Hello,
See here and here for main information.
The FRST log, Addition is attached.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022Ran by Meg de Jager (administrator) on MSI (Micro-Star International Co., Ltd. GF62 8RE) (25-04-2022 16:09:05)Running from C:\Users\Meg de Jager\OneDrive\DesktopLoaded Profiles: Meg de JagerPlatform: Microsoft Windows 11 Pro Version 21H2 22000.613 (X64) Language: Dutch (Netherlands) -> English (United States)Default browser: "C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --single-argument %1Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe(C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe ->) (A-Volute SAS -> A-Volute) C:\Users\Meg de Jager\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe(C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe(C:\Program Files\Emsisoft Anti-Malware\a2guard.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe(C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe(D:\Teamviewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Teamviewer\TeamViewer.exe(D:\Teamviewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Teamviewer\tv_w32.exe(D:\Teamviewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Teamviewer\tv_x64.exe(Discord Inc. -> Discord Inc.) C:\Users\Meg de Jager\AppData\Local\DiscordDevelopment\app-1.0.668\DiscordDevelopment.exe <6>(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe(DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxEM.exe(explorer.exe ->) (8bit Solutions LLC -> Bitwarden Inc.) D:\Software\Bitwarden\Bitwarden.exe <5>(explorer.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe(explorer.exe ->) (Mehedi Hassan) [File not signed] C:\Users\Meg de Jager\AppData\Local\Programs\Tweeten\Tweeten.exe <6>(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Meg de Jager\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe <26>(explorer.exe ->) (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe(explorer.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_257b6f08c40eff46\RtkAudUService64.exe(explorer.exe ->) (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Meg de Jager\AppData\Roaming\Spotify\Spotify.exe <6>(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Meg de Jager\AppData\Roaming\Telegram Desktop\Telegram.exe(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe(services.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe(services.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe(services.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHDCPSvc.exe(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHeciSvc.exe(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_129542dbee5a4a5e\Display.NvContainer\NVDisplay.Container.exe <2>(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8369ad36cb6a9cd9\RtkAudUService64.exe(services.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Teamviewer\TeamViewer_Service.exe(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.5.0_x64__w2gh52qy24etm\Nahimic3.exe(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe(WhatsApp, Inc -> WhatsApp) C:\Users\Meg de Jager\AppData\Local\WhatsApp\app-2.2212.8\WhatsApp.exe <7> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_257b6f08c40eff46\RtkAudUService64.exe [3392312 2021-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-30] (Intel® Rapid Storage Technology -> Intel Corporation)HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [302888 2018-06-22] (Micro-Star International CO., LTD. -> ) [File not signed]HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9441632 2022-04-01] (Emsisoft Ltd -> Emsisoft Ltd)HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [79879104 2019-09-26] (GN Audio -> GN Audio A/S)HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6348864 2022-04-18] (Adguard Software Limited -> Adguard Software Ltd)HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2635160 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7958112 2022-04-12] (Proton Technologies AG -> )HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [Microsoft Edge Update] => C:\Users\Meg de Jager\AppData\Local\Microsoft\EdgeUpdate\1.3.157.61\MicrosoftEdgeUpdateCore.exe [252848 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [com.squirrel.Myki] => C:\Users\Meg de Jager\AppData\Local\myki\app-1.4.10\MYKI.exe [71029824 2022-03-01] (MYKI SAL -> MYKI Inc.)HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [MicrosoftEdgeAutoLaunch_D1C4247BE03EF5BEAC2539EF388EC81F] => "C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595696 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [BingWallpaperApp] => C:\Users\Meg de Jager\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13990808 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)HKU\S-1-5-21-3349319283-1251123490-1320229872-1005\...\Run: [electron.app.Bitwarden] => D:\Software\Bitwarden\Bitwarden.exe [139585968 2022-04-25] (8bit Solutions LLC -> Bitwarden Inc.)HKU\S-1-5-21-3349319283-1251123490-1320229872-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5 [3540408 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)HKU\S-1-5-21-3349319283-1251123490-1320229872-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2635160 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5500 series: C:\Windows\system32\CNMLMBU.DLL [391168 2013-04-04] (CANON INC.) [File not signed]HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]HKLM\Software\Microsoft\Active Setup\Installed Components: [{401C381F-E0DE-4B85-8BD8-4F3F14FBDA57}] -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\102.0.1227.0\Installer\setup.exe [2022-04-20] (Microsoft Corporation -> Microsoft Corporation)HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\101.0.1210.26\Installer\setup.exe [2022-04-23] (Microsoft Corporation -> Microsoft Corporation)HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk [2022-04-13]ShortcutTarget: MailWasherPro.lnk -> D:\Software\MailWasherPro.exe (No File)Startup: C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-08-05]ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]Startup: C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2021-10-08]ShortcutTarget: Telegram.lnk -> C:\Users\Meg de Jager\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04057926-9D58-4DF4-8775-7437EB39E066} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)Task: {1EB38114-D3D1-4B6F-9CEF-52B1807ACCA6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138608 2022-04-23] (Microsoft Corporation -> Microsoft Corporation)Task: {1FD62096-B3CC-4107-BD67-9600E83DAD4D} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)Task: {2311E18B-1A98-4CA6-8187-F089E1877937} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {293CB267-A39C-434C-BAE7-A3DF807275FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866896 2022-04-23] (Microsoft Corporation -> Microsoft Corporation)Task: {2969D7C7-9553-4955-823B-874A62BE7FC0} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)Task: {2C07ADD8-0C8C-45E3-9ABE-6CAA2358E031} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005Core => C:\Users\Meg de Jager\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2021-09-06] (Microsoft Corporation -> Microsoft Corporation)Task: {3A183959-8B04-4215-B268-34BB8693D4C6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)Task: {495067B8-2E20-4E9C-96EB-B2BE464F22FA} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]Task: {5043139F-C342-4C18-8C86-31E0F6D9295D} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5668632 2018-04-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]Task: {63FE63EB-EB38-460A-9881-C6C55A945C10} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {6AE0B07A-427E-465E-B38E-686F41DFCEFC} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005UA => C:\Users\Meg de Jager\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2021-09-06] (Microsoft Corporation -> Microsoft Corporation)Task: {6B8C6BBA-9AD8-4AD0-BCA2-AB1F2F22BF06} - System32\Tasks\HPCustParticipation HP ENVY 5000 series => C:\Program Files\HP\HP ENVY 5000 series\Bin\HPCustPartic.exe [6659488 2019-03-19] (HP Inc -> HP Inc.)Task: {7AB668F9-B5F1-40F1-8C58-A132C063DCEC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {7FD3DED7-F3C8-4CFF-BB9D-3CD336317F1E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)Task: {8126B12A-6026-4B49-B644-24033DEF9790} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {82918C0C-2FF4-4212-A30B-E4A0D3C40F0A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {8888A191-FD43-4C50-9CF2-76C16473D66A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-04] (Microsoft Corporation -> Microsoft Corporation)Task: {8ECD3374-4F82-4D97-A7A5-78607955D0AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866896 2022-04-23] (Microsoft Corporation -> Microsoft Corporation)Task: {90745DDE-8581-491D-A6DD-362A40DB41F4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {9A45B1AA-2F68-4677-8B87-61FEA323442F} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)Task: {B41DE075-9648-4E43-9EF8-32EF967C6398} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138608 2022-04-23] (Microsoft Corporation -> Microsoft Corporation)Task: {C74B5B3F-B940-461D-8110-315C589F7BBA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3349319283-1251123490-1320229872-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)Task: {CCACC327-5F66-4168-A1A0-67D0A5FCDC74} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.logTask: {E316EDC6-D2AB-47B5-BE43-9EE9847BF795} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)Task: {F83A6D39-8AE2-481A-9441-5A7C34413519} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)Task: {FC6BE768-F9C5-4442-9055-23D654FAA9AB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"Task: {FDB89938-9703-4FC8-9EA0-CE14CF3BAE7D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3349319283-1251123490-1320229872-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200864 2022-04-24] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\..\Interfaces\{05ce8d63-a6b6-4387-985a-3e1a4c6347dd}: [DhcpNameServer] 195.121.1.34 195.121.1.66Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1 Edge: =======Edge DefaultProfile: DefaultEdge Profile: C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-25]Edge HomePage: Default -> hxxp://oem17win10.msn.com/?pc=NMTEEdge StartupUrls: Default -> "hxxps://www.bing.com/"Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms}Edge Extension: (PreMiD) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2021-08-12] [UpdateUrl:hxxps://api.premid.app/firefox/updates] <==== ATTENTIONEdge Extension: (WOT websitebeveiliging & bescherming veilig browsen) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-04-09]Edge Extension: (Microsoft Rewards) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2021-08-12]Edge Extension: (Better TweetDeck) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpahogfkcecoeidfaemlcojbcbhaojcj [2022-04-09]Edge Extension: (Theater Mode for YouTube™ (large player view)) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dgognhgbpdoeidccnbfhohblklhbbomh [2021-11-05]Edge Extension: (Dark Reader) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-04-09]Edge Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2021-08-12]Edge Extension: (Offline Documenten) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-09]Edge Extension: (Dark Mode - Night Eye) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gijhmcgnnbcpigflkfoimbnfjnbcphah [2022-04-09]Edge Extension: (BetterTTV) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-04-09]Edge Extension: (Darkness - Beautiful Dark Themes) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2021-09-06]Edge Extension: (Bitwarden - Gratis wachtwoordbeheer) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2022-04-09]Edge Extension: (Google Docs Dark Mode) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lgjhepbpjcmfmjlpkkdjlbgomamkgonb [2021-08-12]Edge Extension: (MYKI Password Manager & Authenticator) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nofkfblpeailgignhkbnapbephdnmbmn [2022-04-09]Edge Extension: (Tab Auto Refresh) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odiofbnciojkpogljollobmhplkhmofe [2021-10-19]Edge Extension: (AdGuard-advertentieblokkeerder) - C:\Users\Meg de Jager\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-04-09]StartMenuInternet: Microsoft Edge Beta - C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exeStartMenuInternet: Microsoft Edge Dev - C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe FireFox:========FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-04] (Microsoft Corporation -> Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10782960 2022-04-01] (Emsisoft Ltd -> Emsisoft Ltd)R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [429120 2022-04-18] (Adguard Software Limited -> Adguard Software Ltd)S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-04] (Microsoft Corporation -> Microsoft Corporation)R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [14259512 2022-04-01] (Emsisoft Ltd -> Emsisoft Ltd)R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2021-03-31] (Emsisoft Ltd -> Emsisoft Ltd)S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncHelper.exe [3399584 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-06] (HP Inc. -> HP Inc.)R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks)R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2654712 2020-01-10] (Rivet Networks LLC -> Rivet Networks)R3 Killer Wifi Optimization Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73920 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [168048 2018-06-22] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\101.0.1210.26\elevation_service.exe [1617328 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)S3 MicrosoftEdgeDevElevationService; C:\Program Files (x86)\Microsoft\Edge Dev\Application\102.0.1227.0\elevation_service.exe [1660344 2022-04-14] (Microsoft Corporation -> Microsoft Corporation)R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.077.0410.0007\OneDriveUpdaterService.exe [3847072 2022-04-24] (Microsoft Corporation -> Microsoft Corporation)S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-03-27] (Electronic Arts, Inc. -> Electronic Arts)S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-03-27] (Electronic Arts, Inc. -> Electronic Arts)R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [122464 2022-04-12] (Proton Technologies AG -> )R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65632 2022-04-12] (Proton Technologies AG -> )R3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50784 2022-04-12] (Proton Technologies AG -> )S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207696 2022-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)R2 TeamViewer; D:\Teamviewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-08-04] (Reason Software Company Inc. -> Reason Software Company Inc.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73928 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_129542dbee5a4a5e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_129542dbee5a4a5e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [99896 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2020-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-03] (Microsoft Windows -> Microsoft Corporation)R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)S3 MpKsla7ae6be2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8F2B4E3-F954-4760-95E7-F713534C9FF2}\MpKslDrv.sys [47336 2020-11-08] (Microsoft Windows -> Microsoft Corporation)R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85144 2021-09-13] (A-Volute SAS -> Windows ® Win 7 DDK provider)R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)R3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-06-05] (Microsoft Windows -> )S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> )R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2021-12-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-25 15:44 - 2022-04-25 15:44 - 000001038 _____ C:\Users\Public\Desktop\Bitwarden.lnk2022-04-25 15:44 - 2022-04-25 15:44 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk2022-04-24 15:02 - 2022-04-24 15:02 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\unali-8756921872022-04-24 15:02 - 2022-04-24 15:02 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\unali-8756916712022-04-24 14:53 - 2020-10-14 03:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys2022-04-24 14:49 - 2022-04-24 14:49 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\unali-8748680152022-04-21 18:42 - 2022-04-21 18:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp2022-04-21 18:41 - 2022-02-01 07:01 - 000499136 _____ (Intel) C:\WINDOWS\system32\libvpl.dll2022-04-21 18:41 - 2022-02-01 07:01 - 000431936 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll2022-04-21 18:41 - 2022-02-01 07:00 - 001887416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe2022-04-21 18:41 - 2022-02-01 07:00 - 001887416 _____ C:\WINDOWS\system32\vulkaninfo.exe2022-04-21 18:41 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe2022-04-21 18:41 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe2022-04-21 18:41 - 2022-02-01 07:00 - 001323792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll2022-04-21 18:41 - 2022-02-01 07:00 - 001323792 _____ C:\WINDOWS\system32\vulkan-1.dll2022-04-21 18:41 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll2022-04-21 18:41 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll2022-04-21 18:41 - 2022-02-01 07:00 - 000588128 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll2022-04-21 18:41 - 2022-02-01 07:00 - 000453032 _____ C:\WINDOWS\system32\ze_tracing_layer.dll2022-04-21 18:41 - 2022-02-01 07:00 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll2022-04-21 18:41 - 2022-02-01 07:00 - 000375744 _____ C:\WINDOWS\system32\ze_loader.dll2022-04-21 18:41 - 2022-02-01 07:00 - 000142272 _____ C:\WINDOWS\system32\ze_validation_layer.dll2022-04-21 18:41 - 2022-02-01 06:59 - 000287144 _____ C:\WINDOWS\system32\igfxCPL.cpl2022-04-21 18:41 - 2022-02-01 06:59 - 000208912 _____ C:\WINDOWS\system32\ControlLib.dll2022-04-21 18:41 - 2022-02-01 06:59 - 000164968 _____ C:\WINDOWS\system32\ControlLib32.dll2022-04-20 18:14 - 2022-04-20 18:14 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper2022-04-15 11:46 - 2022-04-15 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN2022-04-13 22:32 - 2022-04-13 22:32 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim2022-04-13 22:29 - 2022-04-13 22:29 - 000000000 ___HD C:\$WinREAgent2022-04-13 20:42 - 2022-04-24 14:50 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firetrust2022-04-13 20:42 - 2022-04-13 20:42 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Firetrust2022-04-13 20:41 - 2022-04-24 14:50 - 000000000 ____D C:\ProgramData\Firetrust2022-04-09 14:02 - 2022-04-25 16:09 - 000000000 ____D C:\FRST2022-03-30 19:14 - 2022-03-30 19:14 - 000000000 ____D C:\WINDOWS\Panther2022-03-30 16:14 - 2022-03-30 16:14 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll2022-03-30 16:14 - 2022-03-30 16:14 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll2022-03-30 16:14 - 2022-03-30 16:14 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll2022-03-30 16:14 - 2022-03-30 16:14 - 000353640 _____ C:\WINDOWS\system32\vp9fs.dll2022-03-30 16:14 - 2022-03-30 16:14 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll2022-03-30 16:14 - 2022-03-30 16:14 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe2022-03-30 14:21 - 2022-03-30 14:21 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\ToolKitMain2022-03-30 14:19 - 2020-12-08 00:00 - 000076344 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUDCPEPM.sys2022-03-30 14:19 - 2020-02-23 14:54 - 000033712 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUEDKEPM.sys2022-03-29 10:47 - 2022-03-29 10:47 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\SCM_Notice ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-25 16:10 - 2021-08-26 12:18 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\WhatsApp2022-04-25 16:10 - 2021-08-06 18:17 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Tweeten2022-04-25 16:09 - 2021-08-05 19:10 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Spotify2022-04-25 16:09 - 2021-08-05 13:30 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\discorddevelopment2022-04-25 16:09 - 2019-06-06 14:25 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware2022-04-25 16:07 - 2019-11-28 12:46 - 000000000 ____D C:\ProgramData\Adguard2022-04-25 16:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp2022-04-25 16:06 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft2022-04-25 15:57 - 2021-08-05 13:30 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\DiscordDevelopment2022-04-25 15:48 - 2022-03-07 10:03 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Bitwarden2022-04-25 15:47 - 2021-08-05 13:07 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\D3DSCache2022-04-25 15:14 - 2021-08-05 19:11 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Spotify2022-04-25 14:21 - 2019-11-28 12:46 - 000000000 ____D C:\Program Files (x86)\Adguard2022-04-25 14:18 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness2022-04-25 13:58 - 2021-07-30 11:09 - 001802010 _____ C:\WINDOWS\system32\PerfStringBackup.INI2022-04-25 13:58 - 2021-06-05 19:58 - 000802652 _____ C:\WINDOWS\system32\perfh013.dat2022-04-25 13:58 - 2021-06-05 19:58 - 000159718 _____ C:\WINDOWS\system32\perfc013.dat2022-04-25 13:58 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF2022-04-25 13:53 - 2021-08-05 14:00 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\CrashDumps2022-04-25 13:52 - 2021-10-08 18:56 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Telegram Desktop2022-04-25 13:52 - 2018-03-15 18:44 - 000000000 ____D C:\ProgramData\NVIDIA2022-04-25 13:51 - 2021-08-06 10:45 - 000000000 ____D C:\Users\Meg de Jager\OneDrive\Documenten\ShareX2022-04-25 13:51 - 2021-08-05 13:06 - 000000000 __SHD C:\Users\Meg de Jager\IntelGraphicsProfiles2022-04-25 13:51 - 2021-07-30 11:07 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask322022-04-25 13:51 - 2021-07-30 11:07 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask642022-04-25 13:51 - 2021-07-30 11:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT2022-04-25 13:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState2022-04-25 13:51 - 2021-06-05 14:01 - 001310720 _____ C:\WINDOWS\system32\config\BBI2022-04-25 13:51 - 2020-12-12 17:39 - 000000485 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics2022-04-25 13:51 - 2019-11-12 23:48 - 000012288 ___SH C:\DumpStack.log.tmp2022-04-25 13:51 - 2018-03-15 18:42 - 000000000 ____D C:\Intel2022-04-25 13:45 - 2021-07-30 10:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy2022-04-25 13:43 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps2022-04-25 13:41 - 2021-08-19 22:10 - 000000000 ____D C:\Program Files\Microsoft OneDrive2022-04-25 13:41 - 2021-07-30 10:45 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK2022-04-25 13:41 - 2019-06-06 10:30 - 000000000 ____D C:\Program Files (x86)\Google2022-04-24 19:35 - 2019-06-06 13:50 - 000000000 ____D C:\Program Files (x86)\Steam2022-04-24 15:48 - 2021-08-05 13:30 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\discord2022-04-24 15:46 - 2021-08-08 13:19 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Discord2022-04-24 15:10 - 2021-08-05 13:06 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Google2022-04-24 15:07 - 2021-09-13 15:52 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Jagex2022-04-24 15:07 - 2019-06-06 14:18 - 000000000 ____D C:\ProgramData\Jagex2022-04-24 15:02 - 2021-07-11 20:37 - 000000000 ____D C:\Program Files (x86)\EaseUS2022-04-24 15:01 - 2021-12-10 15:07 - 000000128 _____ C:\Users\Meg de Jager\AppData\Roaming\winscp.rnd2022-04-24 14:58 - 2021-08-27 11:39 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Godot2022-04-24 14:53 - 2021-08-16 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro2022-04-24 14:49 - 2022-03-11 15:56 - 000000000 ____D C:\Users\Meg de Jager\AppData\LocalLow\Secret Exit Ltd_2022-04-24 14:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Registration2022-04-24 14:48 - 2022-03-01 14:33 - 000000000 ____D C:\Users\Meg de Jager\AppData\LocalLow\Nihad Nasupovic2022-04-24 14:48 - 2022-02-04 11:08 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2022-04-24 14:45 - 2022-03-08 16:01 - 000000000 ____D C:\Users\Meg de Jager\AppData\LocalLow\Klei2022-04-24 14:42 - 2020-05-10 14:15 - 000000000 ____D C:\ProgramData\Origin2022-04-24 14:31 - 2021-12-11 20:35 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3349319283-1251123490-1320229872-10052022-04-24 14:31 - 2021-12-11 20:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3349319283-1251123490-1320229872-5002022-04-24 14:31 - 2021-08-19 22:11 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task2022-04-24 14:31 - 2021-08-19 22:10 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2022-04-23 17:37 - 2021-01-26 19:48 - 000000000 ____D C:\Program Files\Microsoft Office2022-04-23 16:38 - 2021-09-06 18:30 - 000002595 _____ C:\Users\Meg de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Canary.lnk2022-04-23 16:12 - 2020-01-14 22:24 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk2022-04-23 16:11 - 2019-08-21 22:49 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Beta.lnk2022-04-20 18:04 - 2020-11-17 19:51 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Dev.lnk2022-04-19 18:29 - 2021-08-05 13:06 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Packages2022-04-19 16:51 - 2018-03-15 18:41 - 000000000 ____D C:\ProgramData\Package Cache2022-04-19 16:50 - 2019-11-28 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard2022-04-17 12:51 - 2021-12-01 13:52 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\WhatsApp2022-04-15 11:46 - 2022-03-09 19:58 - 000001237 _____ C:\Users\Public\Desktop\ProtonVPN.lnk2022-04-15 11:46 - 2021-08-29 19:01 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Proton Technologies AG2022-04-15 11:46 - 2021-08-29 19:01 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\ProtonVPN2022-04-15 11:46 - 2021-08-29 19:01 - 000000000 ____D C:\Program Files (x86)\Proton Technologies2022-04-13 22:38 - 2021-07-30 11:26 - 000000000 ____D C:\Program Files\Hyper-V2022-04-13 22:38 - 2021-07-30 10:45 - 005145792 _____ C:\WINDOWS\system32\FNTCACHE.DAT2022-04-13 22:38 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources2022-04-13 22:38 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr2022-04-13 22:36 - 2019-06-06 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT2022-04-13 22:34 - 2019-06-06 14:30 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2022-04-13 22:33 - 2021-07-31 20:41 - 000000000 ____D C:\Program Files\dotnet2022-04-13 22:33 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp2022-04-13 22:32 - 2021-07-30 10:46 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll2022-04-11 17:25 - 2018-03-15 18:48 - 001837070 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI2022-04-11 11:14 - 2019-11-28 12:46 - 000099896 _____ (Adguard Software Ltd) C:\WINDOWS\system32\Drivers\adgnetworkwfpdrv.sys2022-04-09 15:12 - 2022-03-04 11:34 - 000000000 ____D C:\Users\Meg de Jager\OneDrive\Documenten\Tandarts2022-04-09 15:12 - 2021-08-06 18:48 - 000000000 ____D C:\Users\Meg de Jager\OneDrive\Documenten\Meg2022-04-09 15:12 - 2021-08-06 10:45 - 000000000 ____D C:\Users\Meg de Jager\OneDrive\Documenten\Scanned Documents2022-04-09 14:51 - 2021-08-05 13:06 - 000000000 ___RD C:\Users\Meg de Jager\OneDrive2022-04-09 14:36 - 2019-06-10 13:02 - 000000635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk2022-04-06 11:52 - 2021-09-06 18:29 - 000003758 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005UA2022-04-06 11:52 - 2021-09-06 18:29 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3349319283-1251123490-1320229872-1005Core2022-04-05 13:03 - 2021-02-21 11:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools2022-04-01 09:57 - 2021-08-13 09:14 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d78521a164af332022-04-01 09:57 - 2021-07-30 11:07 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA2022-03-30 19:13 - 2021-06-05 20:06 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences2022-03-30 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack2022-03-30 14:23 - 2021-08-05 13:30 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\SquirrelTemp2022-03-30 14:23 - 2021-08-05 13:06 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\TeamViewer2022-03-30 14:23 - 2020-11-30 15:13 - 000000000 ____D C:\Program Files\Mozilla Firefox2022-03-30 14:23 - 2020-05-10 14:17 - 000000000 ____D C:\Program Files (x86)\Origin2022-03-30 14:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated2022-03-30 14:23 - 2019-08-04 20:20 - 000000000 ____D C:\ProgramData\Unchecky2022-03-30 14:19 - 2021-07-11 20:38 - 000000000 ____D C:\ProgramData\SystemAcCrux2022-03-27 18:32 - 2022-02-13 13:58 - 000000000 ____D C:\Users\Meg de Jager\AppData\Roaming\Origin2022-03-27 17:13 - 2022-02-13 13:58 - 000000000 ____D C:\Users\Meg de Jager\AppData\Local\Origin2022-03-27 17:13 - 2020-05-10 14:20 - 000000000 ____D C:\Program Files (x86)\Origin Games ==================== Files in the root of some directories ======== 2021-07-27 06:36 - 2021-07-27 06:36 - 000000269 _____ () C:\ProgramData\fontcacheev1.dat2021-12-10 15:07 - 2022-04-24 15:01 - 000000128 _____ () C:\Users\Meg de Jager\AppData\Roaming\winscp.rnd2021-12-13 19:35 - 2021-12-13 19:35 - 000000039 _____ () C:\Users\Meg de Jager\AppData\Local\kritadisplayrc2021-12-13 19:33 - 2021-12-13 19:35 - 000016297 _____ () C:\Users\Meg de Jager\AppData\Local\kritarc2022-04-02 11:29 - 2022-04-02 11:29 - 000000000 _____ () C:\Users\Meg de Jager\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================