimicSvc32.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.CpuIdRemote64.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.DisplayAdapter.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCueLLAccessService.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareiCUE.exe

(Discord Inc. -> Discord Inc.) C:UsersMeg de JagerAppDataLocalDiscordDevelopmentapp-1.0.600DiscordDevelopment.exe <6>

(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2guard.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2service.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2start.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-MalwareCommService.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwareeppwsc.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler64.exe

(HP Inc. -> HP Inc.) C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_ffc75848a6342fdfjhi_service.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_2cec8fd58a80e6eaigfxCUIService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_2cec8fd58a80e6eaigfxEM.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_2cec8fd58a80e6eaIntelCpHDCPSvc.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_2cec8fd58a80e6eaIntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe

(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe

(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesIntelWiFibinEvtEng.exe

(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesIntelWiFibinZeroConfigService.exe

(Mehedi Hassan) [File not signed] C:UsersMeg de JagerAppDataLocalProgramsTweetenTweeten.exe <6>

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16OUTLOOK.EXE

(Microsoft Corporation -> Microsoft Corporation) C:UsersMeg de JagerAppDataLocalMicrosoftBingWallpaperAppBingWallpaperApp.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSApplicationmsedge.exe <20>

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.YourPhone_1.21081.132.0_x64__8wekyb3d8bbweYourPhoneAppProxyYourPhoneAppProxy.exe

(Microsoft Windows -> ) C:WindowsSystem32AggregatorHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32UtcDecoderHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoftWindows.Client.CBS_cw5n1h2txyewySearchHost.exe

(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:WindowsSystem32CorsairGamingAudioCfgService64.exe

(Micro-Star International CO., LTD. -> ) [File not signed] C:Program Files (x86)SCMSCM.exe

(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:Program Files (x86)MSIDragon CenterDragon Center.exe

(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:Program Files (x86)SCMMSIService.exe

(MiniTool Software Limited -> ) C:Program FilesMiniTool ShadowMakerAgentService.exe

(MiniTool Software Limited -> ) C:Program FilesMiniTool ShadowMakerSchedulerService.exe

(MYKI SAL -> MYKI Inc.) C:UsersMeg de JagerAppDataLocalmykiapp-1.4.5MYKI.exe <4>

(MYKI SAL -> Node.js) C:UsersMeg de JagerAppDataLocalmykiapp-1.4.5resourcesnative_messengerindex-win.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmii.inf_amd64_193f04621e226017Display.NvContainerNVDisplay.Container.exe <2>

(Proton Technologies AG -> ) C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.exe

(Proton Technologies AG -> ) C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe

(Proton Technologies AG -> ) C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe

(Proton Technologies AG -> The OpenVPN Project) C:Program Files (x86)Proton TechnologiesProtonVPNResources64-bitopenvpn.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_12da6ad5ef67a6edRtkAudUService64.exe <2>

(Reason Software Company Inc. -> Reason Software Company Inc.) C:Program Files (x86)Uncheckybinunchecky_bg.exe

(Reason Software Company Inc. -> Reason Software Company Inc.) C:Program Files (x86)Uncheckybinunchecky_svc.exe

(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerKAPS.exe

(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerKNDBWM.exe

(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerxTendUtility.exe

(Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerAnalyticsService.exe

(Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerNetworkService.exe

(Rivet Networks LLC -> Rivet Networks, LLC.) C:WindowsSystem32driversRivetNetworksKillerKAPSService.exe

(Rivet Networks LLC -> Rivet Networks, LLC.) C:WindowsSystem32driversRivetNetworksKillerKNDBWMService.exe

(Rivet Networks LLC -> Rivet Networks, LLC.) C:WindowsSystem32driversRivetNetworksKillerxTendUtilityService.exe

(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:Program FilesSamsungUSB Drivers27_ssconnconnss_conn_service.exe

(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe

(ShareX Team) [File not signed] C:Program FilesShareXShareX.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:WindowsSystem32SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:WindowsSystem32SynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:WindowsSystem32SynTPHelper.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:TeamviewerTeamViewer.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:TeamviewerTeamViewer_Service.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:Teamviewertv_w32.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:Teamviewertv_x64.exe

(Telegram FZ-LLC -> Telegram FZ-LLC) D:SoftwareTelegramTelegram.exe

(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe

(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

(WhatsApp, Inc -> WhatsApp) C:UsersMeg de JagerAppDataLocalWhatsAppapp-2.2134.10WhatsApp.exe <7>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_12da6ad5ef67a6edRtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe [320584 2018-01-30] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM…Run: [SCM] => C:Program Files (x86)SCMSCM.exe [302888 2018-06-22] (Micro-Star International CO., LTD. -> ) [File not signed]

HKLM…Run: [Emsisoft Anti-Malware] => C:Program FilesEmsisoft Anti-Malwarea2guard.exe [9286160 2021-08-31] (Emsisoft Ltd -> Emsisoft Ltd)

HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM-x32…Run: [Jabra Direct] => C:Program Files (x86)JabraDirect4jabra-direct.exe [79879104 2019-09-26] (GN Audio -> GN Audio A/S)

HKLM-x32…Run: [CORSAIR iCUE Software] => C:Program Files (x86)CorsairCORSAIR iCUE SoftwareiCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

HKLM-x32…Run: [Adguard] => C:Program Files (x86)AdguardAdguard.exe [5736408 2021-09-02] (Adguard Software Limited -> Adguard Software Ltd)

HKLM…PoliciesExplorer: [NoRecentDocsNetHood] 0

HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Run: [Microsoft Edge Update] => C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdate1.3.151.27MicrosoftEdgeUpdateCore.exe [242088 2021-08-16] (Microsoft Corporation -> Microsoft Corporation)

HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Run: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [2340720 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Run: [BingWallpaperApp] => C:UsersMeg de JagerAppDataLocalMicrosoftBingWallpaperAppBingWallpaperApp.exe [8537992 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Run: [ProtonVPN] => C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.exe [7738472 2021-08-04] (Proton Technologies AG -> )

HKUS-1-5-21-3349319283-1251123490-1320229872-500…Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => “C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe” –no-startup-window /prefetch:5

HKUS-1-5-21-3349319283-1251123490-1320229872-500…RunOnce: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [2340720 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

HKLM…PrintMonitorsCanon BJ Language Monitor MG5500 series: C:Windowssystem32CNMLMBU.DLL [391168 2013-04-04] (CANON INC.) [File not signed]

HKLM…PrintMonitorsCanon BJNP Port: C:Windowssystem32CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{401C381F-E0DE-4B85-8BD8-4F3F14FBDA57}] -> C:Program Files (x86)MicrosoftEdge DevApplication95.0.997.1Installersetup.exe [2021-09-02] (Microsoft Corporation -> Microsoft Corporation)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:Program Files (x86)MicrosoftEdge BetaApplication94.0.992.9Installersetup.exe [2021-09-03] (Microsoft Corporation -> Microsoft Corporation)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.63Installerchrmstp.exe [2021-09-03] (Google LLC -> Google LLC)

HKLMSoftware…AuthenticationCredential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

HKLMSoftware…WinlogonGPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:WINDOWSSystem32StartTileData.dll [2021-08-05] (Microsoft Windows -> Microsoft Corporation)

Startup: C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupShareX.lnk [2021-08-05]

ShortcutTarget: ShareX.lnk -> C:Program FilesShareXShareX.exe (ShareX Team) [File not signed]

Startup: C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTelegram.lnk [2021-08-06]

ShortcutTarget: Telegram.lnk -> D:SoftwareTelegramTelegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04057926-9D58-4DF4-8775-7437EB39E066} – System32TasksNahimicSvc64Run => C:WINDOWSsystem32NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)

Task: {09C849B5-70DB-417D-9954-948BAB858B1C} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {0C2049D5-07A0-4ED5-816B-1F20C91BCECE} – System32TasksMicrosoftWindowsAppListBackupBackup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:WINDOWSsystem32AppListBackupLauncher.dll [110592 2021-07-30] (Microsoft Windows -> Microsoft Corporation)

Task: {1252A84C-8F10-40E8-A3DB-1C30B0D37B16} – System32TasksMicrosoftWindowsPrintingPrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:WindowsSystem32PrinterCleanupTask.dll [118784 2021-08-12] (Microsoft Windows -> Microsoft Corporation)

Task: {1756C83F-7BCA-46B5-B9E9-53700EC50196} – System32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1001Core => C:UsersmarkAppDataLocalMicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe

Task: {1E72933D-47B7-4550-ACC0-4C339E3CF5D3} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {24810BD6-469E-471D-AD62-C76FF66F85B0} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

Task: {27C3C379-7577-4797-875D-39C6979F3509} – System32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005UA => C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe [214952 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {2969D7C7-9553-4955-823B-874A62BE7FC0} – System32TasksNahimicSvc32Run => C:WINDOWSSysWOW64NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)

Task: {30F61CE2-BCCA-41F6-BEBC-6B891430A1F4} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {39FB2182-7363-4CFC-822A-98B13D0FBFE7} – System32TasksGoogleUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1001UA => C:UsersmarkAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: {3A183959-8B04-4215-B268-34BB8693D4C6} – System32TasksAdobeGCInvoker-1.0 => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {451DEB4E-AF4D-4834-9D9C-03931E0F0063} – System32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1001UA => C:UsersmarkAppDataLocalMicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe

Task: {495067B8-2E20-4E9C-96EB-B2BE464F22FA} – System32TasksDragon_Center_updater => C:ProgramDataMSIDragon [Argument = CenterDragonCenter_Updater.exe DragonCenter]

Task: {5043139F-C342-4C18-8C86-31E0F6D9295D} – System32TasksMSI_Dragon Center => C:Program Files (x86)MSIDragon CenterDragon Center.exe [5668632 2018-04-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]

Task: {5370D189-D783-4A84-BC4D-12FE56435FE4} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [3977072 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {5C7E51F7-FA96-4A94-BEDD-B2DB12363E39} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6B8C6BBA-9AD8-4AD0-BCA2-AB1F2F22BF06} – System32TasksHPCustParticipation HP ENVY 5000 series => C:Program FilesHPHP ENVY 5000 seriesBinHPCustPartic.exe [6659488 2019-03-19] (HP Inc -> HP Inc.)

Task: {7A008841-9FAC-4CD1-9D45-92BCDC27AA52} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {872A15E2-9856-4474-B725-C7DA5B609079} – System32TasksGoogleUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1001Core => C:UsersmarkAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: {8A5B5B12-376A-45F6-AE8B-FBFEAB460192} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-06-06] (Google Inc -> Google LLC)

Task: {8D6DFB63-3573-4214-84F6-B943A9E99DA1} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {915AAD7C-3272-4B60-BEF9-918750BFC9BC} – System32TasksNahimicTask64 => C:WINDOWSsystem32.NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)

Task: {9C9785A1-2474-4893-825A-1E560F906C26} – System32TasksRunSpeccy => C:Program FilesSpeccySpeccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd)

Task: {A0E9C8DF-CFA6-496E-8999-2ADA9833D0F6} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A113AD26-AA99-4C14-9101-6C53FDBA2241} – System32TasksMicrosoftWindowsManagementProvisioningMdmDiagnosticsCleanup => C:WINDOWSsystem32MdmDiagnosticsTool.exe [90112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

Task: {A44ACC1C-9A81-4A65-A41C-6E641AC9CC25} – System32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005Core => C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe [214952 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {A79BA140-4629-44DD-88F3-26A23688E8F2} – System32Tasksmicrosoftwindowscapabilityaccessmanagermaintenancetasks => %windir%system32rundll32.exe %windir%system32CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance

Task: {AD9132B3-B152-40BC-9BDB-1C20CC49E9F6} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

Task: {B743041F-5B4D-4729-80CD-AA38D4B3B240} – System32TasksNahimicTask32 => C:WINDOWSsystem32..SysWOW64NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)

Task: {BB94C8BA-BEA2-4CBF-8FB9-B3581EA33ADE} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {BD1F5931-2AC6-4B9C-9B3A-153C5DCFDE0D} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} – System32TasksMicrosoftWindowsMobile Broadband AccountsMNO Metadata Parser => C:WINDOWSSystem32MbaeParserTask.exe

Task: {CFCE613D-01CC-47F8-9D3F-DF6220E258F2} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {CFD16A8F-65B5-424A-8517-56D6692D9008} – System32TasksMSI_Help_Desk_Agent => C:Program Files (x86)MSIHelp DeskMSI Update Agent.exe

Task: {D92BBF00-A8D3-409D-9097-61852D632C4C} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E17DCE0E-DD44-466D-B3C2-8ADFD1938838} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-06-06] (Google Inc -> Google LLC)

Task: {E7F51C74-7FED-44F8-B974-1BE83009A88C} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {F0F87636-BF68-486F-B6AF-6F4401A3F292} – System32TasksMicrosoftWindowsKernelLa57Cleanup => C:WINDOWSsystem32la57setup.exe [36864 2021-07-30] (Microsoft Windows -> Microsoft Corporation)

Task: {F21E75C8-2470-408B-90B9-0C16A9649589} – System32TasksMicrosoftWindowsShellThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:WindowsSystem32Themes.SsfDownload.ScheduledTask.dll [200704 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

Task: {FB5F9038-6DA0-42C1-8839-550546484813} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)

Task: {FC656854-E9AA-42E7-8C0A-E0AD64F0E12B} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {FC6BE768-F9C5-4442-9055-23D654FAA9AB} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [696304 2021-05-23] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:WINDOWSSysWOW64nlansp_c.dll [83456 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be “%SystemRoot%system32NLAapi.dll”

Winsock: Catalog5-x64 07 C:Windowssystem32nlansp_c.dll [126976 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be “%SystemRoot%system32NLAapi.dll”

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

TcpipParameters: [DhcpNameServer] 10.24.0.1

Tcpip..Interfaces{05ce8d63-a6b6-4387-985a-3e1a4c6347dd}: [DhcpNameServer] 195.121.1.34 195.121.1.66

Tcpip..Interfaces{1ec8b9ff-bd86-4fc3-bb56-274332412004}: [DhcpNameServer] 10.24.0.1

Edge:

=======

Edge DefaultProfile: Default

Edge Profile: C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-06]

Edge HomePage: Default -> hxxps://www.google.com/

Edge StartupUrls: Default -> “hxxps://www.bing.com/”

Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}

Edge Extension: (PreMiD) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsagjnjboanicjcpenljmaaigopkgdnihi [2021-08-12] [UpdateUrl:hxxps://api.premid.app/firefox/updates] <==== ATTENTION

Edge Extension: (WOT websitebeveiliging & bescherming veilig browsen) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbhmmomiinigofkjcapegjjndpbikblnp [2021-08-12]

Edge Extension: (Microsoft Rewards) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbnplfnhcidhhdapmblniehfaaompjlck [2021-08-12]

Edge Extension: (Theater Mode for YouTube (large player view)) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsdgognhgbpdoeidccnbfhohblklhbbomh [2021-08-12]

Edge Extension: (Dark Reader) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionseimadpbcbfnmbkopoojfekhnkhdbieeh [2021-08-12]

Edge Extension: (Wikiwand: Wikipedia Modernized) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsemffkefkbkpkgpdeeooapgaicgmcbolj [2021-08-12]

Edge Extension: (Offline Documenten) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-12]

Edge Extension: (BetterTTV) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsicllegkipkooaicfmdfaloehobmglglb [2021-08-12]

Edge Extension: (Darkness – Beautiful Dark Themes) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsimilbobhamcfahccagbncamhpnbkaenm [2021-08-12]

Edge Extension: (Google Docs Dark Mode) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionslgjhepbpjcmfmjlpkkdjlbgomamkgonb [2021-08-12]

Edge Extension: (MYKI Password Manager & Authenticator) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsnofkfblpeailgignhkbnapbephdnmbmn [2021-08-20]

Edge Extension: (AdGuard-advertentieblokkeerder) – C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionspdffkfellgipmhklpdmokmckkkfcopbh [2021-08-20]

StartMenuInternet: Microsoft Edge Beta – C:Program Files (x86)MicrosoftEdge BetaApplicationmsedge.exe

StartMenuInternet: Microsoft Edge Dev – C:Program Files (x86)MicrosoftEdge DevApplicationmsedge.exe

FireFox:

========

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

Chrome:

=======

CHR HKUS-1-5-21-3349319283-1251123490-1320229872-1005SOFTWAREGoogleChromeExtensions…ChromeExtension: [ddojnmkongaimkdddgmcccldlfhokcfb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:Program FilesEmsisoft Anti-Malwarea2service.exe [11119744 2021-08-31] (Emsisoft Ltd -> Emsisoft Ltd)

R2 Adguard Service; C:Program Files (x86)AdguardAdguardSvc.exe [176088 2021-09-02] (Adguard Software Limited -> Adguard Software Ltd)

S4 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

S3 cloudidsvc; C:WINDOWSsystem32cloudidsvc.dll [135168 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

R2 CorsairGamingAudioConfig; C:WindowsSystem32CorsairGamingAudioCfgService64.exe [616344 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAService; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R2 CorsairService; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R2 EmsiCommService; C:Program FilesEmsisoft Anti-MalwareCommService.exe [14230080 2021-08-31] (Emsisoft Ltd -> Emsisoft Ltd)

R2 EppWsc; C:Program FilesEmsisoft Anti-MalwareEppWsc.exe [1545368 2021-03-31] (Emsisoft Ltd -> Emsisoft Ltd)

S3 FileSyncHelper; C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncHelper.exe [3250024 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

S3 FrameServerMonitor; C:WINDOWSsystem32FrameServerMonitor.dll [319488 2021-08-05] (Microsoft Windows -> Microsoft Corporation)

R2 HPPrintScanDoctorService; C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe [288360 2021-05-06] (HP Inc. -> HP Inc.)

R2 Killer Analytics Service; C:WINDOWSSystem32driversRivetNetworksKillerKillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks)

R2 Killer Network Service; C:WINDOWSSystem32driversRivetNetworksKillerKillerNetworkService.exe [2654712 2020-01-10] (Rivet Networks LLC -> Rivet Networks)

R3 Killer Wifi Optimization Service; C:WINDOWSSystem32driversRivetNetworksKillerKAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)

R3 KNDBWM; C:WINDOWSSystem32driversRivetNetworksKillerKNDBWMService.exe [73920 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)

S3 MBAMService; D:MSFTMBAMService.exe [7497336 2021-08-31] (Malwarebytes Inc -> Malwarebytes)

S3 McpManagementService; C:WINDOWSSystem32McpManagementService.dll [319488 2021-07-30] (Microsoft Windows -> Microsoft Corporation)

R2 Micro Star SCM; C:Program Files (x86)SCMMSIService.exe [168048 2018-06-22] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)

S3 MicrosoftEdgeBetaElevationService; C:Program Files (x86)MicrosoftEdge BetaApplication94.0.992.9elevation_service.exe [1657232 2021-09-02] (Microsoft Corporation -> Microsoft Corporation)

S3 MicrosoftEdgeDevElevationService; C:Program Files (x86)MicrosoftEdge DevApplication95.0.997.1elevation_service.exe [1644424 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

R2 MTAgentService; C:Program FilesMiniTool ShadowMakerAgentService.exe [783344 2020-10-01] (MiniTool Software Limited -> )

R2 MTSchedulerService; C:Program FilesMiniTool ShadowMakerSchedulerService.exe [226800 2020-10-01] (MiniTool Software Limited -> )

R2 NahimicService; C:WINDOWSsystem32NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)

S3 NPSMSvc; C:WINDOWSSystem32npsm.dll [233472 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 NPSMSvc; C:WINDOWSSysWOW64npsm.dll [163840 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 OneDrive Updater Service; C:Program FilesMicrosoft OneDrive21.165.0815.0001OneDriveUpdaterService.exe [3712360 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

S4 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2519352 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)

S4 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3472192 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)

S3 P9RdrService; C:WINDOWSsystem32p9rdrservice.dll [122880 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

R3 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [115304 2021-08-04] (Proton Technologies AG -> )

R3 ProtonVPN Update Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [65128 2021-08-04] (Proton Technologies AG -> )

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5533120 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 ss_conn_service; C:Program FilesSamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)

R2 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)

R2 TeamViewer; D:TeamviewerTeamViewer_Service.exe [13271336 2021-08-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

R2 unchecky; C:Program Files (x86)Uncheckybinunchecky_svc.exe [297240 2019-08-04] (Reason Software Company Inc. -> Reason Software Company Inc.)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 xTendSoftAPService; C:WINDOWSSystem32driversRivetNetworksKillerxTendSoftAPService.exe [73928 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)

R2 xTendUtilityService; C:WINDOWSSystem32driversRivetNetworksKillerxTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_193f04621e226017Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_193f04621e226017Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:WINDOWSSystem32driversadgnetworkwfpdrv.sys [94720 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)

S3 CorsairGamingAudioService; C:WindowsSystem32driversCorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 cpuz150; C:WINDOWStempcpuz150cpuz150_x64.sys [44832 2021-09-06] (CPUID S.A.R.L.U. -> CPUID)

S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S0 ebdrv; C:WINDOWSSystem32driversevbda.sys [3440440 2021-06-05] (Microsoft Windows -> Marvell Semiconductor Inc.)

S0 ebdrv0; C:WINDOWSSystem32driversevbd0a.sys [3423032 2021-06-05] (Microsoft Windows -> QLogic Corporation)

R1 epp; C:Program FilesEmsisoft Anti-Malwareepp.sys [155112 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)

R0 eppdisk; C:WINDOWSSystem32driverseppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)

S0 EppElam; C:WINDOWSSystem32driversEppElam.sys [16808 2020-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)

R1 eppwfp; C:Program FilesEmsisoft Anti-Malwareeppwfp.sys [126968 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)

S3 ExecutionContext; C:WINDOWSSystem32DriversExecutionContext.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 HidSpiCx; C:WINDOWSSystem32driversHidSpiCx.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

R0 IntelPMT; C:WINDOWSSystem32driversIntelPMT.sys [74224 2021-06-05] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)

R3 KfeCoSvc; C:WINDOWSSystem32driversRivetNetworksKillerKfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

S3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-07-23] (Malwarebytes Inc -> Malwarebytes)

S0 megasas35i; C:WINDOWSSystem32driversmegasas35i.sys [100176 2021-06-05] (Microsoft Windows -> Broadcom Inc)

S0 mpi3drvi; C:WINDOWSSystem32driversmpi3drvi.sys [87352 2021-06-05] (Microsoft Windows -> Broadcom Limited)

S3 MpKsla7ae6be2; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{E8F2B4E3-F954-4760-95E7-F713534C9FF2}MpKslDrv.sys [47336 2020-11-08] (Microsoft Windows -> Microsoft Corporation)

R3 Nahimic_Mirroring; C:WINDOWSSystem32driversNahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows ® Win 7 DDK provider)

S3 NDKPerf; C:WINDOWSSystem32driversNDKPerf.sys [78152 2021-06-05] (Microsoft Windows -> )

S0 nvmedisk; C:WINDOWSSystem32driversnvmedisk.sys [82240 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

R3 ProtonVPNCallout; C:Program Files (x86)Proton TechnologiesProtonVPNx64Win10ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)

R0 pwdrvio; C:WINDOWSSystem32pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )

S3 pwdspio; C:WINDOWSsystem32pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )

S3 Revoflt; C:WINDOWSSystem32DRIVERSrevoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)

S3 RZSURROUNDVADService; C:WINDOWSsystem32driversRzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)

S3 sshid; C:WINDOWSSystem32driverssshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)

R3 ssps2; C:WINDOWSSystem32driversssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

R3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

S3 Usb4DeviceRouter; C:WINDOWSSystem32DriverStoreFileRepositoryusb4devicerouter.inf_amd64_8d9a17bd8e5b4b11Usb4DeviceRouter.sys [831800 2021-07-30] (Microsoft Windows -> Microsoft Corporation)

S3 Usb4HostRouter; C:WINDOWSSystem32DriverStoreFileRepositoryusb4hostrouter.inf_amd64_acb1b78bb0ae3528Usb4HostRouter.sys [557368 2021-07-30] (Microsoft Windows -> Microsoft Corporation)

S3 vmbusproxy; C:WINDOWSsystem32driversvmbusproxy.sys [90112 2021-06-05] (Microsoft Windows -> )

S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

R3 WINIO; C:Program Files (x86)MSIDragon Centerwinio64.sys [15160 2015-06-11] (Micro-Star Int’l Co. Ltd. -> )

R3 wintun; C:WINDOWSsystem32DRIVERSwintun.sys [38704 2021-07-11] (WireGuard LLC -> WireGuard LLC)

S1 WinSetupMon; system32DRIVERSWinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-06 16:37 – 2021-09-06 16:38 – 000042953 _____ C:UsersMeg de JagerDownloadsFRST.txt

2021-09-06 16:36 – 2021-09-06 16:37 – 002302464 _____ (Farbar) C:UsersMeg de JagerDownloadsFRST64.exe

2021-09-06 14:53 – 2021-09-06 14:53 – 1862230826 _____ C:WINDOWSMEMORY.DMP

2021-09-06 14:53 – 2021-09-06 14:53 – 000000000 ____D C:WINDOWSMinidump

2021-09-06 14:38 – 2021-09-06 14:38 – 000000000 ____D C:UsersMeg de JagerAppDataLocalFrontier Developments

2021-09-06 12:54 – 2021-09-06 12:54 – 000000000 ____D C:UsersMeg de JagerDownloadsffmpeg-4.3.1-win64

2021-09-06 12:53 – 2021-09-06 12:54 – 024960595 _____ C:UsersMeg de JagerDownloadsffmpeg-4.3.1-win64.zip

2021-09-03 16:59 – 2021-09-03 16:59 – 000014608 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-09-03 16:55 – 2021-09-03 16:55 – 000000000 ___HD C:$WinREAgent

2021-09-02 13:50 – 2021-09-02 13:50 – 000001404 _____ C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-08-31 18:57 – 2021-08-28 14:25 – 001858664 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-08-31 18:57 – 2021-08-28 14:25 – 001858664 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-08-31 18:57 – 2021-08-28 14:25 – 001474704 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-08-31 18:57 – 2021-08-28 14:25 – 001438848 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-08-31 18:57 – 2021-08-28 14:25 – 001438848 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-08-31 18:57 – 2021-08-28 14:25 – 001212536 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-08-31 18:57 – 2021-08-28 14:25 – 001097856 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-08-31 18:57 – 2021-08-28 14:25 – 001097856 _____ C:WINDOWSsystem32vulkan-1.dll

2021-08-31 18:57 – 2021-08-28 14:25 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-08-31 18:57 – 2021-08-28 14:25 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 001520760 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 001171064 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 000716920 _____ C:WINDOWSsystem32nvofapi64.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 000676480 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 000645240 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 000577168 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-08-31 18:57 – 2021-08-28 14:22 – 000564344 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-08-31 18:57 – 2021-08-28 14:21 – 002112128 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-08-31 18:57 – 2021-08-28 14:21 – 001595536 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-08-31 18:57 – 2021-08-28 14:21 – 000919184 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-08-31 18:57 – 2021-08-28 14:21 – 000706192 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-08-31 18:57 – 2021-08-28 14:20 – 005681280 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-08-31 18:57 – 2021-08-27 18:54 – 000083133 _____ C:WINDOWSsystem32nvinfo.pb

2021-08-31 18:56 – 2021-08-28 14:20 – 008854144 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-08-31 18:56 – 2021-08-28 14:20 – 007920760 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-08-31 18:56 – 2021-08-28 14:20 – 004987512 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-08-31 18:56 – 2021-08-28 14:20 – 002925688 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-08-31 18:56 – 2021-08-28 14:20 – 000447104 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-08-31 18:56 – 2021-08-28 14:19 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-08-31 18:46 – 2021-08-31 18:46 – 000000626 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-08-29 19:02 – 2021-08-29 19:04 – 000000000 ____D C:ProgramDataProtonVPN

2021-08-29 19:02 – 2021-08-29 19:02 – 000001237 _____ C:UsersPublicDesktopProtonVPN.lnk

2021-08-29 19:02 – 2021-08-29 19:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsProtonVPN

2021-08-29 19:01 – 2021-08-29 19:04 – 000000000 ____D C:UsersMeg de JagerAppDataLocalProtonVPN

2021-08-29 19:01 – 2021-08-29 19:02 – 000000000 ____D C:Program Files (x86)Proton Technologies

2021-08-29 19:01 – 2021-08-29 19:01 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingProton Technologies AG

2021-08-29 18:56 – 2021-08-29 18:56 – 000000000 ____D C:UsersMeg de JagerAppDataLocalElevatedDiagnostics

2021-08-29 18:55 – 2021-08-29 18:58 – 000000000 ____D C:MATS

2021-08-29 18:53 – 2021-08-29 18:53 – 000221662 _____ C:UsersMeg de JagerDownloadsMicrosoftProgram_Install_and_Uninstall.meta.diagcab

2021-08-27 14:36 – 2021-08-27 14:36 – 000000000 ____D C:UsersPublicCyberLink

2021-08-27 14:36 – 2021-08-27 14:36 – 000000000 ____D C:UsersMeg de JagerOneDriveDocumentenCyberLink

2021-08-27 11:39 – 2021-08-27 11:39 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingGodot

2021-08-27 11:06 – 2021-08-27 11:06 – 000000000 ____D C:UsersMeg de JagerAppDataLocalLowDinosaur Polo Club

2021-08-26 19:21 – 2021-08-26 19:22 – 000001396 _____ C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk

2021-08-26 19:21 – 2021-08-26 19:21 – 000000000 ____D C:UsersMeg de JagerAppDataLocalESET

2021-08-26 19:18 – 2021-08-26 19:18 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsBing Wallpaper

2021-08-26 12:18 – 2021-09-06 16:18 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingWhatsApp

2021-08-26 12:18 – 2021-09-02 13:23 – 000000000 ____D C:UsersMeg de JagerAppDataLocalWhatsApp

2021-08-26 12:18 – 2021-08-26 12:18 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsWhatsApp

2021-08-19 22:11 – 2021-08-28 18:43 – 000003194 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task

2021-08-19 22:10 – 2021-08-30 17:55 – 000000000 ____D C:Program FilesMicrosoft OneDrive

2021-08-19 22:10 – 2021-08-28 18:43 – 000002141 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-08-19 20:07 – 2021-08-19 20:07 – 000000772 _____ C:UsersPublicDesktoppaint.net.lnk

2021-08-19 20:02 – 2021-08-19 20:02 – 000000000 ____D C:UsersMeg de JagerAppDataLocalpaint.net

2021-08-18 20:19 – 2021-08-18 20:19 – 000033269 _____ C:WINDOWSSysWOW64prfc0003.dat.tmp

2021-08-16 22:25 – 2020-10-14 04:07 – 000038400 _____ (VS Revo Group) C:WINDOWSsystem32Driversrevoflt.sys

2021-08-16 22:19 – 2021-08-16 22:19 – 000000000 ____D C:UsersMeg de JagerAppDataLocalSteam

2021-08-16 22:19 – 2021-08-16 22:19 – 000000000 ____D C:UsersMeg de JagerAppDataLocalBlizzard Entertainment

2021-08-16 22:09 – 2021-08-16 22:25 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRevo Uninstaller Pro

2021-08-16 22:09 – 2021-08-16 22:09 – 000000000 ____D C:UsersMeg de JagerAppDataLocalVS Revo Group

2021-08-16 22:09 – 2021-08-16 22:09 – 000000000 ____D C:ProgramDataVS Revo Group

2021-08-15 19:14 – 2021-08-15 19:14 – 000000000 ____D C:WINDOWSPanther

2021-08-15 15:46 – 2021-08-15 15:46 – 000000150 _____ C:UsersMeg de JagerDownloadstest.zip

2021-08-15 15:46 – 2021-08-15 15:46 – 000000000 _____ C:UsersMeg de JagerDownloadstest.txt

2021-08-13 09:14 – 2021-08-13 09:14 – 000003580 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d78521a164af33

2021-08-12 19:16 – 2021-08-12 19:16 – 002764800 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2021-08-12 19:16 – 2021-08-12 19:16 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2021-08-12 19:16 – 2021-08-12 19:16 – 002310384 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-08-12 19:16 – 2021-08-12 19:16 – 001856848 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-08-12 19:16 – 2021-08-12 19:16 – 000727584 _____ C:WINDOWSsystem32TextShaping.dll

2021-08-12 19:16 – 2021-08-12 19:16 – 000617136 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-08-10 19:46 – 2021-08-28 14:18 – 006216336 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-08-08 15:00 – 2021-06-03 15:56 – 000043408 _____ (NVIDIA Corporation) C:WINDOWSsystem32DriversNvModuleTracker.sys

2021-08-08 13:30 – 2021-08-08 13:32 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingBetterDiscord

2021-08-08 13:29 – 2021-08-08 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingBetterDiscord Installer

2021-08-08 13:19 – 2021-09-06 15:37 – 000000000 ____D C:UsersMeg de JagerAppDataLocalDiscord

2021-08-08 11:20 – 2021-08-08 11:20 – 000000000 ____D C:UsersMeg de JagerAppDataLocalMicro-Star_International_

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-06 16:39 – 2021-08-06 18:17 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingTweeten

2021-09-06 16:39 – 2021-08-05 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingdiscorddevelopment

2021-09-06 16:38 – 2020-02-19 20:04 – 000000000 ____D C:FRST

2021-09-06 16:38 – 2019-11-28 12:46 – 000000000 ____D C:ProgramDataAdguard

2021-09-06 16:38 – 2019-06-06 14:25 – 000000000 ____D C:Program FilesEmsisoft Anti-Malware

2021-09-06 16:38 – 2019-06-06 13:50 – 000000000 ____D C:Program Files (x86)Steam

2021-09-06 16:27 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSSystemTemp

2021-09-06 16:27 – 2021-06-05 14:10 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-09-06 16:15 – 2021-06-05 14:10 – 000000000 ___HD C:Program FilesWindowsApps

2021-09-06 16:15 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSAppReadiness

2021-09-06 16:13 – 2019-06-06 10:30 – 000000000 ____D C:Program Files (x86)Google

2021-09-06 15:57 – 2021-08-05 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataLocalDiscordDevelopment

2021-09-06 15:39 – 2021-08-05 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingdiscord

2021-09-06 15:03 – 2018-03-15 18:44 – 000000000 ____D C:ProgramDataNVIDIA

2021-09-06 15:00 – 2021-07-30 11:09 – 001801202 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-09-06 15:00 – 2021-06-05 19:58 – 000801730 _____ C:WINDOWSsystem32perfh013.dat

2021-09-06 15:00 – 2021-06-05 19:58 – 000159344 _____ C:WINDOWSsystem32perfc013.dat

2021-09-06 15:00 – 2021-06-05 14:09 – 000000000 ____D C:WINDOWSINF

2021-09-06 14:58 – 2021-08-05 13:07 – 000000000 ____D C:UsersMeg de JagerAppDataLocalD3DSCache

2021-09-06 14:55 – 2021-08-05 11:32 – 000000000 ____D C:UsersAdministrator

2021-09-06 14:55 – 2019-06-06 21:44 – 000000000 ____D C:Program FilesCCleaner

2021-09-06 14:54 – 2021-08-05 13:06 – 000000000 __SHD C:UsersMeg de JagerIntelGraphicsProfiles

2021-09-06 14:54 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de Jager

2021-09-06 14:54 – 2021-07-30 11:07 – 000003112 _____ C:WINDOWSsystem32TasksNahimicTask32

2021-09-06 14:54 – 2021-07-30 11:07 – 000003092 _____ C:WINDOWSsystem32TasksNahimicTask64

2021-09-06 14:54 – 2019-11-28 12:46 – 000000000 ____D C:Program Files (x86)Adguard

2021-09-06 14:53 – 2021-07-30 11:07 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-09-06 14:53 – 2021-07-30 10:45 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-09-06 14:53 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSServiceState

2021-09-06 14:53 – 2020-12-12 17:39 – 000000485 _____ C:WINDOWSsystem32Driversetchosts.ics

2021-09-06 14:53 – 2019-11-12 23:48 – 000012288 ___SH C:DumpStack.log.tmp

2021-09-06 14:53 – 2018-03-15 18:42 – 000000000 ____D C:Intel

2021-09-06 13:13 – 2019-06-10 13:02 – 000000635 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++.lnk

2021-09-06 13:02 – 2021-08-06 10:45 – 000000000 ____D C:UsersMeg de JagerOneDriveDocumentenShareX

2021-09-06 12:34 – 2021-08-05 13:31 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingMYKI

2021-09-06 11:27 – 2021-06-05 14:01 – 001310720 _____ C:WINDOWSsystem32configBBI

2021-09-06 10:47 – 2021-08-05 14:00 – 000000000 ____D C:UsersMeg de JagerAppDataLocalCrashDumps

2021-09-05 17:32 – 2021-08-05 13:27 – 000002595 _____ C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Edge Canary.lnk

2021-09-05 17:26 – 2020-01-14 22:24 – 000002455 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-09-05 17:26 – 2019-06-06 19:38 – 000000000 ____D C:ProgramDataPackages

2021-09-03 17:02 – 2019-11-28 12:46 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdGuard

2021-09-03 17:02 – 2018-03-15 18:41 – 000000000 ____D C:ProgramDataPackage Cache

2021-09-03 17:01 – 2021-07-30 11:26 – 000000000 ____D C:Program FilesHyper-V

2021-09-03 17:01 – 2021-07-30 10:45 – 000001607 _____ C:WINDOWSsystem32configVSMIDK

2021-09-03 17:01 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSbcastdvr

2021-09-03 17:00 – 2021-06-05 14:01 – 000000000 ____D C:WINDOWSCbsTemp

2021-09-03 16:52 – 2019-08-21 22:49 – 000002374 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge Beta.lnk

2021-09-03 16:51 – 2019-06-06 10:30 – 000002328 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-09-02 13:20 – 2020-11-17 19:51 – 000002361 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge Dev.lnk

2021-09-02 13:19 – 2021-01-26 19:48 – 000000000 ____D C:Program FilesMicrosoft Office

2021-09-02 13:09 – 2021-07-30 11:07 – 000004210 _____ C:WINDOWSsystem32TasksCCleaner Update

2021-08-31 19:37 – 2021-08-05 19:10 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingSpotify

2021-08-31 19:02 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de JagerAppDataLocalNVIDIA

2021-08-31 18:46 – 2021-07-23 19:28 – 000000626 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-08-31 18:45 – 2021-07-23 19:28 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-08-30 17:07 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingTeamViewer

2021-08-29 18:46 – 2021-08-05 19:11 – 000000000 ____D C:UsersMeg de JagerAppDataLocalSpotify

2021-08-28 14:21 – 2021-01-26 20:49 – 000750224 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-08-28 14:18 – 2021-01-26 20:49 – 007280848 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-08-27 14:36 – 2021-07-31 12:33 – 000000000 ___HD C:ProgramDataCyberLink

2021-08-26 12:18 – 2021-08-05 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataLocalSquirrelTemp

2021-08-23 18:40 – 2021-07-30 10:45 – 005145792 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-08-23 18:40 – 2018-03-15 18:46 – 000000000 ____D C:ProgramDataA-Volute

2021-08-19 22:11 – 2021-08-05 13:06 – 000000000 ___RD C:UsersMeg de JagerOneDrive

2021-08-19 22:11 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de JagerAppDataLocalPackages

2021-08-19 22:11 – 2021-08-05 11:32 – 000000000 ___RD C:UsersAdministratorOneDrive

2021-08-19 22:11 – 2020-01-14 23:42 – 000000000 ___RD C:UsersDefaultOneDrive

2021-08-19 20:07 – 2019-07-08 20:00 – 000000772 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramspaint.net.lnk

2021-08-16 22:19 – 2018-03-15 18:46 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2021-08-16 22:18 – 2019-09-02 17:12 – 000000000 ____D C:Program Files (x86)Adobe

2021-08-16 22:08 – 2019-11-14 20:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsComfort Clipboard

2021-08-16 11:32 – 2021-08-05 13:26 – 000003952 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005UA

2021-08-16 11:32 – 2021-08-05 13:26 – 000003684 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005Core

2021-08-15 16:11 – 2021-08-05 13:38 – 000000000 ____D C:UsersMeg de JagerAppDataLocalPlaceholderTileLogoFolder

2021-08-13 09:14 – 2021-07-30 11:07 – 000003674 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-08-13 09:14 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-08-12 19:21 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSSystemResources

2021-08-12 19:21 – 2021-06-05 14:10 – 000000000 ____D C:WINDOWSShellExperiences

2021-08-12 14:14 – 2021-08-06 11:55 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingNotepad++

2021-08-12 12:48 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de JagerAppDataLocalTeamViewer

2021-08-11 11:58 – 2019-06-06 14:30 – 000000000 ____D C:WINDOWSsystem32MRT

2021-08-11 11:55 – 2019-06-06 14:30 – 133215968 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-08-10 19:52 – 2018-03-15 18:43 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-08-09 18:35 – 2018-03-15 18:43 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-08-08 15:14 – 2018-03-15 18:44 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-08-08 15:13 – 2021-08-05 13:06 – 000000000 ____D C:UsersMeg de JagerAppDataLocalNVIDIA Corporation

2021-08-08 15:00 – 2021-07-30 11:07 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000004106 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2021-07-30 11:07 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-08-08 15:00 – 2018-03-15 18:44 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-08-08 14:23 – 2020-02-20 23:45 – 000065133 _____ C:WINDOWSsystem32sfcdetails.txt

2021-08-08 13:20 – 2021-08-05 13:30 – 000000000 ____D C:UsersMeg de JagerAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

==================== Files in the root of some directories ========

2021-07-27 06:36 – 2021-07-27 06:36 – 000000269 _____ () C:ProgramDatafontcacheev1.dat

2020-06-11 13:51 – 2020-06-11 13:51 – 000000426 _____ () C:Program Files (x86)LMIR0BD1C001.tmp.bat

2020-06-11 13:51 – 2020-06-11 13:51 – 000000351 _____ () C:Program Files (x86)LMIR0BD1C001.tmp_r.bat

2021-08-11 11:29 – 2021-08-11 11:29 – 000000000 _____ () C:UsersMeg de JagerAppDataLocaloobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021

Ran by Meg de Jager (06-09-2021 16:39:24)

Running from C:UsersMeg de JagerDownloads

Windows 10 Pro Version 21H2 22000.176 (X64) (2021-07-30 09:07:52)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3349319283-1251123490-1320229872-500 – Administrator – Disabled) => C:UsersAdministrator

DefaultAccount (S-1-5-21-3349319283-1251123490-1320229872-503 – Limited – Disabled)

Gast (S-1-5-21-3349319283-1251123490-1320229872-501 – Limited – Disabled)

Meg de Jager (S-1-5-21-3349319283-1251123490-1320229872-1005 – Administrator – Enabled) => C:UsersMeg de Jager

WDAGUtilityAccount (S-1-5-21-3349319283-1251123490-1320229872-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Enabled – Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32…{1de09c47-5102-465c-a378-6dea5c8977aa}) (Version: 7.7.3655.0 – Adguard Software Ltd)

AdGuard (HKLM-x32…{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.7.3655.0 – Adguard Software Ltd) Hidden

Bandizip (HKLM…Bandizip) (Version: 7.17 – Bandisoft.com)

Battery Calibration (HKLM-x32…InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1801.1701 – Micro-Star International Co., Ltd.)

Bing Wallpaper (HKLM-x32…{9C94D5E4-22D6-457B-9263-9C68DBF669DD}) (Version: 1.0.9.3 – Microsoft Corporation)

CCleaner (HKLM…CCleaner) (Version: 5.83 – Piriform)

CORSAIR iCUE Software (HKLM-x32…{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 – Corsair)

DFUDriverSetupX64Setup (HKLM-x32…{A1C64107-A50F-4847-A3FE-624E28D553C5}) (Version: 1.8.0.0 – GN Audio A/S) Hidden

Discord (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Discord) (Version: 1.0.9002 – Discord Inc.)

Discord Development (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…DiscordDevelopment) (Version: 1.0.600 – Discord Inc.)

Dragon Center (HKLM-x32…InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.1.1804.1102 – Micro-Star International Co., Ltd.)

Emsisoft Anti-Malware (HKLM…{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 19.5.0.9476 – Emsisoft Ltd.)

FirmwareUpdater (HKLM-x32…{20203276-832B-4F1B-ABD3-1D849EABD431}) (Version: 1.8.0.0 – GN Audio A/S) Hidden

Galaxy Buds Manager (Unofficial) 3.1.0 (HKLM-x32…Galaxy Buds Manager (Unofficial)) (Version: 3.1.0 – ThePBone)

GIMP 2.10.22 (HKLM…GIMP-2_is1) (Version: 2.10.22 – The GIMP Team)

Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.63 – Google LLC)

Help Desk (HKLM-x32…InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1802.0501 – Micro-Star International Co., Ltd.)

HP Dropbox Plugin (HKLM-x32…{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 – HP)

HP EmailSMTP Plugin (HKLM-x32…{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 – HP)

HP ENVY 5000 series Basic Device Software (HKLM…{948DB328-2F71-4760-A9ED-BD44CA10362D}) (Version: 44.4.2678.1977 – HP Inc.)

HP ENVY 5000 series Help (HKLM-x32…{B868134D-0D88-4973-BDD8-07E2522C9102}) (Version: 44.0.0 – HP)

HP FTP Plugin (HKLM-x32…{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 – HP)

HP Google Drive Plugin (HKLM-x32…{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 – HP)

HP OneDrive Plugin (HKLM-x32…{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 – HP)

HP SharePoint Plugin (HKLM-x32…{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 – HP)

Intel® Chipset Device Software (HKLM-x32…{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 – Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 – Intel Corporation)

Intel® Trusted Connect Service Client x86 (HKLM-x32…{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 – Intel Corporation) Hidden

Intel® Trusted Connect Services Client (HKLM-x32…{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 – Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32…{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 – Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32…{ba25c46f-28f8-4449-97ab-7bb20f3f9a9c}) (Version: 20.30.0 – Intel Corporation)

Jabra Direct (HKLM-x32…{75319a43-366c-4df8-b168-d4862becc0b6}) (Version: 4.0.5484.0 – GN Audio A/S)

Jabra Direct (HKLM-x32…{B562F04A-DF0B-4FF7-8514-24ACA5CA4A17}) (Version: 4.0.5484.0 – GN Audio A/S) Hidden

KB9X Radio Switch Driver (HKLM…3498B7189B13CBC3673674CD226F4540F628CCB8) (Version: 1.1.5.0 – ENE TECHNOLOGY INC.)

Kits Configuration Installer (HKLM-x32…{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 – Microsoft) Hidden

Lens Studio 2.3.1 (HKLM-x32…{652D235D-D6FF-4E47-B95F-D2BE6E8B9858}}_is1) (Version: 2.3.1 – Snap Inc.)

MacroRecorder v2.0.69 (HKLM-x32…MacroRecorder_is1) (Version: 2.0.69 – Bartels Media GmbH)

Malwarebytes version 4.4.5.130 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 – Malwarebytes)

Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.14326.20238 – Microsoft Corporation)

Microsoft 365 – nl-nl (HKLM…O365HomePremRetail – nl-nl) (Version: 16.0.14326.20238 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 93.0.961.38 – Microsoft Corporation)

Microsoft Edge Beta (HKLM-x32…Microsoft Edge Beta) (Version: 94.0.992.9 – Microsoft Corporation)

Microsoft Edge Canary (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Microsoft Edge SxS) (Version: 95.0.1004.0 – Microsoft Corporation)

Microsoft Edge Dev (HKLM-x32…Microsoft Edge Dev) (Version: 95.0.997.1 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 93.0.961.38 – Microsoft Corporation)

Microsoft OneDrive (HKLM…OneDriveSetup.exe) (Version: 21.165.0815.0001 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.16.27012 (HKLM-x32…{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 – Microsoft Corporation)

Microsoft Windows Desktop Runtime – 5.0.8 (x64) (HKLM-x32…{d2790682-215d-499b-bd00-c2f370e8298b}) (Version: 5.0.8.30215 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…{D0972543-9D51-4A1A-A765-E5A7B1CB09E5}) (Version: 1.0.0.0 – Mojang)

MiniTool ShadowMaker PW Edition (HKLM-x32…MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.5 – MiniTool Software Limited)

mIRC (HKLM-x32…mIRC) (Version: 7.63 – mIRC Co. Ltd.)

Mouse Recorder Pro 2.0.7.4 (HKLM-x32…{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version:  – Nemex Studios)

Mozilla Firefox 88.0.1 (x64 nl) (HKLM…Mozilla Firefox 88.0.1 (x64 nl)) (Version: 88.0.1 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 83.0 – Mozilla)

MSI Feature Navigator (HKLM-x32…InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 – Micro-Star International Co., Ltd.)

MSI Remind Manager Service (HKLM-x32…InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1802.0501 – Micro-Star International Co., Ltd.)

MYKI (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…myki) (Version: 1.4.5 – MYKI Inc.)

Notepad++ (32-bit x86) (HKLM-x32…Notepad++) (Version: 8.1.1 – Notepad++ Team)

Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 8.1.4 – Notepad++ Team)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Graphics Driver 471.96 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.96 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.60 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)

NVIDIA PhysX Systeem Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Origin (HKLM-x32…Origin) (Version: 10.5.83.43781 – Electronic Arts, Inc.)

paint.net (HKLM…{02E30EC2-41F1-4194-9F58-C236E819F93C}) (Version: 4.3 – dotPDN LLC)

Paradox Launcher v2 (HKLM…{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 – Paradox Interactive)

PowerShell 7-x86 (HKLM-x32…{BF1E4B7A-656D-47B3-8AE7-C69F50B14665}) (Version: 7.0.0.0 – Microsoft Corporation)

Product Improvement Study for HP ENVY 5000 series (HKLM…{C5AA15B5-3E7E-43A2-BFDB-09F592DDFF08}) (Version: 44.4.2678.1977 – HP Inc.)

ProtonVPN (HKLM-x32…{657E5009-3D96-41DA-BDD9-36113EE99AE3}) (Version: 1.22.2 – Proton Technologies AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.22.2) (Version: 1.22.2 – Proton Technologies AG)

ProtonVPNTap (HKLM-x32…{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 – Proton Technologies AG)

ProtonVPNTun (HKLM-x32…{10242617-4DA6-4E16-98D8-92B16E54BAEB}) (Version: 0.10.0 – Proton Technologies AG)

PuTTY release 0.74 (64-bit) (HKLM…{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 – Simon Tatham)

Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 – Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8491 – Realtek Semiconductor Corp.)

Revo Uninstaller Pro 4.4.8 (HKLM…{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.8 – VS Revo Group, Ltd.)

Samsung DeX (HKLM-x32…{743e3ecf-e674-4aae-973b-0e784ca38803}) (Version: 2.0.0.15 – Samsung Electronics Co., Ltd.)

Samsung DeX (HKLM-x32…{E35C3F1D-91A9-4FED-A915-0F913BFD780D}) (Version: 2.0.0.15 – Samsung Electronics Co., Ltd.) Hidden

Samsung SideSync (HKLM-x32…Samsung SideSync) (Version: 4.7.5.244 – Samsung Electronics Co., Ltd.)

Samsung USB Driver for Mobile Phones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 – Samsung Electronics Co., Ltd.)

SCM (HKLM…{1CC45AFD-DFFF-4165-86B4-FA112B167509}) (Version: 13.018.06221 – Application)

SDK Debuggers (HKLM-x32…{A9F06890-9892-817F-EAD3-3E457AAC40B5}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden

ShareX (HKLM…82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 – ShareX Team)

Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)

Spotify (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…Spotify) (Version: 1.1.66.580.gbd43cbc9 – Spotify AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TAP-Windows 9.24.2 (HKLM…TAP-Windows) (Version: 9.24.2 – OpenVPN Technologies, Inc.)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.21.4 – TeamViewer)

Technitium MAC Address Changer v6.0 (HKLM-x32…TMACv6.0) (Version: 6.0 – Technitium)

Telegram Desktop version 3.0.1 (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.0.1 – Telegram FZ-LLC)

TriDef VR Games (MSI) 1.3.4 (HKLM-x32…vr-msi-pkg) (Version: 1.3.4 – Dynamic Digital Depth Australia Pty Ltd)

Tweeten (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…4092b2f4-5a1f-5335-a153-8bf82edfadf1) (Version: 5.5.0 – Mehedi Hassan)

Unchecky v1.2 (HKLM-x32…Unchecky) (Version: 1.2 – Reason Software Company Inc.)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 – Microsoft Corporation)

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 – Microsoft Corporation)

VirusTotal Uploader 2.2 (HKLM-x32…VTUploader) (Version:  – )

Vulkan Run Time Libraries 1.0.65.0 (HKLM…VulkanRT1.0.65.0) (Version: 1.0.65.0 – LunarG, Inc.) Hidden

WhatsApp (HKUS-1-5-21-3349319283-1251123490-1320229872-1005…WhatsApp) (Version: 2.2134.10 – WhatsApp)

Windows PC Health Check (HKLM…{8B203035-EEAB-4F30-B65A-6F805463498A}) (Version: 2.1.2106.23002 – Microsoft Corporation)

Windows Software Development Kit – Windows 10.0.17763.132 (HKLM-x32…{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 – Microsoft Corporation)

WinSCP 5.17.10 (HKLM-x32…winscp3_is1) (Version: 5.17.10 – Martin Prikryl)

Packages:

=========

AV1 Video Extension -> C:Program FilesWindowsAppsMicrosoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)

Evernote -> C:Program FilesWindowsAppsEvernote.Evernote_10.20.4.0_x86__q4d96b2w5wcc2 [2021-08-25] (Evernote)

Killer Control Center -> C:Program FilesWindowsAppsRivetNetworks.KillerControlCenter_2.2.3217.0_x64__rh07ty8m5nkag [2021-08-05] (Rivet Networks LLC) [Startup Task]

LinkedIn -> C:Program FilesWindowsApps7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-08-05] (LinkedIn)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-08] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-08] (Microsoft Corporation) [MS Ad]

Microsoft Edge Beta -> C:Program Files (x86)MicrosoftEdge BetaApplication [2021-09-03] (0)

Microsoft Edge Canary -> C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSApplication [2021-09-06] (0)

Microsoft Edge Dev -> C:Program Files (x86)MicrosoftEdge DevApplication [2021-09-06] (0)

Microsoft Extern bureaublad -> C:Program FilesWindowsAppsMicrosoft.RemoteDesktop_10.2.2015.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)

Microsoft Jigsaw -> C:Program FilesWindowsAppsMicrosoft.MicrosoftJigsaw_2.3.6081.0_x86__8wekyb3d8bbwe [2021-08-13] (Microsoft Studios)

Microsoft Mahjong -> C:Program FilesWindowsAppsMicrosoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]

Microsoft Minesweeper -> C:Program FilesWindowsAppsMicrosoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-14] (Microsoft Studios) [MS Ad]

Microsoft Sudoku -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSudoku_2.6.7221.0_x64__8wekyb3d8bbwe [2021-08-14] (Microsoft Studios) [MS Ad]

Microsoft Teams (Preview) -> C:Program FilesWindowsAppsMicrosoftTeams_21239.300.960.1678_x64__8wekyb3d8bbwe [2021-09-06] (Microsoft) [Startup Task]

Microsoft To Do -> C:Program FilesWindowsAppsMicrosoft.Todos_0.52.42393.0_x64__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation)

Microsoft Ultimate Word Games -> C:Program FilesWindowsAppsMicrosoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]

Microsoft.UI.Xaml.CBS -> C:WINDOWSSystemAppsMicrosoft.UI.Xaml.CBS_8wekyb3d8bbwe [2021-08-05] (Microsoft Platform Extensions)

Music Maker Jam -> C:Program FilesWindowsAppsMAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-08-05] (MAGIX)

Nahimic -> C:Program FilesWindowsAppsA-Volute.Nahimic_1.8.8.0_x64__w2gh52qy24etm [2021-08-23] (A-Volute)

Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-10] (Netflix, Inc.)

Norton Studio -> C:Program FilesWindowsAppsSymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2021-08-05] (Symantec Corporation)

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-31] (NVIDIA Corp.)

Paint -> C:Program FilesWindowsAppsMicrosoft.Paint_10.2108.1.0_x64__8wekyb3d8bbwe [2021-08-12] (Microsoft Corporation)

PhotoDirector8 for MSI -> C:Program FilesWindowsAppsCyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2021-08-05] (CyberLink)

Power Automate -> C:Program FilesWindowsAppsMicrosoft.PowerAutomateDesktop_1.0.89.0_x64__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation)

PowerDirector14 for MSI -> C:Program FilesWindowsAppsCyberLink.PowerDirector14forMSI_14.0.5226.0_x64__jtmmp2jxy9gb6 [2021-08-05] (CyberLink)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-08-05] (Realtek Semiconductor Corp)

Translator -> C:Program FilesWindowsAppsMicrosoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)

WhatsApp Desktop -> C:Program FilesWindowsApps5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm [2021-08-26] (WhatsApp Inc.)

Windows Notepad -> C:Program FilesWindowsAppsMicrosoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe [2021-08-12] (Microsoft Corporation)

Windows Terminal -> C:Program FilesWindowsAppsMicrosoft.WindowsTerminal_1.10.2383.0_x64__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation) [Startup Task]

Windows Web Experience Pack -> C:Program FilesWindowsAppsMicrosoftWindows.Client.WebExperience_421.20009.95.0_x64__cw5n1h2txyewy [2021-08-26] (Microsoft Windows)

Windows-beveiliging -> C:Program FilesWindowsAppsMicrosoft.SecHealthUI_1000.22000.1.0_neutral__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)

Xbox -> C:Program FilesWindowsAppsMicrosoft.GamingApp_2105.900.24.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{08b04d72-64db-1a8c-233d-33745a142e7d}localserver32 -> “D:SoftwareProtonVPNProtonVPN.exe” -ToastActivated => No File

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{5EA43877-C6D8-4885-B77A-C0BB27E94372}InprocServer32 -> C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdate1.3.151.27psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{80172dde-4e20-4df0-81a2-0a48553e80bb}localserver32 -> C:UsersMeg de JagerAppDataLocalNhNotifSysnahimicnahimicNotifSys.exe (A-Volute SAS -> A-Volute)

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{81093D63-7825-417B-BFC8-ADC63FA4E53D}InprocServer32 -> C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdate1.3.151.27psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{C1339708-2882-4647-A280-BEC7AF3217B4}InprocServer32 -> C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdate1.3.151.27psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{d936918b-9c4b-555e-074a-c79314be04e1}localserver32 -> C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.exe (Proton Technologies AG -> )

CustomCLSID: HKUS-1-5-21-3349319283-1251123490-1320229872-1005_ClassesCLSID{DAFA040D-F6C0-4A7E-904A-7516DDBF03D8}InprocServer32 -> C:UsersMeg de JagerAppDataLocalMicrosoftEdgeUpdate1.3.147.37psuser_64.dll => No File

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:Program FilesBandizipbdzshl.x64.dll [2021-06-22] (Bandisoft -> Bandisoft International Inc.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:SoftwareNppShell_06.dll [2021-08-21] (Notepad++ -> )

ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:Program FilesBandizipbdzshl.x64.dll [2021-06-22] (Bandisoft -> Bandisoft International Inc.)

ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:Program FilesBandizipbdzshl.x64.dll [2021-06-22] (Bandisoft -> Bandisoft International Inc.)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.165.0815.0001FileSyncShell64.dll [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:Program FilesBandizipbdzshl.x64.dll [2021-06-22] (Bandisoft -> Bandisoft International Inc.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:WINDOWSSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_2cec8fd58a80e6eaigfxDTCM.dll [2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_193f04621e226017nvshext.dll [2021-08-28] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:Program FilesEmsisoft Anti-MalwareA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd -> Emsisoft Ltd)

ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => D:SoftwareRevoRUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.VP60] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

HKLM…Drivers32: [vidc.VP61] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSUser DataDefaultMicrosoft Edge Canary.lnk -> C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSApplicationmsedge.exe (Microsoft Corporation) -> –profile-directory=Default

ShortcutWithArgument: C:UsersMeg de JagerAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarMicrosoft Edge Canary.lnk -> C:UsersMeg de JagerAppDataLocalMicrosoftEdge SxSApplicationmsedge.exe (Microsoft Corporation) -> –profile-directory=Default

ShortcutWithArgument: C:UsersMeg de JagerAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarMicrosoft Edge Dev.lnk -> C:Program Files (x86)MicrosoftEdge DevApplicationmsedge.exe (Microsoft Corporation) -> –profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2021-09-06 16:27 – 2021-09-06 16:27 – 000139776 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp 57bcaae-d26e-484c-b0a2-4f9b1accb21c.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 000176640 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp1c5f4722-9337-415d-a27e-992cabdb9780.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 007750144 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp48d33cf0-df9a-4b89-9e67-c19fd17abaff.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 000139776 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp74529a24-b1bc-4cd7-81ef-a54e9607e5e7.tmp.node

2021-09-06 14:56 – 2021-09-06 14:56 – 000115200 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp80d6d0de-002d-4099-b22a-a96cfda0b7f4.tmp.node

2021-09-06 14:56 – 2021-09-06 14:56 – 000651776 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTemp9eab4343-ab38-4db1-aff1-4ce3444add9e.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 000176640 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTempa565913e-a572-4a7e-8548-a70e255506d6.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 007750144 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTempdb9f28ed-9e2a-4911-ab9e-e159cdd0a9b7.tmp.node

2021-09-06 16:27 – 2021-09-06 16:27 – 000047104 _____ () [File not signed] ?C:UsersMeg de JagerAppDataLocalTempe38c507a-7064-4527-bd22-cda755da33ab.tmp.node

2021-03-05 18:44 – 2021-03-05 18:44 – 000209408 _____ () [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE Softwarequazip.dll

2021-03-05 18:44 – 2021-03-05 18:44 – 000101376 _____ () [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE Softwarezlib.dll

2020-12-15 13:07 – 2020-10-01 07:26 – 000098304 _____ () [File not signed] C:Program FilesMiniTool ShadowMakercoresync.dll

2020-12-15 13:07 – 2019-08-15 06:52 – 000076800 _____ () [File not signed] C:Program FilesMiniTool ShadowMakerSMTPEmail.dll

2021-08-06 18:17 – 2021-07-28 16:57 – 002821120 _____ () [File not signed] C:UsersMeg de JagerAppDataLocalProgramsTweetenffmpeg.dll

2021-08-06 18:17 – 2021-07-28 16:57 – 000446464 _____ () [File not signed] C:UsersMeg de JagerAppDataLocalProgramsTweetenlibegl.dll

2021-08-06 18:17 – 2021-07-28 16:57 – 007900160 _____ () [File not signed] C:UsersMeg de JagerAppDataLocalProgramsTweetenlibglesv2.dll

2017-12-27 11:00 – 2017-12-27 11:00 – 000105984 _____ (A-Volute) [File not signed] C:Program Files (x86)MSIDragon CenterYooMixCOM.dll

2019-08-26 12:55 – 2013-04-04 05:00 – 000391168 _____ (CANON INC.) [File not signed] C:WINDOWSSystem32CNMLMBU.DLL

2019-08-26 12:55 – 2013-01-24 16:24 – 000359936 _____ (CANON INC.) [File not signed] C:WINDOWSSystem32CNMN6PPM.DLL

2020-12-15 13:07 – 2020-10-01 07:26 – 000061952 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:Program FilesMiniTool ShadowMakerChannelNetFileInfo.dll

2020-12-15 13:07 – 2020-10-01 07:26 – 000175104 _____ (Chengdu Speed Digital Technology Co..Ltd.) [File not signed] C:Program FilesMiniTool ShadowMakerFileInfoCommon.dll

2021-01-26 19:56 – 2021-01-26 19:56 – 000000000 ____L (Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16AppVIsvSubsystems64.dll

2021-01-26 19:56 – 2021-01-26 19:56 – 000000000 ____L (Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16c2r64.dll

2015-06-11 19:35 – 2015-06-11 19:35 – 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:Program Files (x86)MSIDragon CenterWinIo64.dll

2017-11-01 22:58 – 2017-11-01 22:58 – 001141248 _____ (Robert Simpson, et al.) [File not signed] C:Program Files (x86)AdguardSQLite.Interop.dll

2020-12-16 09:26 – 2020-12-16 09:26 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE SoftwareSiUSBXp.dll

2021-03-05 18:43 – 2021-03-05 18:43 – 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE Softwarelibcrypto-1_1.dll

2021-03-05 18:43 – 2021-03-05 18:43 – 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE Softwarelibssl-1_1.dll

2020-12-15 13:07 – 2017-09-14 15:40 – 000884736 _____ (The Qt Company Ltd) [File not signed] C:Program FilesMiniTool ShadowMakersqldriversqsqlite.dll

2020-12-15 13:07 – 2020-10-01 07:26 – 001483264 _____ (TODO: <Company name>) [File not signed] C:Program FilesMiniTool ShadowMakercore7z.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalnvdimm.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimal{53966cb1-4d46-4166-bf23-c522403cd495} => “”=”ScmDisk”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworknvdimm.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetwork{53966cb1-4d46-4166-bf23-c522403cd495} => “”=”ScmDisk”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKUS-1-5-21-3349319283-1251123490-1320229872-1005SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE

HKUS-1-5-21-3349319283-1251123490-1320229872-1005SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 – 2021-09-06 14:53 – 000004665 _____ C:WINDOWSsystem32driversetchosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly

0.0.0.0 tracking.opencandy.com.s3.amazonaws.com

0.0.0.0 media.opencandy.com

0.0.0.0 cdn.opencandy.com

0.0.0.0 tracking.opencandy.com

0.0.0.0 api.opencandy.com

0.0.0.0 api.recommendedsw.com

0.0.0.0 rp.yefeneri2.com

0.0.0.0 os.yefeneri2.com

0.0.0.0 os2.yefeneri2.com

0.0.0.0 installer.betterinstaller.com

0.0.0.0 installer.filebulldog.com

0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net

0.0.0.0 inno.bisrv.com

0.0.0.0 nsis.bisrv.com

0.0.0.0 cdn.file2desktop.com

0.0.0.0 cdn.goateastcach.us

0.0.0.0 cdn.guttastatdk.us

0.0.0.0 cdn.inskinmedia.com

0.0.0.0 cdn.insta.oibundles2.com

0.0.0.0 cdn.insta.playbryte.com

0.0.0.0 cdn.llogetfastcach.us

0.0.0.0 cdn.montiera.com

0.0.0.0 cdn.msdwnld.com

0.0.0.0 cdn.mypcbackup.com

0.0.0.0 cdn.ppdownload.com

0.0.0.0 cdn.riceateastcach.us

0.0.0.0 cdn.shyapotato.us

0.0.0.0 cdn.solimba.com

0.0.0.0 cdn.tuto4pc.com

2020-12-12 17:39 – 2021-09-06 14:53 – 000000485 _____ C:WINDOWSsystem32driversetchosts.ics

172.26.16.1 Meg.mshome.net # 2026 8 5 14 17 14 7 735

172.24.96.1 MSI.mshome.net # 2026 9 6 5 12 53 53 972

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> C:Program Files (x86)IntelIntel® Management Engine ComponentsiCLS;C:Program FilesIntelIntel® Management Engine ComponentsiCLS;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesIntelWiFibin;C:Program FilesCommon FilesIntelWirelessCommon;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Files (x86)PowerShell7;D:SoftwarePuTTY;C:Program Filesdotnet

HKUS-1-5-21-3349319283-1251123490-1320229872-1005Control PanelDesktopWallpaper -> C:UsersMeg de JagerAppDataLocalMicrosoftBingWallpaperAppWPImages20210906.jpg

HKUS-1-5-21-3349319283-1251123490-1320229872-500Control PanelDesktopWallpaper -> C:WINDOWSwebwallpaperWindowsimg0.jpg

DNS Servers: 10.24.0.1 – 195.121.1.34

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AGMService => 2

MSCONFIGServices: AGSService => 2

MSCONFIGServices: GoogleChromeBetaElevationService => 3

MSCONFIGServices: GoogleChromeElevationService => 3

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: MozillaMaintenance => 3

MSCONFIGServices: Origin Client Service => 3

MSCONFIGServices: Origin Web Helper Service => 2

MSCONFIGServices: ss_conn_launcher_service => 3

MSCONFIGServices: ss_conn_service => 2

MSCONFIGServices: ss_conn_service2 => 2

MSCONFIGServices: Steam Client Service => 3

HKLM…StartupApprovedStartupFolder: => “AnyDesk.lnk”

HKLM…StartupApprovedRun: => “AdobeGCInvoker-1.0”

HKLM…StartupApprovedRun: => “AdobeAAMUpdater-1.0”

HKLM…StartupApprovedRun32: => “Razer Synapse”

HKLM…StartupApprovedRun32: => “IJNetworkScannerSelectorEX”

HKLM…StartupApprovedRun32: => “Jabra Direct”

HKLM…StartupApprovedRun32: => “CClipboard”

HKLM…StartupApprovedRun32: => “AdobeCS6ServiceManager”

HKUS-1-5-21-3349319283-1251123490-1320229872-1005…StartupApprovedRun: => “OneDrive”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E86FDF53-5D9F-4DE8-85C4-ACD7975589EF}] => (Allow) C:Program Files (x86)MacroRecorderMacroRecorder.exe (Bartels Media GmbH -> )

FirewallRules: [{02F797BC-5D74-4ACC-982F-0FDE87E0D397}] => (Block) D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [{3E21BE64-3D65-49D5-9ED5-CD0A5CF3A0E5}] => (Block) D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [UDP Query User{4E424401-AED5-4413-899C-8307F277E80F}D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [TCP Query User{567A107B-0CD2-48B6-A0B2-68638D0F785B}D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) D:minecraftruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [{136943A5-3C78-4D27-AA48-817CCEF8F1D3}] => (Allow) C:Program Files (x86)SamsungSamsung DeXSamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

FirewallRules: [{87E56A17-E498-4701-9352-A7F1CAB78EA7}] => (Allow) C:Program Files (x86)SamsungSamsung DeXSamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

FirewallRules: [{D516E7E1-0AB7-45E7-921B-F1847405B707}] => (Allow) D:Steam GamessteamappscommonGrand Theft Auto San Andreasgta-sa.exe () [File not signed]

FirewallRules: [{E50C6D15-43D1-4DF7-AB71-E8C1E94328FD}] => (Allow) D:Steam GamessteamappscommonGrand Theft Auto San Andreasgta-sa.exe () [File not signed]

FirewallRules: [UDP Query User{6BC83A73-17A4-43DB-B901-69BB66F354AE}C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe] => (Block) C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe => No File

FirewallRules: [TCP Query User{7FFD0281-1ED8-4812-AEA4-FE90A65CF7AB}C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe] => (Block) C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe => No File

FirewallRules: [{974DC4DC-7B65-44E4-AF91-C8BBA2F8B35F}] => (Allow) D:Steam GamessteamappscommonFoundationfoundation.exe (Polymorph Games) [File not signed]

FirewallRules: [{B80FBBB0-E375-46A7-985C-7A392BB50636}] => (Allow) D:Steam GamessteamappscommonFoundationfoundation.exe (Polymorph Games) [File not signed]

FirewallRules: [{BFBA7998-28A2-4804-83FC-75CE86604BBC}] => (Allow) D:Steam GamessteamappscommonHouse FlipperHouseFlipper.exe () [File not signed]

FirewallRules: [{FA108DD7-5A21-4B4C-8F7C-85EC22CF6755}] => (Allow) D:Steam GamessteamappscommonHouse FlipperHouseFlipper.exe () [File not signed]

FirewallRules: [{E681CA05-8F3F-4586-9929-AADFCB249A28}] => (Allow) D:TeamviewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{81AF4420-F6B3-4850-B5BA-103C746CB7A7}] => (Allow) D:TeamviewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{2847DE2E-718A-4E3B-8C9F-34183A04FD80}] => (Allow) D:TeamviewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{624CD505-926A-4201-A820-9EB120927BE7}] => (Allow) D:TeamviewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [UDP Query User{F815838C-82AE-4922-985D-B36807F2647E}C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe] => (Allow) C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe => No File

FirewallRules: [TCP Query User{F3F773B4-E1B1-437A-883F-B1ED82687338}C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe] => (Allow) C:usersmarkappdatalocalmicrosoftedge sxsapplicationmsedge.exe => No File

FirewallRules: [{F433BD45-E0E3-4B36-A717-3A984B27CD83}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{410000D3-D3A0-416C-BEEF-15AD324FDC74}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{1E520114-5150-45AC-8298-61DB0C14AA39}] => (Allow) LPort=57209

FirewallRules: [{E7661230-C9AC-412B-97FD-0377021088E5}] => (Allow) LPort=57209

FirewallRules: [{FF19AF5E-3677-468A-A115-520AEFD504A2}] => (Allow) C:Program Files (x86)SamsungSideSync4SideSync.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [{53AFD4B4-DF62-4DCC-A30C-3CBEED7B4A18}] => (Allow) C:Program Files (x86)SamsungSideSync4SideSync.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [UDP Query User{7852EF51-0B70-4ADD-BE86-6302C47A8FD1}C:usersmarkappdatalocalvysorapp-2.1.2vysor.exe] => (Allow) C:usersmarkappdatalocalvysorapp-2.1.2vysor.exe => No File

FirewallRules: [TCP Query User{919F4684-B863-491A-A23B-C68396CB5395}C:usersmarkappdatalocalvysorapp-2.1.2vysor.exe] => (Allow) C:usersmarkappdatalocalvysorapp-2.1.2vysor.exe => No File

FirewallRules: [{C7463CD1-A54D-41BA-AEAC-AE48E133E4B2}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{956D4909-46FF-4B81-9454-852DD22B4C93}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [UDP Query User{D47D5015-DA85-454D-9D28-4C4AC8BC31F4}C:program files (x86)msidragon centerdragon center.exe] => (Allow) C:program files (x86)msidragon centerdragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]

FirewallRules: [TCP Query User{35518A85-282C-4CD8-9C95-8D1227D0786B}C:program files (x86)msidragon centerdragon center.exe] => (Allow) C:program files (x86)msidragon centerdragon center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]

FirewallRules: [{28AF77FA-E54D-402C-8F1A-117FAF897D75}] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )

FirewallRules: [{834886CD-F3BB-4F96-ABEA-89272CDAB70E}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{86B371E9-1CFB-4D96-8C27-F3D46041D25C}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{D20096F8-BA93-4BFA-8FD2-1EB028A4F5AC}C:usersmarkappdataroamingspotifyspotify.exe] => (Allow) C:usersmarkappdataroamingspotifyspotify.exe => No File

FirewallRules: [UDP Query User{E72DB07C-2558-4EC6-B264-348D07B4BDFD}C:usersmarkappdataroamingspotifyspotify.exe] => (Allow) C:usersmarkappdataroamingspotifyspotify.exe => No File

FirewallRules: [{B781EAAA-6034-4C46-B767-3879BFD2C25D}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{AAED96EC-2A1A-4FD4-8AF1-050B644EEC4A}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{8CD90870-BA3F-45CF-A4C9-DCDCE2621681}D:minecraftruntimejre-x64binjavaw.exe] => (Allow) D:minecraftruntimejre-x64binjavaw.exe

FirewallRules: [UDP Query User{C06BA61A-AC23-4259-8882-011BC5E5F3A8}D:minecraftruntimejre-x64binjavaw.exe] => (Allow) D:minecraftruntimejre-x64binjavaw.exe

FirewallRules: [{536C7168-AA7A-47F0-9BB8-0A1341948CC1}] => (Allow) C:Program Files (x86)AdguardAdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)

FirewallRules: [TCP Query User{C7195DEA-4582-4DF4-94FF-947B00853365}D:windows kitsdebuggersx64windbg.exe] => (Allow) D:windows kitsdebuggersx64windbg.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{8D0C8F80-9819-47E6-AE34-C4CE9E0E61BA}D:windows kitsdebuggersx64windbg.exe] => (Allow) D:windows kitsdebuggersx64windbg.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{FB800790-D1F4-4C3B-9BEF-F2330D9AB8A0}] => (Allow) C:Program FilesHPHP ENVY 5000 seriesBinDeviceSetup.exe (HP Inc -> HP Inc.)

FirewallRules: [{02A963BE-3079-4049-A4DE-E79051F06282}] => (Allow) LPort=5357

FirewallRules: [{4C782A1C-B105-49F1-8A43-EC9A956E69EC}] => (Allow) C:Program FilesHPHP ENVY 5000 seriesBinHPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)

FirewallRules: [TCP Query User{3889329B-D41C-4ED0-8762-2ADB06A36F34}D:minecraftruntimejre-x64binjavaw.exe] => (Allow) D:minecraftruntimejre-x64binjavaw.exe

FirewallRules: [UDP Query User{E055BC62-042B-4D78-801F-0A490DF10585}D:minecraftruntimejre-x64binjavaw.exe] => (Allow) D:minecraftruntimejre-x64binjavaw.exe

FirewallRules: [{3CD2CBDF-045D-493F-BF9B-00DBD3F45B83}] => (Allow) D:GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{3C6B009F-ECD2-4354-879A-F8E8F8A899BF}] => (Allow) D:GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{E904472B-6EF8-4941-9074-10B3FDBD39A1}] => (Allow) D:GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{E4362980-9EB8-4F85-A1C9-65B05ADA3D57}] => (Allow) D:GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{32BC3111-1C36-4E1A-BA72-F8E0EF12AEEB}] => (Allow) C:Program Files (x86)SteamsteamappscommonPeggle DeluxePeggle.exe (PopCap Games -> )

FirewallRules: [{A1F0284A-9E05-472F-9214-E5041F10F66D}] => (Allow) C:Program Files (x86)SteamsteamappscommonPeggle DeluxePeggle.exe (PopCap Games -> )

FirewallRules: [TCP Query User{BBD87D4D-2305-41D0-BD59-78A7EC60DC34}C:usersmeg de jagerappdataroamingspotifyspotify.exe] => (Allow) C:usersmeg de jagerappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{DFED8A88-D0FA-4234-857B-E3C1045CB602}C:usersmeg de jagerappdataroamingspotifyspotify.exe] => (Allow) C:usersmeg de jagerappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{61650B04-EDE9-4FAC-B297-E7D788B0F4AD}] => (Block) C:usersmeg de jagerappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{25E804E0-0C3E-4EBC-B8E9-0CAFB63CD58F}] => (Block) C:usersmeg de jagerappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{1E8A0090-439C-4B31-9798-69CB53CF561E}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{29E25087-B8BB-4775-9C3B-D8F576045B76}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{3F627CF8-94F5-4A4E-85AD-894EB2D862ED}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{6C309A5B-2ED0-4C10-BF1E-CB06733E1B9A}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{BCE999DA-3595-468C-A49C-F6525C280884}] => (Allow) D:TeamviewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{80307CE8-5F64-448A-9DA9-362F6EF4836F}] => (Allow) D:TeamviewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{532C16B6-7B32-4124-840D-62740AA29F89}] => (Allow) D:TeamviewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{625BD6BE-FB87-49A8-9AF2-3CFC1436011A}] => (Allow) D:TeamviewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{72376B35-F5E4-4F4C-97E5-FD39911F3291}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{CE712B00-C74F-436F-9845-07FBAEC756D3}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{82654918-390D-4DD6-9D95-DC3FCDA2F793}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{BAF9E998-2235-48ED-8016-00B7DB36C3ED}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{1A842AB7-B230-4C6B-B0AE-058BB569618B}] => (Allow) D:Steam GamessteamappscommonMini MotorwaysMini Motorways.exe () [File not signed]

FirewallRules: [{52B1F942-D60C-407E-A553-E74EA91F9CDB}] => (Allow) D:Steam GamessteamappscommonMini MotorwaysMini Motorways.exe () [File not signed]

FirewallRules: [{332588B3-D8A5-4148-B28F-1063563D0840}] => (Allow) D:Steam GamessteamappscommonCity Game StudioCityGameStudio64.exe (City Game Studio) [File not signed]

FirewallRules: [{8D9E01FE-CA04-4D73-B722-141B32836540}] => (Allow) D:Steam GamessteamappscommonCity Game StudioCityGameStudio64.exe (City Game Studio) [File not signed]

FirewallRules: [{67FA36D5-1F00-4CCF-91BC-0568A032E392}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{2193B012-1780-4B24-BAE2-6FEC1320FB70}] => (Allow) C:Program Files (x86)MicrosoftEdge DevApplicationmsedge.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D4D85FFC-E0A0-48A6-A2D9-C1C36EC7BC8F}] => (Allow) C:Program Files (x86)MicrosoftEdge DevApplication95.0.997.1msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9AEC9C86-65D9-4681-9CB5-6FD664C64FB7}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{78A523D8-4167-4DE1-9ED0-7DFE66E77E9B}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplicationmsedge.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{94E71187-43A8-4020-8AFB-428FF5D1BE42}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication94.0.992.9msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{CE8EED02-5F6C-4FCF-8C00-614A77940AC4}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication93.0.961.38msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9996AEC0-FD86-4412-B255-825B40A82290}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21239.300.960.1678_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{22B3D8BD-862D-4D6E-B5AD-77D00ECCBCA1}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21239.300.960.1678_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D8B38CA3-7700-4FBB-A548-03CB89EFC916}] => (Allow) D:Steam GamessteamappscommonPlanet ZooPlanetZoo.exe (Frontier Developments) [File not signed]

FirewallRules: [{9FCF42C2-BEC9-4FD3-9930-354A14CA2242}] => (Allow) D:Steam GamessteamappscommonPlanet ZooPlanetZoo.exe (Frontier Developments) [File not signed]

FirewallRules: [{E66C50A9-4251-458F-812B-2EC19A6868B5}] => (Allow) C:Program FilesMiniTool ShadowMakerAgentService.exe (MiniTool Software Limited -> )

FirewallRules: [{7D25D3B5-B91E-4C55-9708-A08E43E75FA1}] => (Allow) C:Program FilesMiniTool ShadowMakerAgentService.exe (MiniTool Software Limited -> )

==================== Restore Points =========================

03-09-2021 16:55:51 Installatieprogramma voor Windows-modules

06-09-2021 14:42:24 Revo Uninstaller Pro’s restore point – Windows 10 Update Assistant

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (09/06/2021 02:42:23 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Toegang geweigerd.

.

This is often caused by incorrect security settings in either the writer or requestor process.

Bewerking:

   Schrijvergegevens verzamelen

Context:

   Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}

   Naam van schrijver: System Writer

   Instantie-id van schrijver: {9581eb4a-2822-4fb8-8a2d-0f4cc8be132a}

Error: (09/06/2021 11:28:55 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for “C:Program Files (x86)SamsungSideSync4SideSync.exe”.Error in manifest or policy file “” on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:WINDOWSWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.

Component 2: C:WINDOWSWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (09/06/2021 11:28:53 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for “C:Program Files (x86)SamsungSideSync4SideSync.exe”.Error in manifest or policy file “” on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:WINDOWSWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.

Component 2: C:WINDOWSWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (09/06/2021 11:28:53 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for “C:Program Files (x86)SamsungSideSync4SideSync.exe”.Error in manifest or policy file “” on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:WINDOWSWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.

Component 2: C:WINDOWSWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (09/06/2021 11:27:22 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Systeem wordt afgesloten.

]

Error: (09/06/2021 11:27:22 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, Systeem wordt afgesloten.

.

Error: (09/06/2021 11:27:22 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Systeem wordt afgesloten.

]

Error: (09/06/2021 10:47:47 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Dragon Center.exe, version: 2.1.1804.1102, time stamp: 0x5acdf914

Faulting module name: ntdll.dll, version: 10.0.22000.120, time stamp: 0x50702a8c

Exception code: 0xc0000374

Fault offset: 0x000000000010be19

Faulting process id: 0x5a10

Faulting application start time: 0x01d7a2faccf8e5d3

Faulting application path: C:Program Files (x86)MSIDragon CenterDragon Center.exe

Faulting module path: C:WINDOWSSYSTEM32ntdll.dll

Report Id: 56843146-fad1-4414-b219-9c19a9396791

Faulting package full name:

Faulting package-relative application ID:

System errors:

=============

Error: (09/06/2021 04:05:54 PM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{1EC8B9FF-BD86-4FC3-BB56-274332412004} because another computer on the network has the same name.  The server could not start.

Error: (09/06/2021 02:53:47 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000009f (0x0000000000000003, 0xffff800b2d121120, 0xfffffb878dcaf6d0, 0xffff800b331bd050). A dump was saved in: C:WINDOWSMEMORY.DMP. Report Id: 00000000-0000-0000-0000-000000000000.

Error: (09/06/2021 02:53:47 PM) (Source: BugCheck) (EventID: 1005) (User: )

Description: Unable to produce a minidump file from the full dump file.

Error: (09/06/2021 02:53:36 PM) (Source: volmgr) (EventID: 161) (User: )

Description: Dump file creation failed due to error during dump creation.

Error: (09/06/2021 02:53:36 PM) (Source: volmgr) (EventID: 161) (User: )

Description: Dump file creation failed due to error during dump creation.

Error: (09/06/2021 02:53:47 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 14:52:58 on ‎6-‎9-‎2021 was unexpected.

Error: (09/06/2021 11:26:55 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{1EC8B9FF-BD86-4FC3-BB56-274332412004} because another computer on the network has the same name.  The server could not start.

Error: (09/06/2021 10:39:09 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{05CE8D63-A6B6-4387-985A-3E1A4C6347DD} because another computer on the network has the same name.  The server could not start.

CodeIntegrity:

===============

Date: 2021-09-06 16:40:15

Description:

Code Integrity determined that a process (DeviceHarddiskVolume5WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume5Program FilesEmsisoft Anti-Malwareeppcom64.dll that did not meet the Windows signing level requirements. ਍

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16JEIMS.109 05/22/2019

Motherboard: Micro-Star International Co., Ltd. MS-16JE

Processor: Intel® Core™ i7-8750H CPU @ 2.20GHz

Percentage of memory in use: 59%

Total physical RAM: 16230.25 MB

Available physical RAM: 6509.98 MB

Total Virtual: 19174.25 MB

Available Virtual: 5165.11 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:145.62 GB) NTFS

Drive d: (It’s a place for stuff.) (Fixed) (Total:911.33 GB) (Free:675.05 GB) NTFS

?Volume{21872679-6c3c-401b-b6a8-7289622b0d18} (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.39 GB) NTFS

?Volume{5ce91e38-4776-4139-921f-6c9d63d39ce7} (BIOS_RVY) (Fixed) (Total:20.18 GB) (Free:0.17 GB) NTFS

?Volume{6c370b59-3ba6-4a15-8d7d-41006d4bf56f} (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 238.5 GB) (Disk ID: 8C26812D)

Partition: GPT.

==========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: 8C26810B)

Partition: GPT.

==================== End of Addition.txt =======================



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW