Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.03.2024 01 Ran by lunax (25-03-2024 13:17:36) Running from C:\Users\lunax\OneDrive\Pulpit Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2020-09-25 19:33:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1073749821-58844685-1028034250-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1073749821-58844685-1028034250-503 - Limited - Disabled) Gast (S-1-5-21-1073749821-58844685-1028034250-501 - Limited - Disabled) Gebruiker (S-1-5-21-1073749821-58844685-1028034250-1001 - Administrator - Enabled) => C:\Users\Gebruiker lunax (S-1-5-21-1073749821-58844685-1028034250-1002 - Administrator - Enabled) => C:\Users\lunax WDAGUtilityAccount (S-1-5-21-1073749821-58844685-1028034250-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Norton Security (Enabled - Up to date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer) Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_1) (Version: 24.0.1 - Adobe Systems Incorporated) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Alicia (HKLM-x32\...\Alicia) (Version: 1.0.0.0 - NtreevSoft) Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.2.6105 - Avast Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CA1033 (HKLM-x32\...\{28BA5A57-E17B-41CC-BA54-B1DF4B132027}_is1) (Version: 1.0.3 - California Access) CCleaner (HKLM\...\CCleaner) (Version: 6.22 - Piriform) Corel Painter 2020 (HKLM-x32\...\Corel Painter 2020 20.0.0.256) (Version: 20.0.0.256 - Corel) Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd) Discord (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Discord) (Version: 1.0.9002 - Discord Inc.) Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{4A02DCED-C2B0-4DD3-87BD-7D8E68D6AF3C}) (Version: 0.8.6.75 - Dolby Laboratories, Inc.) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated) Dropbox (HKLM-x32\...\Dropbox) (Version: 195.4.4995 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.179.0.5436 - Electronic Arts) Hidden EA app (HKLM-x32\...\{40ce8c52-b08b-435c-8690-9eb7fb7385a9}) (Version: 12.179.0.5436 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{A1EB595F-651D-4A04-99B0-A7065538B33C}) (Version: 2.0.38.0 - Epic Games, Inc.) Gametree Launcher (HKLM-x32\...\GTL) (Version: 3.0.26.0 - NtreevSoft) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.58 - Google LLC) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Huion Tablet v14.8.90.1126 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.90.1126 - ) Imagine Champion Rider (HKLM-x32\...\{F715F7A4-67BA-11DD-93EF-B74D56D89593}) (Version: 1.00.0000 - Phoenix Interactive) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AF8A5E6C-7485-47FB-9FE4-CF3B43FDB178}) (Version: 18.0.156 - Intel Corporation) Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{A6D99F91-2039-4560-A476-1E8B954E0C70}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{BF1D4FDD-6613-4F36-AE24-EDE3D7E30CF4}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{50DC6FA9-9221-495B-B9BF-EF39D7BC4FDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6576 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{6622B2A4-ED9B-4FA5-9FB3-51ACEBC094D4}) (Version: 16.7.1.1012 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{FDA51260-818D-4F38-B39B-FD808ED54E5E}) (Version: 30.100.1727.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation) Krita (x64) 4.4.5 (HKLM\...\Krita_x64) (Version: 4.5.4.0 - Krita Foundation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) LibreOffice 7.6.3.2 (HKLM\...\{6DE084CE-7A25-40EA-A24A-D208C8169E05}) (Version: 7.6.3.2 - The Document Foundation) Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains) LOOT version 0.16.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.16.0 - LOOT Team) Malwarebytes version 4.6.9.314 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.9.314 - Malwarebytes) Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{484EF395-8BDF-417B-AF02-35777C5AFC32}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C79060C7-3052-431F-92F9-609B83317A77}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft Dungeons Launcher (HKLM-x32\...\{2AEC0A44-BDB0-412C-A215-28347E5E6479}) (Version: 1.0.0.0 - Mojang) Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.1 - Mozilla) My Horse and Me (HKLM-x32\...\{6B86AB79-5FC2-4746-94D7-9CA8D3C91170}) (Version: 1.00.0000 - W! Games) Hidden My Horse and Me (HKLM-x32\...\InstallShield_{6B86AB79-5FC2-4746-94D7-9CA8D3C91170}) (Version: 1.00.0000 - W! Games) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3012 - Acer Incorporated) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Graphics Driver 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.) Palia (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Palia) (Version: 0.167.2 - Singularity 6 Corporation) ProtonVPN (HKLM-x32\...\{31E6E510-4199-4F1A-94EB-C4A242DCFFFA}) (Version: 1.20.4 - Proton Technologies AG) Hidden ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG) ProtonVPNTun (HKLM-x32\...\{10242617-4DA6-4E16-98D8-92B16E54BAEB}) (Version: 0.10.0 - Proton Technologies AG) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rival Stars Horse Racing Desktop Edition REPACK (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Rival Stars Horse Racing Desktop Edition REPACK) (Version: - HOODLUM) Roblox Player for lunax (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for lunax (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\roblox-studio) (Version: - Roblox Corporation) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.83.1767 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games) SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.6.16.6566955269 - Linden Research, Inc.) Skype version 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.) Star Equestrian Launcher (HKLM-x32\...\2032b3b1-e573-486a-bf6a-89b7b0839e25) (Version: - Foxie Ventures) Star Stable 2 (HKLM-x32\...\{6DD86DE9-1AE7-41B0-9326-1A90E32BAE88}) (Version: 1.00.0000 - Stabenfeldt) Star Stable Online 2.30.0 (HKLM\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.30.0 - Star Stable Entertainment AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH) The Endless Forest (HKLM-x32\...\The Endless Forest_is1) (Version: - Tale of Tales) The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 0.0.0 - DODI-Repacks) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.88.213.1030 - Electronic Arts Inc.) Thunderstore Mod Manager (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Overwolf_ahpflogoookodlegojjphcjpjaejgghjnfcdjdmi) (Version: 1.40.0 - Overwolf app) Tower of Fantasy (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\tof_launcher) (Version: - Hotta Studio) TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster) Twitch (HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Twitch (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UE Prerequisites (x64) (HKLM\...\{E171B21A-DA58-432D-A74B-D13B204BA477}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden VALORANT (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.7 - Black Tree Gaming Ltd.) Vortex Cloud Gaming (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\{81f2d666-c8e4-4681-8ca8-0a7a234df052}) (Version: 1.27.0 - RemoteMyApp Sp. z o.o.) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\WinDirStat) (Version: - ) WinDirStat 1.1.2 (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\WinDirStat) (Version: - ) Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) Windows Driver Package - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises) Zoo Tycoon: Ultimate Animal Collection [FULL REMOVAL] (HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\{4A0FF863-48CC-4955-A063-1D2B26A1B4A2}_is1) (Version: 1.1711.52116 - Microsoft Studios) Packages: ========= Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2024-02-07] (Acer Incorporated) Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-02] (Acer Incorporated) Care Center -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenter_3.0.3007.0_x64__48frkmn4z8aw4 [2020-04-01] (Acer Incorporated) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-18] (Microsoft Corporation) Lake -> C:\Program Files\WindowsApps\WhitethornDigital.LakeTemp_1.2.0.0_x64__wm90jk67xa6wg [2024-02-16] (Whitethorn Digital) Life is Strange: True Colors™ -> C:\Program Files\WindowsApps\39C668CD.ProjectSiren_7.2202.80.0_x64__r7bfsmp40f67j [2022-05-02] () LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.26.0_x64__w1wdnht996qgy [2024-03-14] (LinkedIn) [Startup Task] Little Witch In The Woods -> C:\Program Files\WindowsApps\SUNNYSIDEUP.6339DCD3D833_1.6.23.0_x64__0krqck62hdjwr [2022-06-21] (SUNNY SIDE UP) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.17328.20184.0_x86__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-03-20] (Netflix, Inc.) NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3012.0_x64__48frkmn4z8aw4 [2023-09-03] (Acer Incorporated) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-23] (NVIDIA Corp.) PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-10-09] (CYBERLINK COM CORP) PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2019-02-20] (CYBERLINK COM CORP) Pulpit zdalny Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation) QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2020-10-01] (Acer Incorporated) Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.128.7221.0_x64__8wekyb3d8bbwe [2024-03-25] (Microsoft Studios) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-14] (Spotify AB) [Startup Task] Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-21] (Microsoft Corporation) User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3004.0_x64__48frkmn4z8aw4 [2019-02-20] (Acer Incorporated) Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1073749821-58844685-1028034250-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\lunax\Dropbox [2020-07-09 11:10] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-14] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.71.0.dll [2024-03-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxDTCM.dll [2019-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_64da94585973233d\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-14] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2022-05-25] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2022-05-25] (Electronic Arts -> On2.com) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\lunax\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2024-03-25 12:53 - 2024-03-25 12:53 - 165248000 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\libcef.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000379392 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\libegl.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 006679040 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\libglesv2.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 004325888 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\vk_swiftshader.dll 2018-01-20 09:34 - 2018-01-20 09:34 - 000373248 _____ (IntelleSoft) [File not signed] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 001166336 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\chrome_elf.dll 2019-12-07 16:57 - 2022-02-13 17:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2019-12-07 16:57 - 2022-02-13 17:17 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2019-12-07 16:57 - 2022-02-13 17:17 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2023-03-17 18:45 - 2022-02-13 17:17 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll 2024-03-25 12:52 - 2024-03-25 12:53 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\audio\qtaudio_windows.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\iconengines\qsvgicon.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qgif.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qico.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000353280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qjpeg.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qsvg.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qtiff.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000423424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\imageformats\qwebp.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 001239552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\platforms\qwindows.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 005550592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Core.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 005812736 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Gui.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000594944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Multimedia.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000915456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Network.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 003046400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Qml.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000362496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5QmlModels.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 003650560 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Quick.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Svg.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 004702208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Widgets.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000220160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5WinExtras.dll 2024-03-25 12:53 - 2024-03-25 12:53 - 000165888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.14758\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\OEM:err [1958] AlternateDataStreams: C:\WINDOWS\system32\$Acer$.cmd:48CE61F693 [3442] AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442] AlternateDataStreams: C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc:6D97201572 [3442] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Jade.lnk:230E71DC96 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Jade.lnk:459AE853E6 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2020.lnk:708E5666EE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk:BA99D4170B [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk:1A5FAF1E4E [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk:742FE07988 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk:073005E2F7 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk:E87CC2B01F [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horse Isle 3.lnk:51B813D4B8 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huion Tablet Uninstall .lnk:70735F229F [3442] AlternateDataStreams: C:\Users\lunax\Application Data:03c349036c311b689a0a20c267c18ca0 [394] AlternateDataStreams: C:\Users\lunax\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\lunax\Application Data:84bc1c93d310d534abe6b7c11e3cef0d [394] AlternateDataStreams: C:\Users\lunax\AppData\Roaming:03c349036c311b689a0a20c267c18ca0 [394] AlternateDataStreams: C:\Users\lunax\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\lunax\AppData\Roaming:84bc1c93d310d534abe6b7c11e3cef0d [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6136] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-1073749821-58844685-1028034250-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1073749821-58844685-1028034250-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1073749821-58844685-1028034250-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-1073749821-58844685-1028034250-1002 -> DefaultScope {80C104C5-58B7-4BE5-808D-784EFDEFBFB6} URL = SearchScopes: HKU\S-1-5-21-1073749821-58844685-1028034250-1002 -> {80C104C5-58B7-4BE5-808D-784EFDEFBFB6} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\localhost -> localhost ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1073749821-58844685-1028034250-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp HKU\S-1-5-21-1073749821-58844685-1028034250-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\lunax\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Lightshot" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "ut" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CFE8E86D2861E10F9687A50B3F595854" HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\StartupApproved\Run: => "RiotClient" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{B561D0D0-E64C-477C-BA4C-FC0DC9DAC3BF}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [TCP Query User{2D2F9A5D-6743-46A1-8D61-4447EF0990D6}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [{22539846-CA08-49AA-9284-C0E2365E0620}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe (UBISOFT ENTERTAINMENT INC. -> Blue Mammoth Games) FirewallRules: [{D7DD5DBF-2687-4010-AD74-8BBC171E9B4B}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe (UBISOFT ENTERTAINMENT INC. -> Blue Mammoth Games) FirewallRules: [{2F0F22FA-D195-47B8-B9FB-B0D577B989C2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{817FE8B5-EC2C-47C1-B11A-64A5D5BD997E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF27CD3D-A34B-47BD-990E-D5BED36433C2}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed] FirewallRules: [{F906FE29-ABE1-4F5F-8E38-9C2FFA089FAD}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed] FirewallRules: [UDP Query User{012FE7B7-BC09-4AE2-BE0B-4AA048ABEC2F}D:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{DFF7728C-05DA-4562-AAAC-12FC83731A1A}D:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{1C4C2FE4-63B4-48F9-B402-048CB830E164}] => (Allow) C:\Users\lunax\AppData\Local\Gametree\Alicia\Alicia.exe (NtreevSoft Co.,Ltd -> ) FirewallRules: [{F8050610-AB16-402E-BDAA-96C12DEC43C1}] => (Allow) C:\Users\lunax\AppData\Local\Gametree\Alicia\Alicia.exe (NtreevSoft Co.,Ltd -> ) FirewallRules: [UDP Query User{DF3F130B-3ED3-49C6-B179-6D8E654B7FAE}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{1FDFB4FC-BBA0-4B4B-BD43-728AB4DD87E5}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{30A0C701-1810-44A7-A5AC-C033551721E7}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{FB7FAAD5-2BDB-44A2-A834-805C6686561F}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [{8D96ECD5-6236-40AA-912A-4250317D599C}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{DA30CCCB-E498-4B1E-AAA5-42FD010B6D35}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{F4F3D92C-F2A6-4C51-B6B2-867997F48419}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9AC2AF79-2820-4C5E-9179-D77464318E65}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{98C0A4DC-BBAD-4063-B4E7-693B51AEDE2C}D:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{909A3282-2D1A-459F-AD9C-982E73A8004F}D:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{94C996C6-65EE-43D2-81A6-79EC762C0B0A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [{6689891A-54B4-43DA-81E2-DF4C1416B1AC}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed] FirewallRules: [{B2BB5E0F-9CF5-470A-B0A3-2821AF60F658}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{1FA6448E-65C8-4CE1-B7C4-00AB36B8313B}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{7ADAB0F4-F54C-440C-A342-1AAFF30B2878}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{62474ABA-F0AA-43C1-A733-92CA10246581}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{EA1E1248-9321-4E92-A5CA-EC700D4206F7}] => (Allow) D:\steam\steamapps\common\skyrim\skse_steam_boot.exe () [File not signed] FirewallRules: [{FF90F5A6-7CFC-45AA-A848-111E873B3048}] => (Allow) D:\steam\steamapps\common\skyrim\skse_steam_boot.exe () [File not signed] FirewallRules: [{8438EFA5-77D5-41BD-8DEF-A72BCEA3F287}] => (Allow) D:\steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{651BF2FA-FCA2-49D9-BDD1-5CBC11637D2E}] => (Allow) D:\steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{DCB76741-3E81-462A-8DD7-B7995406F48E}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [UDP Query User{9FB5221E-A344-4765-BF04-3597BD9A22CD}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [{9F10968E-6367-4922-851F-E773F4A3DEE0}] => (Allow) C:\Users\lunax\Vortex\Vortex.exe (RemoteMyApp Sp. z o.o.) [File not signed] FirewallRules: [TCP Query User{F4D5BA35-CB00-4EB7-B162-4AF82004B8A2}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [UDP Query User{B34555F1-0421-4BC3-BCE5-5E07FB49B537}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [{8612DB4C-0163-423D-B2D5-C110DDADDAE9}] => (Allow) C:\Users\Gebruiker\Twitch\Minecraft\Install\minecraft.exe (Mojang AB -> Mojang) FirewallRules: [{890D61E8-4C4D-4362-A3BF-6A91F8881888}] => (Allow) C:\Users\Gebruiker\Twitch\Minecraft\Install\minecraft.exe (Mojang AB -> Mojang) FirewallRules: [{6CED4F4C-47D2-4DCF-ABE9-331F50E45AA4}] => (Allow) C:\Users\Gebruiker\Twitch\Minecraft\Install\minecraft.exe (Mojang AB -> Mojang) FirewallRules: [{4363F1A0-060D-4D64-BFBD-F9D28AEF4DBF}] => (Allow) C:\Users\Gebruiker\Twitch\Minecraft\Install\minecraft.exe (Mojang AB -> Mojang) FirewallRules: [{BE23DD52-EA8B-4211-9134-0B370431DF04}] => (Allow) C:\Users\Gebruiker\Twitch\Minecraft\Install () <==== ATTENTION [zero byte File/Folder] FirewallRules: [TCP Query User{97E94766-CACA-48C7-A082-03C62218B7EB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{F7E45843-E062-4EC2-B65D-F0E8F717FEA0}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{F692AB3C-3F2D-46FE-BB48-0871E9C63DAB}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [UDP Query User{FFF4E7F8-9AE2-44C9-A964-8DC7786C0D1F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [{134BA044-5929-4F90-822F-62F7E9BA7B1E}] => (Allow) D:\steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed] FirewallRules: [{5398F8AA-76ED-43D4-8004-2E2F99330583}] => (Allow) D:\steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed] FirewallRules: [TCP Query User{1759190A-1FB9-4941-90C9-A49761506102}D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{F4C48D9A-A898-4E7E-B1D7-ED69526E2F9F}D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{7E740286-55B2-4065-95A3-BFB6008127BF}D:\layers\amongus\among us.exe] => (Allow) D:\layers\amongus\among us.exe () [File not signed] FirewallRules: [UDP Query User{FBC32DA3-1FD7-4406-8956-3771E66CE055}D:\layers\amongus\among us.exe] => (Allow) D:\layers\amongus\among us.exe () [File not signed] FirewallRules: [{14F07ED9-BD66-4ECF-A6D4-74CB3954443A}] => (Allow) D:\steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{A4A6CB63-783A-49CD-B850-BAC13AADF757}] => (Allow) D:\steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [TCP Query User{46DB3E9E-C10C-42A0-95B8-380FCC8FE3E2}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{8D00C1EE-CA6A-4C60-96C7-FC6662CE281C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{EAD187D1-6873-4CA6-8A0E-67241F7898F1}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe () [File not signed] FirewallRules: [UDP Query User{4B715508-3DE5-4014-A556-E4ED456BD370}C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe] => (Allow) C:\program files (x86)\tale of tales\the endless forest 3\forestviewer.exe () [File not signed] FirewallRules: [{0C887BCE-4FB4-4018-BAAC-0412D20C7B82}] => (Allow) C:\Users\lunax\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> ) FirewallRules: [{B2270935-EF4B-4923-90A9-270E20190E53}] => (Allow) C:\Users\lunax\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> ) FirewallRules: [{202DC269-C1A9-4581-B35F-C59DFE4BF2C1}] => (Allow) D:\steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta Software GmbH -> ) FirewallRules: [{81CC2CFB-A76E-4F17-A6A4-E11EF1618487}] => (Allow) D:\steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta Software GmbH -> ) FirewallRules: [TCP Query User{45880070-3085-4199-953A-801746D207C6}C:\users\lunax\downloads\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rivalstarshorseracing.exe] => (Allow) C:\users\lunax\downloads\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rivalstarshorseracing.exe () [File not signed] FirewallRules: [UDP Query User{62335DD4-74AD-4A2C-883C-CC3CCD3217B1}C:\users\lunax\downloads\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rivalstarshorseracing.exe] => (Allow) C:\users\lunax\downloads\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rival.stars.horse.racing.desktop.edition.v1.15\rivalstarshorseracing.exe () [File not signed] FirewallRules: [{A55E294D-D508-4AB7-978B-DCFF26C43F95}] => (Allow) D:\steam\steamapps\common\The Ranch of Rivershine Demo\TheRanchOfRivershine.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{181EF48F-479E-48FA-AA33-82CD94A2F824}] => (Allow) D:\steam\steamapps\common\The Ranch of Rivershine Demo\TheRanchOfRivershine.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{305E1F82-0B7E-4E21-9C6A-083A92926E9E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{259D8EB3-3568-4811-8F06-9BBA4DD857C0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C50A4F79-72E7-45C6-A788-51EE6A6C3B19}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{5AEDF871-FD88-4732-8948-AA0F4C42911E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{51128925-7114-456C-884D-6065FA33216E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{38FED389-5D14-4B3C-8E25-2F1741011BED}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{43347289-7ED9-46C9-8EB8-A486BB9A85BA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F3919F3C-CCEA-4D6D-9D3B-DCB0A4A50E6C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{921F6917-2F1B-4FC8-87BE-059E4E824C5F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{69DA3F71-3FBF-4EB5-9327-F31221F81477}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D230E5A4-5337-4832-A5C5-8B38EAD85BE5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B7256F8A-483D-4DC9-94F1-A8BFBB097DD9}] => (Allow) C:\Users\lunax\AppData\Local\Star Equestrian Launcher\launcher.exe (XSOLLA (USA), INC. -> Electron launcher) FirewallRules: [{52A9B56F-475F-4EC8-BE81-892C0E681409}] => (Allow) C:\Users\lunax\AppData\Local\Star Equestrian Launcher\resources\app.asar.unpacked\node_modules\@xsolla\launcher-core-win\bin\LauncherElectron.exe (XSOLLA (USA), INC. -> ) FirewallRules: [{3FA44652-AA14-4761-9191-000DC1831728}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed] FirewallRules: [{8EDDD6A8-33F6-47AD-84E4-F94249DEEDCC}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed] FirewallRules: [{45B90321-98F5-4740-88F8-9A16475A4F57}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed] FirewallRules: [{9109409E-6FE9-4157-A349-3CC8F5295DDB}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed] FirewallRules: [{1078BBDD-15C8-4536-BB7F-EC4EFD45BDA0}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{AC917CCE-86B2-445C-A05B-94065194012E}] => (Allow) D:\steam\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{E7C2E497-4C9B-47B7-8F66-BF6314874709}] => (Allow) D:\steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc) FirewallRules: [{88DC3FD1-481A-4187-A621-2BB3DD8E256C}] => (Allow) D:\steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc) FirewallRules: [TCP Query User{6AEA78F5-901B-4225-93B6-809F4959B595}D:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steam\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{24721447-A6E8-4669-BB30-E9431F633D13}D:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steam\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [{C6EF4696-48E9-4014-8D7B-88628C699345}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DD146E20-7ED0-40D4-98D3-B9EC4AAE80D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{257F5771-398F-468D-849A-E7754350ECA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3B92F1DD-6EA7-43A7-B8CD-D0E67C2EED1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{80E0EA20-E0BC-408D-B7C7-08BD4A01A3FF}] => (Allow) D:\steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed] FirewallRules: [{11E19C15-2002-44DF-B667-6AAA08F053BA}] => (Allow) D:\steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed] FirewallRules: [TCP Query User{06B26890-B001-40BF-BA39-A61A6BAE1FA0}D:\new folder (4)\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\new folder (4)\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{93635012-CBAF-466B-931F-75FA1E529E11}D:\new folder (4)\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\new folder (4)\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [{A7441913-D680-4854-AA7D-4A85E5D84D8D}] => (Allow) C:\Users\lunax\AppData\Local\Gametree\Alicia\Alicia.exe (NtreevSoft Co.,Ltd -> ) FirewallRules: [{410485D7-10A4-4579-AB2D-522326946016}] => (Allow) C:\Users\lunax\AppData\Local\Gametree\Alicia\Alicia.exe (NtreevSoft Co.,Ltd -> ) FirewallRules: [{7F807203-D0B6-4D62-9480-A86449F5452A}] => (Allow) D:\steam\steamapps\common\Party Animals\PartyAnimals.exe () [File not signed] FirewallRules: [{4CB48A73-67A2-469D-A684-4867C3E5F8CE}] => (Allow) D:\steam\steamapps\common\Party Animals\PartyAnimals.exe () [File not signed] FirewallRules: [TCP Query User{ABA49485-79E6-4B9E-A0C1-BA84129A1593}D:\layers\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\layers\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{C4C0CC45-5287-4EE8-B6FB-69CD71162F5A}D:\layers\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\layers\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{C6F630FD-7A98-4843-9799-A72859D02FA9}] => (Allow) D:\steam\steamapps\common\EscapeTheBackrooms\Backrooms.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{105D1676-C43B-47EE-9B61-2F086EFC3FCE}] => (Allow) D:\steam\steamapps\common\EscapeTheBackrooms\Backrooms.exe (Epic Games, Inc.) [File not signed] FirewallRules: [TCP Query User{26733B48-77D7-4867-8C28-D5C52175E482}D:\steam\steamapps\common\escapethebackrooms\escapethebackrooms\binaries\win64\backrooms-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\escapethebackrooms\escapethebackrooms\binaries\win64\backrooms-win64-shipping.exe (Fancy Games) [File not signed] FirewallRules: [UDP Query User{A0EA5B85-B387-4019-956D-AA013F30C70C}D:\steam\steamapps\common\escapethebackrooms\escapethebackrooms\binaries\win64\backrooms-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\escapethebackrooms\escapethebackrooms\binaries\win64\backrooms-win64-shipping.exe (Fancy Games) [File not signed] FirewallRules: [{C651B2B3-278E-4B11-BD33-130A293FE3B1}] => (Allow) D:\steam\steamapps\common\PICO_PARK_ONLINE\pico_park.exe () [File not signed] FirewallRules: [{8BCCC08C-C356-4BE5-9F79-1C1EB6DA5484}] => (Allow) D:\steam\steamapps\common\PICO_PARK_ONLINE\pico_park.exe () [File not signed] FirewallRules: [TCP Query User{CB931D88-7E9E-434A-89D7-00F3608DD70C}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{C4751DED-49EC-432E-9E1B-2F508BC7672D}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{6BE35B6B-BDC8-4E4F-A0C5-EAFC2E5F4AE7}C:\users\lunax\appdata\local\discord\app-1.0.9034\discord.exe] => (Allow) C:\users\lunax\appdata\local\discord\app-1.0.9034\discord.exe => No File FirewallRules: [UDP Query User{8C9B7EAD-A8C5-4B0B-B2EB-C9CA8208BCF1}C:\users\lunax\appdata\local\discord\app-1.0.9034\discord.exe] => (Allow) C:\users\lunax\appdata\local\discord\app-1.0.9034\discord.exe => No File FirewallRules: [{C1BDE112-05E6-4DF2-8B70-C83C70ED2A00}] => (Allow) D:\steam\steamapps\common\Demonologist\Demonologist.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{CC47D340-C14A-48E3-B6CF-340E9A28750E}] => (Allow) D:\steam\steamapps\common\Demonologist\Demonologist.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{0E481094-5B29-4F8D-AD50-D29B00F49A48}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File FirewallRules: [{F0FE7A82-8060-4737-A30D-68EAE36EB56D}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File FirewallRules: [{FB2E8C4D-3C37-4E2F-B561-31A6ABF0E358}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File FirewallRules: [{48155731-ABE5-4190-8945-5EED58BDBDEE}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File FirewallRules: [{3FE61725-9D10-4C72-9761-3FEBCA8EBF95}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{824A1E1C-D067-4853-BB97-6578A3E77526}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{9E8AEBF4-4F0B-4DBE-A802-59A59791ED32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{A37B2107-CD21-428F-8511-82B332D627FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4EF58856-B055-47C9-8201-9A5FB001EEB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{59507857-008F-49F9-8E44-308D2BFD760A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3F639119-F6CC-45AD-90E0-1DF330DA4218}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2422AF5C-B03F-4FB0-A519-2A092D621910}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{755FB3EB-43A0-4FF7-A8F9-D2922BF3F3F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{93C82E7A-9EBB-47DB-B434-724FE5BF442D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6E383196-FDE0-4BF2-A206-1F400FB45BDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BA090996-2AA9-4EF0-AD54-DAD5191C2B12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CF7D22FC-41FE-4195-80BA-9E25096F0D96}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BC79CF2D-912F-4D8A-A63B-6885DD6055C8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.) FirewallRules: [{CC4BBBD5-7DD6-4840-AFDB-0102491D1E12}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.) FirewallRules: [{33630A7A-9DA7-4C30-AACD-A01F0E16A654}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.17328.20184.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9BC51738-8392-49D7-AAD6-50C784DDF217}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BBFA3770-1A9A-4DC1-8342-7BD13E5C4774}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{112B4E18-202B-4019-8D5B-3ADC20E3B0B9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 19-03-2024 10:10:13 AdwCleaner_BeforeCleaning_19/03/2024_10:10:12 22-03-2024 19:23:35 Configured My Horse and Me ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (03/23/2024 12:22:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.3636, time stamp: 0x68d9382a Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800 Exception code: 0xc0000005 Fault offset: 0x00000000000634f6 Faulting process id: 0x3124 Faulting application start time: 0x01da7cadc0264f2f Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 3ecafa3f-c0f3-4db5-9cf4-634a0657c5d2 Faulting package full name: Faulting package-relative application ID: Error: (03/23/2024 12:16:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Faulting module name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Exception code: 0xc0000005 Fault offset: 0x0000000000030aa1 Faulting process id: 0x3e68 Faulting application start time: 0x01da7caefff52753 Faulting application path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Faulting module path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Report Id: 8787d33d-c0d1-4047-b552-9eb3ef61af05 Faulting package full name: Faulting package-relative application ID: Error: (03/23/2024 12:12:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Faulting module name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Exception code: 0xc0000005 Fault offset: 0x0000000000030aa1 Faulting process id: 0xacc Faulting application start time: 0x01da7cae7a112979 Faulting application path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Faulting module path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Report Id: 75189426-d5cc-4eeb-96a8-b19548b8947e Faulting package full name: Faulting package-relative application ID: Error: (03/23/2024 12:07:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.3636, time stamp: 0x68d9382a Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800 Exception code: 0xc0000005 Fault offset: 0x00000000000634f6 Faulting process id: 0x36c8 Faulting application start time: 0x01da7cac731e8850 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 81e1834b-ad89-466a-bd4a-83f36dfebfdd Faulting package full name: Faulting package-relative application ID: Error: (03/22/2024 11:58:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.19041.3636, time stamp: 0x68d9382a Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x39215800 Exception code: 0xc0000005 Fault offset: 0x00000000000634f6 Faulting process id: 0x10e0 Faulting application start time: 0x01da7c88f3982e5b Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 66751509-f91a-4b83-974a-0de736602257 Faulting package full name: Faulting package-relative application ID: Error: (03/22/2024 11:52:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Faulting module name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Exception code: 0xc0000005 Fault offset: 0x0000000000030aa1 Faulting process id: 0xdc8 Faulting application start time: 0x01da7caba79ffdb7 Faulting application path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Faulting module path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Report Id: 2e96a6ef-972a-41be-80a6-8f12970bb2ce Faulting package full name: Faulting package-relative application ID: Error: (03/22/2024 11:49:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Faulting module name: RAVBg64.exe, version: 1.0.296.1, time stamp: 0x5d9d9331 Exception code: 0xc0000005 Fault offset: 0x0000000000030aa1 Faulting process id: 0x26c4 Faulting application start time: 0x01da7cab21cd43c7 Faulting application path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Faulting module path: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe Report Id: 87b13bf5-1172-4dc5-8f5a-e7d77dd60ae4 Faulting package full name: Faulting package-relative application ID: Error: (03/22/2024 08:34:39 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-LREAARP) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. System errors: ============= Error: (03/25/2024 01:15:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 01:08:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 01:07:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 01:07:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 12:59:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 12:58:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 12:56:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Error: (03/25/2024 12:56:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LREAARP) Description: The server MicrosoftWindows.Client.CBS_1000.19054.1000.0_x64__cw5n1h2txyewy!InputApp did not register with DCOM within the required timeout. Windows Defender: ================ Date: 2024-03-17 22:21:35 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2024-03-16 19:52:14 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2024-03-10 16:58:16 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2024-03-08 20:24:41 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2024-03-07 22:02:12 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0]: Date: 2023-08-25 12:47:07 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.395.1274.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.23070.1005 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2023-07-25 09:50:47 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =============== Date: 2024-03-25 12:52:34 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: Insyde Corp. V1.28 08/05/2019 Motherboard: CFL Freed_CFS Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz Percentage of memory in use: 85% Total physical RAM: 8034.3 MB Available physical RAM: 1129.77 MB Total Virtual: 20322.3 MB Available Virtual: 9746.98 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:237.35 GB) (Free:65.39 GB) (Model: INTEL SSDPEKKW256G8) NTFS Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:373.97 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS \\?\Volume{02a71cf4-d4f1-4306-83a0-b401043d99b8}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.34 GB) NTFS \\?\Volume{ab0b4eee-8838-48cd-963a-232827352144}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 7F14FAA4) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 7F14FA43) Partition: GPT. ==================== End of Addition.txt =======================