Hey! Im actually not sure what the problem might be, but it feels like my motherboard loads up a infected version of Windows. I believe it started with a phyton script i wrote using chatgpt (i know, very stupid) to help me organise and delete double mp3 files. After that I started noticing frame drops in games and overall performance issues with my PC (boot time, cpu usage 100 percent). And also my Registry looks corrupted and it feels like there are different accounts that are still on my machine even tho I re installed windows multiple times. My taskmanager keeps showing SearchHost.exe with a lot of processes im not familiar with.
Hope this can be fixed.
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19.04.2024 01
Gestart door soera (Beheerder) op INFLUX (Micro-Star International Co., Ltd MS-7C02) (21-04-2024 16:53:12)
Gestart vanaf C:\Users\soera\Downloads\FRST64.exe
Geladen Profielen: soera
Platform: Microsoft Windows 11 Pro Versie 23H2 22631.3447 (X64) Taal: Nederlands (Nederland)
Standaardbrowser niet gedetecteerd!
Boot Modus: Normal
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.146.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(explorer.exe ->) (CPUID -> CPUID) C:\Program Files\CPUID\CPU-Z\cpuz.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (CYBELSOFT -> ) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_84b2c943d6816eb7\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
==================== Register (gefilterd) ===================
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [AweSun] => "C:\Program Files\Aweray\AweSun\AweSun.exe" --cmd=autorun (Geen bestand)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [906840 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [15447376 2024-04-09] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe [1964344 2024-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [Bestand niet getekend]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrictie <==== AANDACHT
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\Run: [OneDrive] => "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (Geen bestand)
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [71141272 2024-04-16] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\Run: [RazerAppEngine] => "C:\Program Files\Razer\RazerAppEngine\RazerAppEngine.exe" --url-params=apps=synapse --launch-force-hidden=synapse --autoStart=1 (Geen bestand)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (Geen bestand)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.124\Installer\chrmstp.exe [2024-04-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ableton Push Control Panel Autostart.lnk [2024-04-10]
ShortcutTarget: Ableton Push Control Panel Autostart.lnk -> C:\Program Files\Ableton\Push Driver\x64\AbletonPushCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT
==================== Geplande Taken (gefilterd) =================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {515EE96E-8DF3-498E-908E-82DC4E5BC1BE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2024-02-12] (Advanced Micro Devices Inc. -> )
Task: {2DFCF230-90D5-4090-8978-9B8E66E063A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {CE858C41-5638-4E4D-9662-10CBC4110945} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5381288 2024-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {89775236-973F-46E1-B6D9-204B3CE98D7C} - System32\Tasks\GoogleUpdateTaskMachineCore{B9D4C5A8-6E86-4404-9627-7DCDCEACED90} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-26] (Google LLC -> Google LLC)
Task: {C5C1F39F-A65A-434A-8384-88ECAD28C49E} - System32\Tasks\GoogleUpdateTaskMachineUA{8F2AE696-BBD4-420E-AF41-7605FBF6D716} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-26] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Geen bestand)
Task: {925A0CA1-5B20-4D43-A084-46A471EF9357} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {110F7C6F-75A2-441B-A115-CDD62A2D9562} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {10A4A36B-03D9-45CF-A0C0-5BB190A1BF51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FBD861F8-49A3-44DF-9CC4-B9A1F6F4D31D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D47EB3E-D90D-4590-A332-F93B52C7DD44} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [104552 2023-08-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {8A089472-FBB1-40E5-B62C-47AA2BA68020} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [104552 2023-08-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {E6BF5070-F8B8-4683-ABC8-876F4B44DAD0} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {94BC3C46-72CA-4017-8916-C40A157502FA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1DDB3268-2E03-4715-83F8-B5E0718AA604} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5867D463-1727-455A-B188-D12A903AE745} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {0E614E82-D45F-4C47-A9A8-49F8E3DD08B6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98F587E1-8774-4971-91C9-5D812797B3D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1FDC2B2-8230-47A2-B240-DB75CC6A5325} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11179005-66E0-4BDD-8F1C-3689315ED243} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAE2A156-02BB-4E09-9867-2C5659425395} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4F97A5D-D36F-4565-8BB2-B54F0B083489} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E4F4E6A-FB96-41E0-B937-1A7CD1627F94} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1972111791-3876880343-3799735429-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Geen bestand)
Task: {B5B00C89-21CB-4688-A207-A50925D93A36} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1972111791-3876880343-3799735429-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand)
Task: {72849087-2CEF-40F8-85AB-48AD6AF2D0D6} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Geen bestand
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Geen bestand
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Geen bestand
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Geen bestand
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{fb5e600e-2620-4187-8012-6bdd50aed78a}: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{fb5e600e-2620-4187-8012-6bdd50aed78a}: [DhcpDomain] kpn
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\soera\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\soera\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-04-11]
Edge Extension: (Offline Documenten) - C:\Users\soera\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\soera\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-26]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\soera\AppData\Local\Google\Chrome\User Data\Default [2024-04-21]
CHR Notifications: Default -> hxxps://messages.google.com; hxxps://tinder.com; hxxps://www.tiktok.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.google.nl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-11]
CHR Extension: (Shazam: vind songs via je browser) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-03-26]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-26]
CHR Profile: C:\Users\soera\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-04-19]
CHR Notifications: Profile 1 -> hxxps://meet.google.com
CHR Extension: (Offline Documenten) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\soera\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-26]
CHR Profile: C:\Users\soera\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-21]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S4 AweSunService; C:\Program Files\Aweray\AweSun\AweSun.exe [24558672 2024-03-26] (AWERAY PTE. LTD. -> AweRay Limited)
S4 CamoService; C:\Program Files (x86)\Camo Studio\Service\CamoService.exe [102384 2024-03-11] (Reincubate Limited -> Reincubate)
R2 DriversCloudAgent; C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe [1803744 2024-04-07] (CYBELSOFT -> )
S4 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [141712 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147696 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_84b2c943d6816eb7\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-04-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Razer Elevation Service; C:\Program Files\Razer\razer_elevation_service\razer_elevation_service.exe [2009352 2024-03-08] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2023-06-14] (Razer USA Ltd. -> Razer Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522080 2024-03-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1500608 2023-09-18] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S2 MBAMService; "F:\Virus\MBAMService.exe" [X]
S3 MBVpnTunnelService; "F:\Virus\MBVpnTunnelService.exe" [X]
S4 MSI_Center_Service; "C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe" [X]
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 camodriver; C:\WINDOWS\System32\DriverStore\FileRepository\camodriver.inf_amd64_99bad0a66e30f6f3\x64\camodriver.sys [36912 2024-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Reincubate Ltd.)
R3 Camo_e070661c-ac3f-4aae-aa3f-7d4e8ded5142; C:\WINDOWS\System32\drivers\vacrnckd.sys [193120 2024-03-11] (Muzychenko Evgenii Viktorovich, IP -> )
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== AANDACHT
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 DriversCloud_amd64; C:\Program Files\Cybelsoft\DriversCloud.com\Drivers\DriversCloud_amd64.sys [24768 2024-02-09] (Cybelsoft -> CybelSoft)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
S3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [106208 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [170312 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [109896 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\WINDOWS\System32\drivers\FocusriteUsbSwRoot.sys [112968 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157736 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71248 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [32600 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [32584 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 RTCore64; C:\ProgramData\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64880 2023-09-26] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0098; C:\WINDOWS\System32\drivers\RzDev_0098.sys [56168 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43568 2024-03-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44480 2024-03-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== AANDACHT
S3 NTIOLib_CC_CPU; \??\C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een maand (aangemaakt) (gefilterd) =========
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
2024-04-21 16:53 - 2024-04-21 16:54 - 000026644 _____ C:\Users\soera\Downloads\FRST.txt
2024-04-21 16:52 - 2024-04-21 16:52 - 002394112 _____ (Farbar) C:\Users\soera\Downloads\FRST64.exe
2024-04-21 16:52 - 2024-04-21 16:52 - 000789932 _____ C:\WINDOWS\system32\perfh013.dat
2024-04-21 16:52 - 2024-04-21 16:52 - 000155370 _____ C:\WINDOWS\system32\perfc013.dat
2024-04-21 16:40 - 2024-04-21 16:41 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-04-21 16:40 - 2024-01-11 00:49 - 006115184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-04-21 16:37 - 2024-04-21 16:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-04-21 16:37 - 2024-04-21 16:40 - 000000000 ____D C:\Program Files (x86)\Realtek
2024-04-21 16:37 - 2023-08-24 23:00 - 001296760 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2024-04-21 15:22 - 2024-04-21 15:22 - 000000000 ____D C:\RegBackup
2024-04-21 14:46 - 2024-04-21 14:46 - 000000000 ____D C:\Users\soera\Documents\MAXON
2024-04-21 14:46 - 2024-04-21 14:46 - 000000000 ____D C:\Users\soera\AppData\Roaming\Maxon
2024-04-21 14:41 - 2024-04-21 14:41 - 000000000 ____D C:\Users\soera\AppData\Local\tw-236c-1d0c-16cf24.tmp
2024-04-21 14:34 - 2024-04-21 14:34 - 000000000 ____D C:\WINDOWS\LastGood
2024-04-21 14:32 - 2024-04-12 04:05 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-04-21 14:32 - 2024-04-12 04:05 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-04-21 14:31 - 2024-04-12 17:24 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-21 14:31 - 2024-04-12 17:24 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-04-21 14:31 - 2024-04-12 17:24 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-21 14:31 - 2024-04-12 17:24 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-04-21 14:31 - 2024-04-12 17:24 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-04-21 14:31 - 2024-04-12 17:24 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-04-21 14:31 - 2024-04-12 17:24 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-04-21 14:31 - 2024-04-12 17:24 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-21 14:31 - 2024-04-12 17:24 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-04-21 14:31 - 2024-04-12 17:24 - 001226864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-04-21 14:31 - 2024-04-12 17:20 - 001543288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-04-21 14:31 - 2024-04-12 17:20 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-04-21 14:31 - 2024-04-12 17:20 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-04-21 14:31 - 2024-04-12 17:20 - 000842376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-04-21 14:31 - 2024-04-12 17:20 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-04-21 14:31 - 2024-04-12 17:20 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 016034848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 012930080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 002174600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 001024648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 000787568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-04-21 14:31 - 2024-04-12 17:19 - 000459808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-04-21 14:31 - 2024-04-12 17:18 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-04-21 14:31 - 2024-04-12 17:18 - 005913736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-04-21 14:31 - 2024-04-12 17:18 - 005772912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-04-21 14:31 - 2024-04-12 17:18 - 003721328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-04-21 14:31 - 2024-04-12 17:18 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-04-21 14:15 - 2024-04-21 14:15 - 000000000 ____D C:\NVIDIA
2024-04-21 14:13 - 2024-04-21 14:13 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2024-04-21 14:13 - 2024-04-21 14:13 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2024-04-21 14:13 - 2024-04-21 14:13 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-04-21 14:12 - 2024-04-21 16:42 - 000000000 ____D C:\MSI
2024-04-21 14:12 - 2024-04-21 14:13 - 000000000 ____D C:\Program Files\ENE
2024-04-21 14:08 - 2024-04-21 14:08 - 665427984 _____ (NVIDIA Corporation) C:\Users\soera\Downloads\552.22-desktop-win10-win11-64bit-international-dch-whql.exe
2024-04-21 14:06 - 2024-04-21 14:06 - 000000000 ____D C:\Users\soera\AppData\Local\driverscloud
2024-04-21 14:05 - 2024-04-21 14:06 - 000000000 ____D C:\ProgramData\driverscloud.com
2024-04-21 14:05 - 2024-04-21 14:05 - 000001195 _____ C:\Users\Public\Desktop\DriversCloud (64).lnk
2024-04-21 14:05 - 2024-04-21 14:05 - 000000902 _____ C:\Users\Public\Desktop\DriversCloud - Start the detection.lnk
2024-04-21 14:05 - 2024-04-21 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2024-04-21 14:05 - 2024-04-21 14:05 - 000000000 ____D C:\Program Files\Cybelsoft
2024-04-21 12:16 - 2024-04-21 12:16 - 000003092 _____ C:\WINDOWS\system32\Tasks\RTSS
2024-04-20 21:22 - 2024-04-20 21:22 - 000000923 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2024-04-20 21:22 - 2024-04-20 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2024-04-20 21:22 - 2024-04-20 21:22 - 000000000 ____D C:\Program Files\CPUID
2024-04-20 20:08 - 2024-04-20 20:08 - 000000000 ____D C:\Users\soera\AppData\Roaming\NVIDIA
2024-04-20 19:53 - 2024-04-20 21:21 - 000000201 _____ C:\WINDOWS\system32\local.txt
2024-04-20 19:53 - 2024-04-20 19:53 - 000000185 _____ C:\WINDOWS\system32\prime.txt
2024-04-20 19:29 - 2024-04-20 19:29 - 000000000 ____D C:\Users\soera\AppData\Local\ElevatedDiagnostics
2024-04-20 19:18 - 2024-04-20 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-04-20 19:18 - 2024-04-20 19:18 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-04-20 19:13 - 2024-04-21 16:46 - 000000000 ____D C:\Users\soera\AppData\Roaming\steelseries-gg-client
2024-04-20 19:13 - 2024-04-12 17:17 - 006948552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-04-20 19:13 - 2024-04-12 17:17 - 006035152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-04-20 19:13 - 2024-04-12 04:05 - 000119466 _____ C:\WINDOWS\system32\nvinfo.pb
2024-04-20 19:08 - 2024-04-20 19:08 - 000000000 ____D C:\Users\soera\AppData\Roaming\razerappengine
2024-04-20 19:08 - 2024-04-20 19:08 - 000000000 ____D C:\ProgramData\SteelSeries
2024-04-20 18:50 - 2024-04-21 12:16 - 000000000 ____D C:\ProgramData\RivaTuner Statistics Server
2024-04-20 18:50 - 2024-04-20 18:50 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2024-04-20 18:49 - 2024-04-20 18:56 - 000000000 ____D C:\ProgramData\MSI Afterburner
2024-04-20 18:49 - 2024-04-20 18:49 - 000000887 _____ C:\Users\soera\Desktop\MSI Afterburner.lnk
2024-04-20 18:49 - 2024-04-20 18:49 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2024-04-20 18:38 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-04-20 18:19 - 2024-04-20 21:17 - 000002228 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2024-04-20 18:19 - 2024-04-20 18:19 - 000003492 _____ C:\WINDOWS\system32\Tasks\AMDAutoUpdate
2024-04-20 18:19 - 2024-04-20 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2024-04-20 18:19 - 2024-04-20 18:19 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2024-04-20 18:19 - 2024-04-20 18:19 - 000000000 ____D C:\ProgramData\AMD
2024-04-20 16:01 - 2024-04-20 16:01 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2024-04-20 15:55 - 2024-04-20 19:28 - 000007608 _____ C:\Users\soera\AppData\Local\resmon.resmoncfg
2024-04-20 14:44 - 2024-04-20 19:07 - 000000000 ____D C:\Program Files\Razer
2024-04-19 22:34 - 2024-04-20 14:34 - 000000000 ____D C:\Users\soera\AppData\Local\AMD
2024-04-19 22:31 - 2024-04-19 22:31 - 000000000 ____D C:\Users\soera\AppData\Roaming\AMD
2024-04-19 22:31 - 2024-04-19 22:31 - 000000000 ____D C:\Users\soera\AppData\Local\setup
2024-04-19 22:30 - 2024-04-19 22:30 - 000000000 ____D C:\Users\soera\AppData\Local\AMD_Common
2024-04-19 22:30 - 2024-04-19 22:30 - 000000000 ____D C:\Program Files (x86)\AMD
2024-04-19 22:23 - 2024-04-21 14:11 - 000000000 ____D C:\Users\soera\AppData\Local\Downloaded Installations
2024-04-19 22:23 - 2024-04-21 14:11 - 000000000 ____D C:\Program Files\AMD
2024-04-19 22:23 - 2014-04-30 16:23 - 000011248 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2024-04-19 22:20 - 2024-04-21 14:08 - 000000000 ____D C:\ProgramData\MSI
2024-04-19 22:17 - 2024-04-20 15:58 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-04-19 22:15 - 2024-04-20 16:04 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-04-17 17:17 - 2024-04-17 17:17 - 000000000 ____D C:\Users\soera\ansel
2024-04-17 17:16 - 2024-04-20 18:39 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:16 - 2024-04-20 18:39 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:16 - 2024-04-20 18:39 - 000001456 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2024-04-17 17:16 - 2024-04-20 13:25 - 000000000 ____D C:\Users\soera\AppData\Local\NVIDIA Corporation
2024-04-17 17:16 - 2024-04-17 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-04-17 17:16 - 2024-04-10 13:19 - 002900520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-04-17 17:16 - 2024-04-10 13:19 - 002231336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-04-17 17:16 - 2024-04-10 13:18 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-04-17 17:16 - 2024-04-10 12:50 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-04-17 17:16 - 2024-04-10 12:50 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-04-17 17:15 - 2024-04-20 18:39 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-04-20 18:39 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-04-17 17:15 - 2024-03-26 21:11 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-04-17 17:15 - 2024-03-26 21:11 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-04-11 21:18 - 2024-04-12 18:29 - 000000000 ____D C:\Users\soera\AppData\Roaming\Xfer
2024-04-11 21:17 - 2024-04-11 21:18 - 000000000 ____D C:\Users\soera\AppData\Local\Xfer
2024-04-11 21:17 - 2024-04-11 21:17 - 000000000 ____D C:\Users\soera\Documents\Xfer
2024-04-11 21:17 - 2024-04-11 21:17 - 000000000 ____D C:\Program Files\Common Files\VST3
2024-04-10 19:00 - 2024-04-11 21:20 - 000000000 ____D C:\Users\soera\Documents\Max 8
2024-04-10 19:00 - 2024-04-10 19:00 - 000000000 ____D C:\Users\soera\Documents\Ableton
2024-04-10 19:00 - 2024-04-10 19:00 - 000000000 ____D C:\Users\soera\AppData\Roaming\Cycling '74
2024-04-10 19:00 - 2024-04-10 19:00 - 000000000 ____D C:\ProgramData\Max 8
2024-04-10 18:59 - 2024-04-10 19:00 - 000000000 ____D C:\Users\soera\AppData\Roaming\Ableton
2024-04-10 18:59 - 2024-04-10 18:59 - 000000000 ____D C:\Users\soera\AppData\Local\Ableton
2024-04-10 18:56 - 2024-04-10 18:56 - 000000402 __RSH C:\ProgramData\ntuser.pol
2024-04-10 18:55 - 2024-04-10 18:55 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2024-04-10 18:53 - 2024-04-10 18:53 - 000000485 _____ C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 12 Suite.lnk
2024-04-10 18:51 - 2024-04-10 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Ableton
2024-04-10 18:51 - 2024-04-10 18:51 - 000000000 ____D C:\Program Files\Ableton
2024-04-09 17:50 - 2024-04-09 17:50 - 000000112 _____ C:\Users\soera\Documents\Wachtwoorden.txt
2024-04-09 17:22 - 2024-04-09 17:22 - 000000000 ____D C:\Users\soera\.android
2024-04-08 21:02 - 2024-04-08 21:02 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-04-08 21:02 - 2024-04-08 21:02 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-04-08 21:02 - 2024-04-08 21:02 - 000000000 ____D C:\Program Files\MSBuild
2024-04-08 21:02 - 2024-04-08 21:02 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-04-08 21:02 - 2024-04-08 21:02 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-04-08 21:01 - 2024-04-08 21:02 - 000000000 ____D C:\Users\soera\Documents\NFSTR
2024-04-08 21:00 - 2024-04-08 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed The Run
2024-04-08 17:34 - 2024-04-08 17:34 - 000000000 ____D C:\Users\soera\AppData\Local\INetHistory
2024-04-08 17:32 - 2024-04-18 11:43 - 000000000 ____D C:\Users\soera\AppData\Roaming\.minecraft
2024-04-08 17:30 - 2024-04-09 08:32 - 000000000 ____D C:\XboxGames
2024-04-08 17:30 - 2024-04-08 17:30 - 000000028 ____H C:\.GamingRoot
2024-04-08 17:29 - 2024-04-08 17:32 - 000000000 ____D C:\Users\soera\AppData\Local\MinecraftInstaller
2024-04-07 18:52 - 2024-04-07 18:52 - 000000069 _____ C:\Users\soera\Desktop\Urenregistratie - Desktop.url
2024-04-05 22:17 - 2024-04-05 22:17 - 000000000 ____D C:\Users\soera\Documents\League of Legends
2024-04-05 22:15 - 2024-04-20 20:49 - 000000000 ____D C:\Users\soera\AppData\Roaming\riot-client-ux
2024-04-05 22:15 - 2024-04-20 20:49 - 000000000 ____D C:\ProgramData\Riot Games
2024-04-05 22:15 - 2024-04-20 18:50 - 000001583 _____ C:\Users\Public\Desktop\League of Legends.lnk
2024-04-05 22:15 - 2024-04-05 22:16 - 000000000 ____D C:\Users\soera\AppData\Local\Riot Games
2024-04-05 22:15 - 2024-04-05 22:15 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-04-05 22:15 - 2024-04-05 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-04-05 18:56 - 2024-04-05 18:56 - 000000000 ____D C:\ProgramData\Focusrite
2024-04-05 18:52 - 2024-04-05 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer
2024-04-05 18:52 - 2024-04-05 18:52 - 000000000 ____D C:\Program Files (x86)\Pioneer
2024-04-05 17:08 - 2024-04-20 16:00 - 000000000 ____D C:\Users\soera\AppData\Roaming\discord
2024-04-05 17:08 - 2024-04-18 10:33 - 000002240 _____ C:\Users\soera\Desktop\Discord.lnk
2024-04-05 17:07 - 2024-04-20 16:01 - 000000000 ____D C:\Users\soera\AppData\Local\Discord
2024-04-05 17:07 - 2024-04-05 17:08 - 000000000 ____D C:\Users\soera\AppData\Local\SquirrelTemp
2024-04-03 16:07 - 2024-04-20 18:51 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-04-03 09:03 - 2024-04-03 09:03 - 000002078 _____ C:\Users\Public\Desktop\FortiClient VPN.lnk
2024-04-03 09:03 - 2024-04-03 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FortiClient VPN
2024-04-03 09:03 - 2024-04-03 09:03 - 000000000 ____D C:\Program Files\Fortinet
2024-04-03 09:03 - 2024-04-03 09:03 - 000000000 ____D C:\Program Files\Common Files\Fortinet
2024-04-03 09:01 - 2024-04-03 09:01 - 091025408 _____ C:\Users\soera\Desktop\FortiClientVPN.msi
2024-04-02 17:18 - 2024-04-02 17:18 - 000000000 ____D C:\ProgramData\Reincubate
2024-03-30 14:50 - 2024-04-21 16:25 - 000000000 ____D C:\Users\soera\AppData\Roaming\vlc
2024-03-30 14:50 - 2024-03-30 14:50 - 000000925 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-30 14:50 - 2024-03-30 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-03-30 14:49 - 2024-03-30 14:49 - 000000000 ____D C:\Program Files\VideoLAN
2024-03-30 14:38 - 2024-04-21 16:47 - 000000000 ____D C:\Users\soera\AppData\Roaming\qBittorrent
2024-03-30 14:38 - 2024-03-30 14:38 - 000000000 ____D C:\Users\soera\AppData\Local\qBittorrent
2024-03-30 14:38 - 2024-03-30 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-03-30 14:38 - 2024-03-30 14:38 - 000000000 ____D C:\Program Files\qBittorrent
2024-03-29 21:02 - 2024-03-29 21:03 - 000000000 ____D C:\Users\soera\AppData\Roaming\DriveTheLifeUI
2024-03-29 17:49 - 2024-04-20 16:03 - 000000000 ____D C:\Program Files (x86)\SeaTools5
2024-03-29 16:42 - 2024-03-29 16:43 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12
2024-03-29 16:35 - 2024-04-21 16:37 - 000000000 ____D C:\Users\soera\AppData\Local\NVIDIA
2024-03-29 15:47 - 2024-03-29 15:47 - 000000000 ____D C:\Users\soera\AppData\Local\CEF
2024-03-29 15:44 - 2024-04-20 19:07 - 000000000 ____D C:\Users\soera\AppData\Local\Razer
2024-03-29 15:44 - 2024-04-20 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-03-29 15:42 - 2024-03-29 15:42 - 000000000 ____D C:\Users\soera\AppData\Local\AWSToolkit
2024-03-29 14:03 - 2024-03-29 14:03 - 000000000 ____D C:\Users\soera\AppData\Roaming\Adobe
2024-03-29 13:53 - 2024-04-21 16:51 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-29 13:53 - 2024-04-20 18:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-03-29 13:53 - 2024-03-29 13:53 - 000000000 ____D C:\Users\soera\AppData\LocalLow\NVIDIA
2024-03-29 13:50 - 2024-04-20 18:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-03-29 13:32 - 2024-04-21 15:04 - 000000000 ____D C:\Users\soera\AppData\Local\D3DSCache
2024-03-29 12:22 - 2024-03-29 12:22 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-03-29 11:56 - 2024-03-29 11:56 - 000003638 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2024-03-29 11:33 - 2024-03-29 12:24 - 000003795 _____ C:\WINDOWS\diagwrn.xml
2024-03-29 11:33 - 2024-03-29 12:24 - 000003795 _____ C:\WINDOWS\diagerr.xml
2024-03-28 13:58 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spek
2024-03-28 13:58 - 2024-03-28 13:58 - 000001842 _____ C:\Users\Public\Desktop\Spek.lnk
2024-03-28 13:58 - 2024-03-28 13:58 - 000000000 ____D C:\Users\soera\AppData\Roaming\spek
2024-03-28 13:58 - 2024-03-28 13:58 - 000000000 ____D C:\Program Files\Spek
2024-03-28 11:40 - 2024-04-05 18:52 - 000000000 ____D C:\Users\soera\AppData\Local\Serato
2024-03-28 11:40 - 2024-03-28 11:40 - 000000000 ____D C:\Users\soera\AppData\Local\cache
2024-03-28 11:40 - 2024-03-28 11:40 - 000000000 ____D C:\ProgramData\Reprise
2024-03-28 11:28 - 2024-04-19 22:02 - 000000000 ____D C:\Users\soera\AppData\Roaming\rekordboxAgent
2024-03-28 11:28 - 2024-04-19 15:57 - 000000000 ____D C:\Users\soera\AppData\Roaming\PioneerLog
2024-03-28 11:27 - 2024-03-28 11:27 - 000000000 ____D C:\Users\soera\Documents\rekordbox
2024-03-28 11:27 - 2024-03-28 11:27 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2024-03-28 11:25 - 2024-03-28 11:28 - 000000000 ____D C:\Users\soera\AppData\Roaming\Pioneer
2024-03-28 11:24 - 2024-03-28 11:24 - 000000737 _____ C:\Users\soera\Desktop\rekordbox 6.lnk
2024-03-28 11:24 - 2024-03-28 11:24 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pioneer
2024-03-28 11:23 - 2024-03-28 11:23 - 000000000 ____D C:\Program Files\Pioneer
2024-03-28 09:36 - 2024-03-28 09:36 - 000000000 ____D C:\Users\soera\AppData\Roaming\Apple Computer
2024-03-27 14:58 - 2024-04-14 10:40 - 000000000 ____D C:\Users\soera\AppData\Local\SoulseekQt
2024-03-27 14:34 - 2024-03-27 14:34 - 000000000 ____D C:\Users\soera\AppData\Local\Backup
2024-03-27 13:57 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2024-03-27 13:57 - 2024-03-27 13:57 - 000000879 _____ C:\Users\Public\Desktop\SoulseekQt.lnk
2024-03-27 13:57 - 2024-03-27 13:57 - 000000000 ____D C:\Program Files\SoulseekQt
2024-03-27 13:33 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2024-03-27 13:33 - 2024-03-27 13:33 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2024-03-27 13:33 - 2024-03-27 13:33 - 000001916 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2024-03-27 13:33 - 2024-03-27 13:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2024-03-27 13:33 - 2024-03-27 13:33 - 000000000 ____D C:\Users\soera\AppData\Local\Apple
2024-03-27 13:33 - 2024-03-27 13:33 - 000000000 ____D C:\ProgramData\Apple Computer
2024-03-27 13:33 - 2024-03-27 13:33 - 000000000 ____D C:\Program Files (x86)\QuickTime
2024-03-27 13:32 - 2024-03-27 13:33 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2024-03-27 13:32 - 2024-03-27 13:32 - 000000000 ____D C:\ProgramData\Apple
2024-03-27 13:25 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
2024-03-27 13:25 - 2024-03-27 13:25 - 000002577 _____ C:\Users\Public\Desktop\Serato DJ Pro .lnk
2024-03-27 13:25 - 2024-03-27 13:25 - 000000000 ____D C:\Users\soera\AppData\LocalLow\Apple Computer
2024-03-27 13:25 - 2024-03-27 13:25 - 000000000 ____D C:\Program Files\Serato
2024-03-27 13:24 - 2024-03-27 13:24 - 000000123 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2024-03-27 13:24 - 2024-03-27 13:24 - 000000000 ____D C:\Users\soera\AppData\Local\Mixed_In_Key_LLC
2024-03-27 13:24 - 2024-03-27 13:24 - 000000000 ____D C:\Users\soera\AppData\Local\Mixed In Key
2024-03-27 13:22 - 2024-03-29 16:42 - 000000000 ____D C:\Users\soera\AppData\Local\Package Cache
2024-03-27 13:22 - 2024-03-27 13:22 - 000002399 _____ C:\Users\soera\Desktop\Mixed In Key 8.lnk
2024-03-27 13:22 - 2024-03-27 13:22 - 000002371 _____ C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mixed In Key 8.lnk
2024-03-27 12:03 - 2024-04-21 16:53 - 000000000 ____D C:\FRST
2024-03-27 10:13 - 2024-03-27 10:13 - 000000000 ____D C:\Users\soera\AppData\Local\ToastNotificationManagerCompat
2024-03-27 10:12 - 2024-03-27 10:12 - 000001973 _____ C:\Users\Public\Desktop\Camo Studio.lnk
2024-03-27 10:12 - 2024-03-27 10:12 - 000001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camo Studio.lnk
2024-03-27 10:12 - 2024-03-27 10:12 - 000000000 ____D C:\Users\soera\AppData\Roaming\Reincubate
2024-03-27 10:12 - 2024-03-27 10:12 - 000000000 ____D C:\Program Files (x86)\Camo Studio
2024-03-27 10:02 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Drivers
2024-03-27 10:02 - 2024-03-27 10:02 - 000000000 ____D C:\Program Files\Focusrite
2024-03-27 10:02 - 2023-11-27 16:49 - 000170312 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsb.sys
2024-03-27 10:02 - 2023-11-27 16:49 - 000112968 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbSwRoot.sys
2024-03-27 10:02 - 2023-11-27 16:49 - 000109896 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbAudio.sys
2024-03-27 10:02 - 2023-11-27 16:49 - 000106208 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusritePCIeSwRoot.sys
2024-03-27 10:02 - 2023-11-27 16:26 - 000097880 _____ C:\WINDOWS\SysWOW64\FocusritePal32.dll
2024-03-27 10:02 - 2023-11-27 16:25 - 000109144 _____ C:\WINDOWS\system32\FocusritePal64.dll
2024-03-27 09:44 - 2024-04-20 18:49 - 000000000 ____D C:\Users\soera\AppData\Local\PlaceholderTileLogoFolder
2024-03-27 09:42 - 2024-03-27 09:42 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-03-27 09:42 - 2024-03-27 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2024-03-27 09:41 - 2024-03-27 09:41 - 000000000 ____D C:\Program Files\SteelSeries
2024-03-27 09:28 - 2024-03-29 12:19 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Teleknowledge Call Center Solutions B.V
2024-03-27 09:28 - 2024-03-27 09:28 - 000000364 _____ C:\Users\soera\Desktop\Teleknowledge Connect.appref-ms
2024-03-27 09:27 - 2024-04-19 17:49 - 000000000 ____D C:\Users\soera\AppData\Local\Deployment
2024-03-27 09:27 - 2024-03-27 09:27 - 000000000 ____D C:\Users\soera\AppData\Local\Apps\2.0
2024-03-27 08:57 - 2024-04-21 15:13 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\MMC
2024-03-27 01:01 - 2024-03-27 01:01 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-INFLUX-Windows-10-Pro-(64-bit).dat
2024-03-27 00:50 - 2024-03-27 00:50 - 000000112 ___SH C:\bootTel.dat
2024-03-27 00:44 - 2024-03-27 00:44 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\HTML Help
2024-03-27 00:42 - 2024-03-27 00:43 - 000388478 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2024-03-27 00:42 - 2024-03-27 00:42 - 000003764 _____ C:\WINDOWS\system32\Tasks\Tweaking.com - Windows Repair Tray Icon
2024-03-27 00:34 - 2024-03-27 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2024-03-27 00:34 - 2024-03-27 00:42 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2024-03-27 00:33 - 2024-03-27 00:34 - 000016827 _____ C:\WINDOWS\Tweaking.com - Technicians Toolbox Setup Log.txt
2024-03-27 00:29 - 2024-03-27 00:30 - 000000000 ____D C:\AdwCleaner
2024-03-27 00:26 - 2024-04-21 16:51 - 000000000 ____D C:\Users\soera\AppData\Local\CrashDumps
2024-03-27 00:21 - 2024-03-27 00:22 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-03-27 00:12 - 2024-03-27 00:12 - 000000000 ____D C:\Users\soera\AppData\Local\VirtualStore
2024-03-27 00:11 - 2024-04-19 12:03 - 000000000 ____D C:\Users\soera\AppData\Local\FortiClient
2024-03-27 00:11 - 2024-04-03 08:57 - 000000000 ____D C:\Users\soera\AppData\Roaming\FortiClient
2024-03-27 00:10 - 2024-03-27 00:10 - 000000000 ____D C:\ProgramData\Applications
2024-03-27 00:04 - 2024-04-18 15:38 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-27 00:04 - 2024-04-18 15:38 - 000002235 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-27 00:03 - 2024-03-27 00:03 - 000000000 ____D C:\Program Files\Google
2024-03-27 00:00 - 2024-03-29 13:05 - 000000000 ____D C:\Users\soera\AppData\Local\Malwarebytes
2024-03-27 00:00 - 2024-03-27 00:00 - 000000634 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-26 23:59 - 2024-03-26 23:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-26 23:44 - 2024-03-26 23:44 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Vault
2024-03-26 23:31 - 2024-03-29 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aweray Remote
2024-03-26 23:31 - 2024-03-26 23:32 - 000000000 ____D C:\ProgramData\AweSun
2024-03-26 23:31 - 2024-03-26 23:31 - 000002036 _____ C:\Users\Public\Desktop\Aweray Remote.lnk
2024-03-26 23:31 - 2024-03-26 23:31 - 000000000 ____D C:\Users\soera\AppData\Roaming\AweSun
2024-03-26 23:31 - 2024-03-26 23:31 - 000000000 ____D C:\Users\soera\AppData\Local\PeerDistRepub
2024-03-26 23:31 - 2024-03-26 23:31 - 000000000 ____D C:\ProgramData\OrayClient
2024-03-26 23:31 - 2024-03-26 23:31 - 000000000 ____D C:\Program Files\Aweray
2024-03-26 23:29 - 2024-03-26 23:29 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Network
2024-03-26 23:25 - 2024-03-26 23:25 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-26 23:24 - 2024-03-26 23:24 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-26 23:23 - 2024-03-27 09:44 - 000000000 ____D C:\Users\soera\AppData\Local\Publishers
2024-03-26 23:23 - 2024-03-27 01:14 - 000000000 ____D C:\Users\soera\AppData\Local\ConnectedDevicesPlatform
2024-03-26 23:23 - 2024-03-26 23:23 - 000000020 ___SH C:\Users\soera\ntuser.ini
2024-03-26 23:23 - 2024-03-26 23:23 - 000000000 ___SD C:\Users\soera\AppData\Roaming\Microsoft\Credentials
2024-03-26 23:21 - 2024-04-21 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-26 23:20 - 2024-04-20 19:10 - 000000000 ____D C:\ProgramData\Razer
2024-03-26 23:19 - 2024-04-20 19:11 - 000000000 ____D C:\Program Files (x86)\Razer
2024-03-26 23:19 - 2024-04-20 16:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-03-26 23:19 - 2023-06-16 08:33 - 000161920 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3CoinstallerEx.dll
2024-03-26 23:18 - 2024-04-11 21:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-26 23:11 - 2024-04-21 16:51 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-26 23:11 - 2024-03-29 19:01 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Spelling
2024-03-26 23:11 - 2024-03-29 11:38 - 000000000 ____D C:\Users\soera\AppData\Roaming\Microsoft\Windows
2024-03-26 23:11 - 2024-03-26 23:12 - 000000000 ___SD C:\Users\soera\AppData\Roaming\Microsoft\Protect
2024-03-26 23:11 - 2024-03-26 23:11 - 000003938 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{8F2AE696-BBD4-420E-AF41-7605FBF6D716}
2024-03-26 23:11 - 2024-03-26 23:11 - 000003814 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{B9D4C5A8-6E86-4404-9627-7DCDCEACED90}
2024-03-26 23:11 - 2024-03-26 23:11 - 000000000 ____D C:\Users\soera\AppData\Local\Google
2024-03-26 23:08 - 2024-03-26 23:08 - 000000000 ____D C:\ProgramData\USOShared
2024-03-26 23:06 - 2024-03-29 12:19 - 000000000 ___SD C:\Users\soera\AppData\Roaming\Microsoft\Crypto
2024-03-26 23:06 - 2024-03-27 09:08 - 000000000 ____D C:\Users\soera\AppData\Local\Comms
2024-03-26 23:06 - 2024-03-26 23:06 - 000000000 ___SD C:\Users\soera\AppData\Roaming\Microsoft\SystemCertificates
2024-03-26 22:08 - 2024-04-20 15:53 - 000000000 ____D C:\WINDOWS\pss
2024-03-26 22:00 - 2024-03-26 22:00 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1972111791-3876880343-3799735429-1003
2024-03-26 22:00 - 2024-03-26 22:00 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1972111791-3876880343-3799735429-1003
2024-03-26 22:00 - 2024-03-26 22:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-03-26 21:58 - 2024-04-21 16:41 - 000000000 ____D C:\Users\soera\AppData\Local\Packages
2024-03-26 21:57 - 2024-04-21 16:52 - 001800700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-26 21:57 - 2024-04-21 14:10 - 000000000 ____D C:\Program Files (x86)\MSI
2024-03-26 21:57 - 2024-04-20 19:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-03-26 21:56 - 2024-04-21 16:47 - 000000000 ____D C:\Users\soera
2024-03-26 21:56 - 2024-03-29 12:19 - 000000000 ____D C:\Users\Public\AccountPictures
2024-03-26 21:51 - 2024-04-21 14:05 - 000000000 ____D C:\ProgramData\Packages
2024-03-26 21:49 - 2024-04-21 16:48 - 000000000 ____D C:\WINDOWS\CSC
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Public\Documents\Mijn video's
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Public\Documents\Mijn muziek
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Public\Documents\Mijn afbeeldingen
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Sjablonen
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Netwerkprinteromgeving
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Mijn documenten
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Menu Start
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Documents\Mijn video's
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Documents\Mijn muziek
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\Documents\Mijn afbeeldingen
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\Users\Default\AppData\Local\Geschiedenis
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\ProgramData\Sjablonen
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programma's
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\ProgramData\Menu Start
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\ProgramData\Documenten
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 _SHDL C:\ProgramData\Bureaublad
2024-03-26 21:49 - 2024-03-26 21:49 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-03-26 21:48 - 2024-04-21 16:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-26 21:48 - 2024-04-10 11:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-26 21:48 - 2024-04-04 12:02 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 21:48 - 2024-04-04 12:02 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 21:48 - 2024-03-26 21:48 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-03-26 21:46 - 2024-04-21 16:48 - 000305392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-26 21:46 - 2024-04-21 14:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-26 21:46 - 2024-04-21 12:23 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-03-26 21:46 - 2024-03-26 21:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-03-26 21:41 - 2024-03-26 21:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-03-26 21:15 - 2024-03-29 13:38 - 000000000 ___DC C:\WINDOWS\Panther
2024-03-26 16:43 - 2024-04-20 18:18 - 000000000 ____D C:\AMD
2024-03-25 12:32 - 2024-04-20 20:57 - 000012288 ___SH C:\DumpStack.log.tmp
==================== Een maand (gewijzigd) ==================
(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)
2024-04-21 16:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-21 16:52 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-04-21 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-21 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-21 16:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-21 16:47 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-04-21 16:41 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-20 19:33 - 2022-05-07 07:24 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_595
2024-04-20 18:03 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Registration
2024-04-20 14:58 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-19 22:18 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-04-17 17:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-04-11 23:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-11 23:51 - 2023-12-04 08:28 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-04-11 23:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-04-11 23:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-11 23:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-10 18:55 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-04-08 21:02 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-04-08 21:02 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-04-05 17:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-29 12:33 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-29 12:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-03-29 12:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-03-29 12:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-03-29 12:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-03-29 12:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-03-29 12:01 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-29 11:46 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-29 11:30 - 2022-05-07 07:24 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_563
2024-03-27 14:32 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-27 01:30 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-03-27 00:55 - 2022-05-07 07:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-03-27 00:50 - 2022-05-07 07:24 - 000000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_531
2024-03-27 00:39 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-27 00:22 - 2022-05-07 12:42 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-03-27 00:22 - 2022-05-07 12:42 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-27 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-03-27 00:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\OCR
2024-03-27 00:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-03-27 00:02 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-27 00:00 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-26 23:19 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-03-26 21:49 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows NT
2024-03-26 21:46 - 2022-05-07 07:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-03-26 21:45 - 2022-05-07 07:28 - 000000000 ____D C:\WINDOWS\Setup
==================== Bestanden in de root van sommige mappen ========
2024-04-20 15:55 - 2024-04-20 19:28 - 000007608 _____ () C:\Users\soera\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
==================== BCD ================================
Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{22e12b70-ffc9-11ee-b114-806e6f6e6963}
{22e12b71-ffc9-11ee-b114-806e6f6e6963}
timeout 1
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume5
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale nl-NL
inherit {globalsettings}
default {current}
resumeobject {87601cd7-eb64-11ee-9e4e-e36009d158d7}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3
Firmware Application (101fffff)
-------------------------------
identifier {22e12b70-ffc9-11ee-b114-806e6f6e6963}
description Hard Drive
Firmware Application (101fffff)
-------------------------------
identifier {22e12b71-ffc9-11ee-b114-806e6f6e6963}
description USB HDD
Windows Boot Loader
-------------------
identifier {2f47e48a-e46e-11ee-be35-b2ceb20a87e0}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{2f47e48b-e46e-11ee-be35-b2ceb20a87e0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale nl-NL
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{2f47e48b-e46e-11ee-be35-b2ceb20a87e0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale nl-NL
inherit {bootloadersettings}
recoverysequence {87601cda-eb64-11ee-9e4e-e36009d158d7}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {87601cd7-eb64-11ee-9e4e-e36009d158d7}
nx OptIn
bootmenupolicy Standard
Windows Boot Loader
-------------------
identifier {87601cda-eb64-11ee-9e4e-e36009d158d7}
device ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{87601cdb-eb64-11ee-9e4e-e36009d158d7}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale nl-NL
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{87601cdb-eb64-11ee-9e4e-e36009d158d7}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Resume from Hibernate
---------------------
identifier {87601cd7-eb64-11ee-9e4e-e36009d158d7}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale nl-NL
inherit {resumeloadersettings}
recoverysequence {87601cda-eb64-11ee-9e4e-e36009d158d7}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume5
path \EFI\Microsoft\Boot\memtest.efi
description Windows Geheugencontrole
locale nl-NL
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems No
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {87601cdb-eb64-11ee-9e4e-e36009d158d7}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume8
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Einde van FRST.txt ========================
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 19.04.2024 01
Gestart door soera (21-04-2024 16:56:06)
Gestart vanaf C:\Users\soera\Downloads
Microsoft Windows 11 Pro Versie 23H2 22631.3447 (X64) (2024-03-26 19:51:26)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
Administrator (S-1-5-21-1972111791-3876880343-3799735429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1972111791-3876880343-3799735429-503 - Limited - Disabled)
Gast (S-1-5-21-1972111791-3876880343-3799735429-501 - Limited - Disabled)
soera (S-1-5-21-1972111791-3876880343-3799735429-1003 - Administrator - Enabled) => C:\Users\soera
WDAGUtilityAccount (S-1-5-21-1972111791-3876880343-3799735429-504 - Limited - Disabled)
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Geïnstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)
Ableton Live 12 Suite (HKLM\...\{E107EAC0-8655-4161-8582-8494EC0590A6}) (Version: 12.0.0.0 - Ableton) Hidden
Ableton Live 12 Suite (HKLM-x32\...\{14a63b0f-986f-479c-98b3-725e24892b0c}) (Version: 12.0.0.0 - Ableton)
Ableton Push Driver v5.57.0 (HKLM\...\{2143CAA3-2BA4-4073-93D1-E440A65F42CD}) (Version: 5.57.0 - Ableton) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.27 - Advanced Micro Devices, Inc.)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.13.0.2908 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.13.0.2908 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8da54e84-09f6-45f6-9c1f-2b86dff082b1}) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aweray Remote (HKLM-x32\...\AweSun RemoteClient) (Version: 2.0.0.45399 - AweRay. Alle Rechten Voorbeh)
Camo Studio (HKLM\...\{3B3388F2-5E83-4C7A-ACB3-939FA3419D1F}) (Version: 2.1.11.11612 - Reincubate)
CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.)
DriversCloud.com (HKLM\...\{A81418B9-164C-4783-8C4A-20C1EA43C59B}) (Version: 12.0.23 - Cybelsoft)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Focusrite Audio Drivers 4.119.13.33 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.119.13.33 - Focusrite Audio Engineering, Ltd.)
FortiClient VPN (HKLM\...\{A43400FD-C5F7-4E6D-B258-E271AB41FC93}) (Version: 6.2.6.0951 - Fortinet Technologies Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.124 - Google LLC)
League of Legends (HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 5.1.1.106 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.1.106 - Malwarebytes)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.97 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{730ca3c6-815d-4b47-abc9-5082acd0267f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Mixed in Key (HKLM-x32\...\{49D61F7C-0F1E-4030-86FD-12656D0A20FF}) (Version: 8.5.2411.0 - Mixed In Key LLC) Hidden
Mixed In Key 8 (HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\{7cb2c8d4-181d-4aca-a684-8099ab1bb9d7}) (Version: 8.5.2411.0 - Mixed In Key LLC)
MSI Afterburner 4.6.6 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.6 Beta 3 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2024.0327.01 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.412 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.412 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 552.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.22 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Pioneer DJ DDJ_SB2 Driver (HKLM-x32\...\Pioneer DJ DDJ_SB2 ASIO) (Version: 1.100.000.002 - Pioneer DJ Corporation.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Python 3.12.2 (64-bit) (HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\{b6178a40-1665-4565-b73e-48dd6e039a65}) (Version: 3.12.2150.0 - Python Software Foundation)
Python 3.12.2 Add to Path (64-bit) (HKLM\...\{D552469C-E810-468F-A139-1EA43D0E2BE0}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Core Interpreter (64-bit) (HKLM\...\{4534F2ED-1616-434D-98A6-0DA358DCD466}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Development Libraries (64-bit) (HKLM\...\{F131E2DD-B8C5-42F3-85B7-3D4BAC9582CD}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Documentation (64-bit) (HKLM\...\{BD32BDE9-835D-4013-8F9A-45FF11456F02}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Executables (64-bit) (HKLM\...\{097D2A37-E94B-4FAD-8C89-D63443BD4D4A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 pip Bootstrap (64-bit) (HKLM\...\{BDE73EDC-76AE-475D-8885-9B583631B0FC}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Standard Library (64-bit) (HKLM\...\{E172CAF3-ABC7-4B62-BA8C-3A2472DE44F6}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Tcl/Tk Support (64-bit) (HKLM\...\{B50C92E9-2780-433A-AA61-E9F06D0AFF8A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Test Suite (64-bit) (HKLM\...\{94087C99-E4F5-4637-A789-3B6059DF787B}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B36061E-A25F-4E12-BFD1-68E724723D48}) (Version: 3.12.2150.0 - Python Software Foundation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.4 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Synapse Beta (HKLM-x32\...\Razer Synapse Beta) (Version: 4.0.290 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
rekordbox 6.8.4 64bit (HKLM\...\Pioneer rekordbox 6.8.4) (Version: 6.8.4.0001 - AlphaTheta)
Riot Client (HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
RivaTuner Statistics Server 7.3.5 (HKLM-x32\...\RTSS) (Version: 7.3.5 - Unwinder)
Serato DJ Pro (HKLM\...\{D05DA914-BB08-4347-9FF2-8A6E3DA160ED}) (Version: 3.1.2.1602 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{7413c6bf-bebe-4415-933b-06ccd8c6a7b8}) (Version: 3.1.2.1602 - Serato Limited)
SoulseekQt versie 2024.2.1 (HKLM\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2024.2.1 - Soulseek LLC)
Spek (HKLM\...\{16353491-B630-454D-BFCF-9F3B1401B63C}) (Version: 0.8.5 - Spek Project)
SteelSeries GG 60.1.0 (HKLM\...\SteelSeries GG) (Version: 60.1.0 - SteelSeries ApS)
Teleknowledge Connect (HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\b2e2918eb255e632) (Version: 3.0.0.258 - Teleknowledge Call Center Solutions B.V.)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.14.0 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Xfer Records Serum (HKLM-x32\...\Serum) (Version: 1.368 - Xfer Records)
Packages:
=========
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.146.0_x64__kzh8wxbdkxb8p [2024-04-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.25.1.0_x64__0a78dr3hq0pvt [2024-04-11] (HP Inc.) [Startup Task]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.79.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
MicrosoftWindows.Client.FileExp -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-29] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24032.58.0_x64__cw5n1h2txyewy [2024-04-17] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-04-08] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-21] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.50.319.0_x64__dt26b99r8h8gj [2024-04-21] (Realtek Semiconductor Corp)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2413.1.0_x64__cv1g1gvanyjgm [2024-04-12] (WhatsApp Inc.) [Startup Task]
==================== Aangepaste CLSID (gefilterd): ==============
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{002add35-e00a-f3ef-f484-215bb738aa23}\localserver32 -> C:\Program Files (x86)\Camo Studio\CamoStudio.exe (Reincubate Limited -> Reincubate)
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{2e7c0a19-0438-41e9-81e3-3ad3d64f55ba}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /cci /client=Personal => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{3A308EFE-656D-46BB-9963-0A41C0D6BCA2}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuthLib64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\Microsoft.SharePoint.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /autoplay => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{6bb93b4e-44d8-40e2-bd97-42dbcf18a40f}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /cci => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /cci /client=Personal => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\Microsoft.SharePoint.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /cci /client=Personal => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /cci /client=Personal => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\soera\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-1972111791-3876880343-3799735429-1003_Classes\CLSID\{F37369D9-1C22-40A0-A997-0B4D5F7B6637}\localserver32 -> "C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileCoAuth.exe" => Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Virus\mbshlext.dll -> Geen bestand
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_84b2c943d6816eb7\nvshext.dll [2024-04-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Virus\mbshlext.dll -> Geen bestand
ContextMenuHandlers1_S-1-5-21-1972111791-3876880343-3799735429-1003: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ContextMenuHandlers4_S-1-5-21-1972111791-3876880343-3799735429-1003: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
ContextMenuHandlers5_S-1-5-21-1972111791-3876880343-3799735429-1003: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\soera\AppData\Local\Microsoft\OneDrive\24.045.0303.0003\FileSyncShell64.dll -> Geen bestand
==================== Codecs (gefilterd) ====================
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [1102848 2023-04-10] () [Bestand niet getekend]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [Bestand niet getekend]
==================== Snelkoppelingen & WMI ========================
==================== Geladen Modules (gefilterd) =============
2024-04-21 14:12 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Bestand niet getekend] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2024-04-21 14:12 - 2018-08-31 07:26 - 000053760 _____ (MS) [Bestand niet getekend] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2024-04-21 14:12 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [Bestand niet getekend] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (gefilterd) ========
==================== Veilige Modus (gefilterd) ==================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Bestandskoppeling (gefilterd) =================
==================== Internet Explorer (gefilterd) ==========
==================== Hosts inhoud: =========================
(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)
2022-05-07 07:24 - 2024-04-21 15:32 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere gebieden ===========================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 192.168.2.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
MSCONFIG\Services: AweSunService => 2
MSCONFIG\Services: CamoService => 2
MSCONFIG\Services: FA_Scheduler => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MSI_Case_Service => 2
MSCONFIG\Services: MSI_Center_Service => 2
MSCONFIG\Services: MSI_Super_Charger_Service => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Razer Chroma SDK Server => 2
MSCONFIG\Services: Razer Chroma SDK Service => 2
MSCONFIG\Services: Razer Chroma Stream Server => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: Razer Synapse Service => 2
MSCONFIG\Services: RzActionSvc => 2
MSCONFIG\Services: SteelSeriesGGUpdateServiceProxy => 3
HKLM\...\StartupApproved\StartupFolder: => "Ableton Push Control Panel Autostart.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AweSun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_17F6A8FC67B4E16D55211248310D4CCE"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "Toolkit"
HKU\S-1-5-21-1972111791-3876880343-3799735429-1003\...\StartupApproved\Run: => "RazerAppEngine"
==================== Firewall regels (gefilterd) ================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [TCP Query User{D0B5AF37-D629-4E87-963F-948136523CB3}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{2654963F-9935-4522-90B4-74F84E61E47A}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{AEF434A6-BA92-4D99-9682-794F55131CAC}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Bestand niet getekend]
FirewallRules: [UDP Query User{7C3FC859-9CC7-4FA4-A692-60A66AFAF86F}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Bestand niet getekend]
FirewallRules: [{A8282F92-AE18-40BF-BDCB-0A0F3B62EACC}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe (CYBELSOFT -> )
FirewallRules: [{11BEDFCD-581A-46DD-AA6F-0C00322E526F}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe (CYBELSOFT -> )
FirewallRules: [{D03073F4-7644-49B9-9D67-B9781FBF580B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Geen bestand
FirewallRules: [{28000B34-7BF2-474D-9D5D-A15578AE25B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Geen bestand
FirewallRules: [{F2F668F5-7DD7-4809-8282-B637488776F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Geen bestand
FirewallRules: [{0648CB0F-B5CC-4C12-A3F0-3581F5704FF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Geen bestand
FirewallRules: [{B2860D58-2015-49D3-8683-993CD30B91C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Geen bestand
FirewallRules: [{17EFE77D-9BB4-4BE7-A785-BE5AADA9B675}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Geen bestand
FirewallRules: [{E21A923B-04BC-4EF8-A7B5-998A1AC480DA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.50\msedgewebview2.exe => Geen bestand
FirewallRules: [TCP Query User{D5F395D5-9F00-4F78-888E-1A00636DCC73}C:\program files\soulseekqt\soulseekqt.exe] => (Block) C:\program files\soulseekqt\soulseekqt.exe () [Bestand niet getekend]
FirewallRules: [UDP Query User{04A677BC-6721-4F72-8AEB-F4CDAEC60FC9}C:\program files\soulseekqt\soulseekqt.exe] => (Block) C:\program files\soulseekqt\soulseekqt.exe () [Bestand niet getekend]
FirewallRules: [{A715B927-8BBF-4481-8601-A3F0A5E31180}] => (Allow) LPort=32682
==================== Herstelpunten =========================
==================== Defecte Apparaatbeheer Apparaten ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Focusrite Thunderbolt Audio Root
Description: Focusrite Thunderbolt Audio Root
Class Guid: {c8b76578-d062-4834-0001-f8b6f2162a22}
Manufacturer: Focusrite Audio Engineering, Ltd.
Service: FocusritePCIeSwRoot
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Eventlog fouten: ========================
Applicatiefouten:
==================
Error: (04/21/2024 04:51:46 PM) (Source: Application Error) (EventID: 1000) (User: INFLUX)
Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.22621.1, tijdstempel: 0x004687c2
Naam van module met fout: twinapi.appcore.dll, versie: 10.0.22621.3374, tijdstempel: 0xe207eca7
Uitzonderingscode: 0xc000027b
Foutmarge: 0x00000000000c9be3
Id van proces met fout: 0x0x2f48
Starttijd van toepassing met fout: 0x0x1da93fb6e2de9bc
Pad naar toepassing met fout: C:\WINDOWS\system32\backgroundTaskHost.exe
Pad naar module met fout: C:\Windows\System32\twinapi.appcore.dll
Rapport-id: f8d25230-4f93-49c6-a520-273b226511f1
Volledige pakketnaam met fout: 33C30B79.HyperXNGenuity_5.25.1.0_x64__0a78dr3hq0pvt
Relatieve toepassings-id van pakket met fout: App
Error: (04/21/2024 04:50:30 PM) (Source: Application Error) (EventID: 1000) (User: INFLUX)
Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.22621.1, tijdstempel: 0x004687c2
Naam van module met fout: twinapi.appcore.dll, versie: 10.0.22621.3374, tijdstempel: 0xe207eca7
Uitzonderingscode: 0xc000027b
Foutmarge: 0x00000000000c9be3
Id van proces met fout: 0x0x2b0c
Starttijd van toepassing met fout: 0x0x1da93fb3e03747d
Pad naar toepassing met fout: C:\WINDOWS\system32\backgroundTaskHost.exe
Pad naar module met fout: C:\Windows\System32\twinapi.appcore.dll
Rapport-id: 3c9aa282-e9aa-4e91-b4a0-a39e171e9de7
Volledige pakketnaam met fout: 33C30B79.HyperXNGenuity_5.25.1.0_x64__0a78dr3hq0pvt
Relatieve toepassings-id van pakket met fout: App
Error: (04/21/2024 04:48:27 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: De initialisatie van de SCEP-certificaatinschrijving voor WORKGROUP\INFLUX$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep is mislukt:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Apr 2024 14:48:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5d6bbf90-25e3-40cc-a94a-455581e2eec6
Methode: GET(250ms)
Fase: GetCACaps
Niet gevonden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/21/2024 04:48:27 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: De initialisatie van de SCEP-certificaatinschrijving voor Lokaal systeem via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep is mislukt:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Apr 2024 14:48:27 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2f90018-e67a-437a-bd52-ca072843cba0
Methode: GET(312ms)
Fase: GetCACaps
Niet gevonden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/21/2024 04:47:32 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Naam van toepassing met fout: GameManagerService3.exe, versie: 3.5.0.370, tijdstempel: 0x622f7973
Naam van module met fout: KERNELBASE.dll, versie: 10.0.22621.3447, tijdstempel: 0x67ef8931
Uitzonderingscode: 0xe0434352
Foutmarge: 0x001498b2
Id van proces met fout: 0x0x10f4
Starttijd van toepassing met fout: 0x0x1da93e5d26d443e
Pad naar toepassing met fout: C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: 964ad05d-eb18-4713-adec-66285df6d512
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (04/21/2024 04:47:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten..
Error: (04/21/2024 04:47:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten.]
Error: (04/21/2024 04:47:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten..
Systeemfouten:
=============
Error: (04/21/2024 04:51:30 PM) (Source: DCOM) (EventID: 10010) (User: INFLUX)
Description: De server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (04/21/2024 04:50:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Browser-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (04/21/2024 04:50:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Browser.
Error: (04/21/2024 04:50:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Browser-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (04/21/2024 04:50:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Browser.
Error: (04/21/2024 04:48:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Browser-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (04/21/2024 04:48:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Browser.
Error: (04/21/2024 04:48:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Browser-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Windows Defender:
================
Date: 2024-04-20 18:15:35
Description:
Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd.
Zie het volgende voor meer informatie:
Naam: HackTool:Win32/Keygen
Ernst: Hoog
Categorie: Hulpprogramma
Pad: file:_G:\Torrents\Ableton\Ableton - Live 12 Suite 12.0.0 {R2R}\R2R\vcruntime140_1.dll
Detectieoorsprong: Lokale computer
Detectietype: Concreet
Detectiebron: Systeem
Gebruiker: Influx\soera
Procesnaam: Unknown
Versie van beveiligingsinformatie: AV: 1.409.399.0, AS: 1.409.399.0, NIS: 1.409.399.0
Engineversie: AM: 1.1.24030.4, NIS: 1.1.24030.4
Date: 2024-04-20 16:06:14
Description:
Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {F9E3ADD1-816A-4AC9-B437-844365134D0B}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2024-04-19 23:18:49
Description:
Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {CE942C31-A36A-4EC8-99CE-E599179A02F3}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2024-04-19 14:57:06
Description:
Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {285C633F-2A02-4C8F-A053-E18BF46CC9DD}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Date: 2024-04-17 18:32:39
Description:
Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {92F2B235-9473-4A49-8388-4C94D66C4854}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-04-15 11:37:14
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.409.262.0
Updatebron: Microsoft-updateserver
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.24030.4
Foutcode: 0x80070643
Foutbeschrijving: Onherstelbare fout bij installatie.
Date: 2024-03-29 12:22:15
Description:
Microsoft Defender Antivirus heeft een fout gevonden tijdens het bijwerken van beveiligingsinformatie en zal proberen terug te keren naar een eerdere versie.
Geprobeerde beveiligingsinformatie: Huidig
Foutcode: 0x80070003
Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden.
Versie van beveiligingsinformatie: 0.0.0.0;0.0.0.0
Engineversie: 0.0.0.0
Date: 2024-03-27 00:03:06
Description:
Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie.
Nieuwe versie van beveiligingsinformatie:
Vorige versie van beveiligingsinformatie: 1.407.727.0
Updatebron: Microsoft-updateserver
Type beveiligingsinformatie: AntiVirus
Updatetype: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.24020.9
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Date: 2024-03-26 23:53:01
Description:
Realtime-beveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten.
Date: 2024-03-26 21:09:23
Description:
Realtime-beveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007043c
Foutbeschrijving: Deze service kan niet in veilige modus worden gestart.
Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten.
CodeIntegrity:
===============
Date: 2024-04-20 14:37:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\soera\AppData\Local\Discord\app-1.0.9042\Discord.exe) attempted to load \Device\HarddiskVolume7\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-04-18 10:32:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\soera\AppData\Local\Discord\app-1.0.9041\Discord.exe) attempted to load \Device\HarddiskVolume7\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.
==================== Geheugen info ===========================
BIOS: American Megatrends International, LLC. 3.I0 10/14/2023
Moederbord: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage geheugen in gebruik: 19%
Totaal fysiek RAM-geheugen: 32693.54 MB
Beschikbaar fysiek RAM-geheugen: 26193.26 MB
Totaal Virtueel geheugen: 67509.54 MB
Beschikbaar Virtueel geheugen: 59038.37 MB
==================== Schijven ================================
Drive c: (M.2 128GB) (Fixed) (Total:115.57 GB) (Free:30.6 GB) (Model: TOSHIBA THNSNK128GVN8) NTFS
Drive d: (OPSLAG SSD) (Fixed) (Total:223.55 GB) (Free:187.73 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive e: (EXTERNE HDD) (Fixed) (Total:931.51 GB) (Free:456.34 GB) (Model: Seagate Expansion+ SCSI Disk Device) NTFS
Drive f: (NieuwVolume) (Fixed) (Total:2.12 GB) (Free:2.1 GB) (Model: TOSHIBA THNSNK128GVN8) NTFS
Drive g: (OPSLAG HDD) (Fixed) (Total:931.5 GB) (Free:857.54 GB) (Model: TOSHIBA DT01ACA100) NTFS
\\?\Volume{e41d31be-6856-4be9-9cba-501a185ff643}\ () (Fixed) (Total:0.76 GB) (Free:0.06 GB) NTFS
\\?\Volume{7fc3a907-f57b-4e8d-a29a-357ed23c9868}\ () (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{326d6b34-704e-41bb-8485-d5ccc9836160}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitietabel ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 6C1C5F57)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A350D153)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 9B891793)
Partition: GPT.
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: DE37F93F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Einde van Addition.txt =======================
Attached Files
-
FRST.txt 71.42KB
1 downloads
-
Addition.txt 50.65KB
1 downloads
Back to top
