Dekuji za kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43119
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod jaro3 » 20 zář 2023 00:44

CDI neřeší teplotu ale jen chyby na disku, vadné sektory ,podezřelé sektory a ubývání "volných" sektorů.

Zkusíme ještě nákazu.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.


další zítra odpoledne.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 21 zář 2023 13:02

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2023
Ran by Skyren (administrator) on SKYREN (19-09-2023 18:52:14)
Running from C:\Users\Skyren\Downloads\FRST64.exe
Loaded Profiles: Skyren
Platform: Microsoft Windows 11 Pro Version 22H2 22621.2215 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Audient\USBAudioDriver\W10_x64\AudientAppLauncher.exe ->) (yourcompany) [File not signed] C:\Program Files\Audient\iD\iD.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe ->) (Native Instruments GmbH -> ) C:\Program Files\Common Files\Native Instruments\NTK\crashpad_handler.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe <7>
(C:\ProgramData\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(DeepL SE -> DeepL SE) C:\ProgramData\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Image Line -> Image-Line) C:\Program Files\Image-Line\FL Studio 21\FL64.exe
(explorer.exe ->) (InDeep Software) [File not signed] C:\Program Files\ScreenBlur\ScreenBlur.exe
(explorer.exe ->) (juvlarN) [File not signed] I:\Steam\vibranceGUI.exe
(explorer.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe
(explorer.exe ->) (Thesycon Software Solutions GmbH & Co. KG -> Audient) C:\Program Files\Audient\USBAudioDriver\W10_x64\AudientAppLauncher.exe
(explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIXYE.EXE
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (CLEVERFILES INC. -> CleverFiles) C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe
(services.exe ->) (Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe <2>
(services.exe ->) (Softube AB -> ) C:\Program Files\Softube\InstallerDaemon\InstallerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2337.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Waves Inc -> Waves Audio Ltd.) C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\WavesLocalServer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe [1350240 2021-09-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Ozone Strike Pro Driver] => C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.exe [479232 2013-08-19] () [File not signed]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\Installer\setup.exe [3788840 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [ScreenBlur by InDeep Software] => C:\Program Files\ScreenBlur\ScreenBlur.exe [257024 2017-02-19] (InDeep Software) [File not signed]
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [vibranceGUI] => I:\Steam\vibranceGUI.exe [794624 2018-12-10] (juvlarN) [File not signed]
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [EpicGamesLauncher] => C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32822736 2023-06-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [electron.app.UA Connect] => C:\Program Files\UA Connect\UA Connect.exe [163485584 2023-09-01] (Universal Audio, Inc. -> Universal Audio, Inc.)
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIXYE.EXE [418736 2019-08-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-09-05] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS8100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDO.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65160 2021-10-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8000 series: C:\Windows\system32\CNMLMDD.DLL [485376 2017-12-18] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8100 series: C:\Windows\system32\CNMLMDO.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-4150 Series 64MonitorBE: C:\Windows\system32\E_YLMBXYE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\MessiahD3D.exe: [{37d3a0d1-214f-46d1-a4cf-8146f6645e42}.sdb] -> GOG.com Messiah
HKLM\Software\...\AppCompatFlags\Custom\MessiahGlide3x.exe: [{37d3a0d1-214f-46d1-a4cf-8146f6645e42}.sdb] -> GOG.com Messiah
HKLM\Software\...\AppCompatFlags\InstalledSDB\{37d3a0d1-214f-46d1-a4cf-8146f6645e42}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{37d3a0d1-214f-46d1-a4cf-8146f6645e42}.sdb [2014-08-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.188\Installer\chrmstp.exe [2023-09-14] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AudientAppLauncher Autostart.lnk [2022-07-05]
ShortcutTarget: AudientAppLauncher Autostart.lnk -> C:\Program Files\Audient\USBAudioDriver\W10_x64\AudientAppLauncher.exe (Thesycon Software Solutions GmbH & Co. KG -> Audient)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2022-07-05]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WavesLocalServer.lnk [2022-09-06]
ShortcutTarget: WavesLocalServer.lnk -> C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\WavesLocalServer.exe (Waves Inc -> Waves Audio Ltd.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {938C6A78-B81A-45C2-B0DF-6092614D0CAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {093DB5C5-F868-4534-BFC7-1BD6EF7EDDB3} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=PPRO --productVersion=22.0 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall (No File)
Task: {213633A1-50EB-460C-BB3D-0E0BCC3E3343} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {B9D11C64-4F50-475D-A53F-A86F58CE3BA0} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {BC1519C3-20C2-49BC-AD26-745EF47AD6F4} - System32\Tasks\EPSON XP-4150 Series Update {AF7D0AD6-2EC8-415A-9CBF-C10FBD5B97B0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSXYE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {AEE78F62-2209-4CBD-BD71-1CD91767EF6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {34C737EC-4E24-40F0-869A-D6811D337A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {685282C1-E713-467F-AA43-9490CE927586} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3753304850-2271881760-612817905-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1940.11.196.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2289400 2023-09-04] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {AA131D69-70D6-425E-90EE-80C70660B3E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F4A240B-F0DD-4057-B4C7-827D1CCD6DCB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {79F226B3-628E-491E-8048-CDB16CB5DAF2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124464 2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {72C7D626-1E7D-41D5-A6A4-BEFBF44232E6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124464 2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ACB8CB9-1470-4953-8304-AB8FB25386B4} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-09-10] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E2C268C9-C998-4DE9-B441-833A20EC7438} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {485A1017-BE6C-4C78-9DB6-F64B806E3D63} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {5FDD78C6-3A1D-4A68-B081-35595F3F32BE} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {BDBA4790-760A-47C1-A344-4A4E20ABC728} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {94E5CFAD-7103-4039-B61B-B95DBD949A50} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2545CACE-137A-4432-B3B6-8DFAB61D70D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C2E08A1A-020A-4F9D-99C6-E5DEB387CAFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {699EAE9C-C85A-414F-AEF7-771DFC46E30B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-4150 Series Update {AF7D0AD6-2EC8-415A-9CBF-C10FBD5B97B0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSXYE.EXE:/EXE:{AF7D0AD6-2EC8-415A-9CBF-C10FBD5B97B0} /F:UpdateWORKGROUP\SKYREN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0bf84f87-703a-4ff5-8dd4-c153844eea07}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{10b33973-f415-48c7-9a4a-f03338e13210}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4e3446e5-8c6c-4ff1-8210-9cb6577b206d}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{e2851357-6235-4fef-bd85-f5ebbf2cfa30}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-19]
Edge Notifications: Default -> hxxps://www.instagram.com; hxxps://www.tiktok.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Session Restore: Default -> is enabled.
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2023-08-28]
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-09-02]
Edge Extension: (AHA Music - Song Finder for Browser) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejfccgmelcclnoadalcepdmnpgcnglfc [2023-08-12]
Edge Extension: (Google Docs Offline) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-08-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-12]
Edge Extension: (Window Resizer) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2022-10-30]
Edge Extension: (Tragulidae) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk [2023-09-14] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>

FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-09-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-19]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Truffle) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkkjeefjfjcfdfifddmkdmcpmaakmelp [2023-09-14]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-09-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-09-14]
CHR Extension: (Youtube Speed Controller) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dckonobhgjekgmkfgipjdeombidiaeci [2023-09-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-14]
CHR Extension: (Always Clear Downloads in Chrome) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efoelbbfbknfhpmgclpcdbkoieedkkai [2023-09-14]
CHR Extension: (Download Manager) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epgkpmpjileiepinlphboolabkkdelle [2023-09-14]
CHR Extension: (Return YouTube Dislike) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-09-14]
CHR Extension: (Google Docs Offline) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-14]
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 21 zář 2023 13:02

CHR Extension: (FormApps Extension) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2023-09-14]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-09-14]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-05]
CHR Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfidniedemcgceagapgdekdbmanojomk [2023-09-16]
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-09-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-14]
CHR Extension: (YCS - YouTube Comment Search) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pmfhcilikeembgbiadjiojgfgcfbcoaa [2023-09-14]
CHR Profile: C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-09-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-24]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-24]
CHR Extension: (Google Docs Offline) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-24]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-14]
CHR Profile: C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-14]
CHR HKU\S-1-5-21-3753304850-2271881760-612817905-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8926168 2021-12-15] (BattlEye Innovations e.K. -> )
R2 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [309128 2023-03-23] (CLEVERFILES INC. -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-06-13] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-06-13] (Epic Games Inc. -> Epic Games, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-09] (Malwarebytes Inc. -> Malwarebytes)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [24597840 2022-05-02] (Native Instruments GmbH -> Native Instruments GmbH)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [17080032 2023-07-19] (Native Instruments GmbH -> Native Instruments GmbH)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-08-29] (ADLICE -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402352 2023-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SoftubeInstallerDaemon; C:\Program Files\Softube\InstallerDaemon\InstallerService.exe [9629312 2022-01-14] (Softube AB -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20738360 2023-08-07] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UAHelperService; C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe [6903184 2023-09-01] (Universal Audio, Inc. -> Universal Audio)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2021-12-15] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-10-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 UWPService; C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe [357296 2021-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8631496 2021-12-15] (PUBG CORPORATION -> PUBG Corporation)
S3 AAErrorPort; C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2023-09-10] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2020-10-31] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-10-31] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\Windows\SysWOW64\Drivers\AsrDrv104.sys [34536 2020-10-31] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio.sys [405080 2022-05-27] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 audientusbaudioks; C:\WINDOWS\System32\drivers\audientusbaudioks.sys [54872 2022-05-27] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S1 EspoDriver; C:\WINDOWS\system32\drivers\EspoDriver.sys [6240720 2022-10-08] (Esportal AB -> )
S1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2021-04-04] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [44344 2022-01-21] (WDKTestCert ctl_avpbuild,131450919658074287 -> Creative Technology Ltd.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2021-03-02] (SoftEther Corporation -> SoftEther Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2021-11-04] (SoftEther Corporation -> SoftEther Corporation)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2019-01-16] (ExprsVPN LLC -> The OpenVPN Project)
S3 UAD2Pcie; C:\WINDOWS\System32\drivers\UAD2Pcie.sys [100376 2021-12-09] (UAD2Driver(Test) -> Universal Audio, Inc.)
S3 UAD2System; C:\WINDOWS\System32\drivers\UAD2System.sys [152088 2021-12-09] (UAD2Driver(Test) -> Universal Audio, Inc.)
S3 UAD2WdmAudio; C:\WINDOWS\System32\drivers\UAD2WdmAudio.sys [35352 2021-12-09] (UAD2Driver(Test) -> )
R1 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-10] (Microsoft Windows -> Microsoft Corporation)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2021-12-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 ckssrnha; \??\C:\WINDOWS\system32\drivers\ckssrnha.sys [X]
S3 PRProt; \??\C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\1223673\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-19 18:52 - 2023-09-19 18:52 - 000038733 _____ C:\Users\Skyren\Downloads\FRST.txt
2023-09-19 18:52 - 2023-09-19 18:52 - 000000000 ____D C:\FRST
2023-09-19 18:50 - 2023-09-19 18:51 - 002382848 _____ (Farbar) C:\Users\Skyren\Downloads\FRST64.exe
2023-09-16 10:48 - 2023-09-16 10:48 - 000004132 _____ C:\WINDOWS\system32\Tasks\EPSON XP-4150 Series Update {AF7D0AD6-2EC8-415A-9CBF-C10FBD5B97B0}
2023-09-16 10:48 - 2023-09-16 10:48 - 000000933 _____ C:\WINDOWS\Tasks\EPSON XP-4150 Series Update {AF7D0AD6-2EC8-415A-9CBF-C10FBD5B97B0}.job
2023-09-16 10:48 - 2023-09-16 10:48 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-09-16 10:47 - 2023-09-16 11:48 - 000000000 ____D C:\ProgramData\EPSON
2023-09-16 10:47 - 2023-09-16 10:47 - 000000000 ____D C:\Program Files\EpsonNet
2023-09-14 23:04 - 2023-09-14 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-09-14 23:04 - 2023-09-14 23:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-09-14 23:03 - 2023-09-14 23:05 - 000000000 ___HD C:\$WinREAgent
2023-09-14 06:32 - 2023-09-14 06:32 - 000753444 _____ C:\WINDOWS\system32\perfh007.dat
2023-09-14 06:32 - 2023-09-14 06:32 - 000725742 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-14 06:32 - 2023-09-14 06:32 - 000155414 _____ C:\WINDOWS\system32\perfc007.dat
2023-09-14 06:32 - 2023-09-14 06:32 - 000151030 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-13 09:35 - 2023-09-14 06:25 - 000000000 ____D C:\Users\Skyren\AppData\Local\NNComp
2023-09-13 01:35 - 2023-09-13 01:35 - 000000000 ____D C:\Users\Skyren\Documents\RiviumAI
2023-09-12 23:36 - 2023-09-12 23:36 - 000000000 ____D C:\Users\Skyren\AppData\Local\cache
2023-09-12 23:05 - 2023-09-19 12:37 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\DeepL_SE
2023-09-12 14:44 - 2023-09-12 14:44 - 000000000 ____D C:\Users\Skyren\AppData\Local\PeerDistRepub
2023-09-12 12:21 - 2023-09-12 12:21 - 000000000 ____D C:\Users\Skyren\AppData\Local\VirtualStore
2023-09-12 12:08 - 2023-09-12 12:08 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-12 11:45 - 2023-09-12 12:04 - 000000000 ____D C:\zoek_backup
2023-09-12 10:38 - 2023-09-12 10:38 - 000041920 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2023-09-12 10:37 - 2023-09-12 10:35 - 000000181 _____ C:\Users\Skyren\Desktop\zoek.txt
2023-09-12 10:37 - 2020-09-07 00:04 - 002038755 _____ C:\Users\Skyren\Desktop\zoek.exe
2023-09-10 09:50 - 2023-09-10 09:49 - 000452758 _____ C:\Users\Skyren\Downloads\Driver's License Front.pdf
2023-09-10 09:50 - 2023-09-10 09:49 - 000363978 _____ C:\Users\Skyren\Downloads\Driver's License Back.pdf
2023-09-10 09:05 - 2023-09-10 09:05 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2023-09-10 09:05 - 2023-09-10 09:05 - 000003542 _____ C:\WINDOWS\system32\Tasks\AMHelper
2023-09-10 09:05 - 2023-09-10 09:05 - 000002648 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2023-09-10 09:05 - 2023-09-10 09:05 - 000000000 ____D C:\Users\Skyren\AppData\Local\Zemana
2023-09-10 09:05 - 2023-09-10 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-09-10 09:05 - 2023-09-10 09:05 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-09-10 09:04 - 2023-09-12 12:19 - 000000000 ____D C:\Users\Skyren\AppData\Local\AMSDK
2023-09-09 17:11 - 2023-09-09 17:11 - 000000000 ____D C:\ProgramData\Sophos
2023-09-09 17:09 - 2023-09-09 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-09-09 17:09 - 2023-09-09 17:09 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-09-09 16:49 - 2023-09-10 00:45 - 000000000 ____D C:\Program Files\RogueKiller
2023-09-09 16:49 - 2023-09-09 17:10 - 000000000 ____D C:\ProgramData\RogueKiller
2023-09-09 16:49 - 2023-09-09 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-09-09 13:05 - 2023-09-09 13:05 - 000000000 ____D C:\Users\Skyren\AppData\Local\0install.net
2023-09-09 11:12 - 2023-09-11 02:26 - 000000000 ____D C:\Users\Skyren\AppData\Local\Adobe
2023-09-09 11:10 - 2023-09-10 09:00 - 000000000 ____D C:\Users\Skyren\AppData\Local\Malwarebytes
2023-09-09 11:10 - 2023-09-09 11:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-09 11:10 - 2023-09-09 11:10 - 000000000 ____D C:\Users\Skyren\AppData\Local\mbam
2023-09-09 11:09 - 2023-09-09 11:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-09 11:09 - 2023-09-09 11:09 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-09 11:07 - 2023-09-09 16:33 - 000000000 ____D C:\AdwCleaner
2023-09-09 11:04 - 2023-09-09 11:04 - 000000000 ____D C:\Users\Skyren\AppData\Local\@uaudioua-connect-updater
2023-09-09 11:03 - 2023-09-09 11:03 - 000000000 ____D C:\WINDOWS\system32\Universal Audio
2023-09-09 11:03 - 2023-09-09 11:03 - 000000000 ____D C:\Users\Skyren\AppData\Local\com.uaudio.ua-connect.update
2023-09-09 10:55 - 2023-09-14 06:26 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-09-09 10:55 - 2023-09-14 06:26 - 000000000 ____D C:\WINDOWS\system32\de
2023-09-09 10:39 - 2023-09-09 10:39 - 000000000 ____D C:\Users\Skyren\Downloads\don't start a new one till u get mac
2023-09-05 15:57 - 2023-09-05 15:59 - 000000000 ____D C:\Program Files (x86)\Chromstera Browser
2023-09-03 11:25 - 2023-09-03 11:40 - 016001124 _____ C:\Users\Skyren\Downloads\quickie.wav
2023-09-03 02:08 - 2023-09-03 02:08 - 000000000 ____D C:\Users\Skyren\Downloads\dashcam
2023-08-22 13:43 - 2023-08-22 13:43 - 000000000 ____D C:\Users\Skyren\Documents\League of Legends

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-19 18:53 - 2022-04-11 20:58 - 001290600 _____ C:\WINDOWS\ZAM.krnl.trace
2023-09-19 18:45 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-19 18:26 - 2020-10-29 00:26 - 000000000 ___SD C:\Users\Skyren\AppData\Roaming\Microsoft\Credentials
2023-09-19 18:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-19 18:25 - 2020-10-29 00:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-19 11:24 - 2020-10-29 00:32 - 000000000 ____D C:\Users\Skyren\AppData\Local\D3DSCache
2023-09-19 11:08 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-19 11:03 - 2022-10-17 11:44 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 11:03 - 2022-10-17 11:44 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-17 11:54 - 2023-01-17 13:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-17 11:54 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-17 11:53 - 2022-10-17 11:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-16 16:06 - 2021-10-01 13:32 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\discord
2023-09-16 16:06 - 2020-12-16 14:40 - 000000000 ____D C:\Users\Skyren\AppData\Local\Discord
2023-09-16 15:01 - 2020-10-29 00:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-16 14:56 - 2020-10-29 00:59 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-16 12:13 - 2020-11-08 17:07 - 000000000 ____D C:\Users\Skyren\AppData\Local\CrashDumps
2023-09-16 12:11 - 2023-08-06 23:26 - 000000000 ____D C:\Users\Skyren\Downloads\Telegram
2023-09-16 11:18 - 2021-10-25 19:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-16 10:47 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-16 02:36 - 2022-07-05 13:38 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Eventide
2023-09-16 02:36 - 2020-11-07 23:21 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Softube
2023-09-16 00:36 - 2021-02-17 01:42 - 000000000 ____D C:\ProgramData\ValhallaDelay
2023-09-16 00:35 - 2021-02-17 01:45 - 000000000 ____D C:\ProgramData\ValhallaVintageVerbPreferences
2023-09-16 00:35 - 2021-02-17 01:42 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb
2023-09-15 23:11 - 2020-10-30 21:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-09-14 23:29 - 2020-10-29 16:47 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\vlc
2023-09-14 23:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-14 23:01 - 2020-10-30 21:34 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Microsoft\Excel
2023-09-14 22:55 - 2023-06-08 00:50 - 000000000 ____D C:\Program Files\dotnet
2023-09-14 22:55 - 2021-09-28 10:58 - 000000000 ____D C:\ProgramData\Package Cache
2023-09-14 12:25 - 2023-07-06 23:35 - 000013197 _____ C:\Users\Skyren\Downloads\nutrients.xlsx
2023-09-14 11:37 - 2020-10-29 00:30 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-14 11:28 - 2022-10-17 11:39 - 000000000 ____D C:\Users\Skyren
2023-09-14 06:32 - 2022-10-17 11:48 - 002617762 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-14 06:27 - 2023-08-16 11:10 - 000000000 ____D C:\Program Files\TeamViewer
2023-09-14 06:27 - 2022-10-17 11:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-14 06:27 - 2021-09-27 20:37 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\qBittorrent
2023-09-14 06:27 - 2020-10-29 00:36 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-14 06:27 - 2020-09-27 16:33 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-14 06:26 - 2022-10-17 21:22 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-09-14 06:26 - 2022-05-07 09:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-14 06:26 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-09-14 06:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-14 06:26 - 2020-10-29 17:36 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-09-14 06:25 - 2023-08-01 17:29 - 000000000 ___HD C:\ProgramData\{E10F1C2A-7C5E-488E-944D-C2648FC419BD}
2023-09-14 06:25 - 2023-02-03 14:33 - 000000000 ___HD C:\ProgramData\{F55D3B3D-2004-45DC-8542-3E9C7D9C8AE1}
2023-09-14 06:25 - 2023-02-03 14:33 - 000000000 ___HD C:\ProgramData\{6C0A4C79-34EA-4D0F-8409-BD40633F2783}
2023-09-14 06:25 - 2023-02-03 14:33 - 000000000 ___HD C:\ProgramData\{3505E4FA-D5F8-4658-85BA-6509941E9044}
2023-09-14 06:25 - 2023-02-03 14:28 - 000000000 ___HD C:\ProgramData\{6C92F833-4422-4B65-9592-DEB19F56E056}
2023-09-14 06:25 - 2022-11-27 17:19 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Code
2023-09-14 06:25 - 2022-11-14 11:26 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Clubdeck
2023-09-14 06:25 - 2022-10-17 21:22 - 000000000 ____D C:\WINDOWS\system32\uk
2023-09-14 06:25 - 2022-10-17 21:22 - 000000000 ____D C:\WINDOWS\system32\cs
2023-09-14 06:25 - 2022-10-07 17:02 - 000000000 ___HD C:\ProgramData\{1FA215F0-F34A-404C-A20E-846C48F283A6}
2023-09-14 06:25 - 2022-10-07 17:01 - 000000000 ___HD C:\ProgramData\{8FBCA39E-1321-4F86-ADB9-890D93A31B15}
2023-09-14 06:25 - 2022-10-07 17:01 - 000000000 ___HD C:\ProgramData\{4E3B2C9C-89F2-46B1-BF82-67AB3821DAF3}
2023-09-14 06:25 - 2022-10-07 17:00 - 000000000 ___HD C:\ProgramData\{BB3C9D4C-EF64-4B7A-95CC-DEA062FA953D}
2023-09-14 06:25 - 2022-10-07 17:00 - 000000000 ___HD C:\ProgramData\{549C4325-FB63-4497-8034-32747A65DD35}
2023-09-14 06:25 - 2022-10-02 05:23 - 000000000 ___HD C:\ProgramData\{F4D54CA6-E8E9-42FE-8A5E-B804CE4B519F}
2023-09-14 06:25 - 2022-10-02 05:21 - 000000000 ___HD C:\ProgramData\{69F24729-730A-4BFB-B587-F326A0AFF5A5}
2023-09-14 06:25 - 2022-10-02 05:20 - 000000000 ___HD C:\ProgramData\{FD5CAD2C-43BA-4532-9BEC-E921B2C87C4E}
2023-09-14 06:25 - 2022-10-02 05:20 - 000000000 ___HD C:\ProgramData\{942B6CEF-3E48-43C1-ADE8-EC7045BE6DB9}
2023-09-14 06:25 - 2022-10-02 05:20 - 000000000 ___HD C:\ProgramData\{5284FFAF-6968-40AA-AC6D-8F377E687493}
2023-09-14 06:25 - 2022-10-02 05:18 - 000000000 ___HD C:\ProgramData\{911B633D-1AAC-41C1-9CE1-AB026C7E78AD}
2023-09-14 06:25 - 2022-10-02 05:15 - 000000000 ___HD C:\ProgramData\{6324F846-9FEC-405B-BA63-27B8E647F0C5}
2023-09-14 06:25 - 2022-10-02 04:25 - 000000000 ___HD C:\ProgramData\{592E1384-9ADA-46A9-A5D5-101EE4803B29}
2023-09-14 06:25 - 2022-10-02 04:24 - 000000000 ___HD C:\ProgramData\{7C47D0F2-0623-4325-9F04-D6324E0548F8}
2023-09-14 06:25 - 2022-10-01 00:44 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Pulse
2023-09-14 06:25 - 2022-08-25 19:39 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\vibranceGUI
2023-09-14 06:25 - 2022-08-09 18:38 - 000000000 ___HD C:\ProgramData\{BA709016-7DED-4776-BD27-F9274DC1CB82}
2023-09-14 06:25 - 2022-08-08 20:29 - 000000000 ___HD C:\ProgramData\{F59A1EAD-A2E0-40AA-9CF5-2A2295BF02DF}
2023-09-14 06:25 - 2022-08-08 20:29 - 000000000 ___HD C:\ProgramData\{D558B9FC-F549-4906-A5E2-8DFC407B1F82}
2023-09-14 06:25 - 2022-08-08 20:27 - 000000000 ___HD C:\ProgramData\{EDE678C0-1853-448D-A71A-6FCDF3A87156}
2023-09-14 06:25 - 2022-08-08 20:27 - 000000000 ___HD C:\ProgramData\{7AE7DF90-068C-4420-8702-C478A2FF88C4}
2023-09-14 06:25 - 2022-08-08 19:09 - 000000000 ___HD C:\ProgramData\{EDE9D747-2DD1-4E44-9D6E-EF2C8F473670}
2023-09-14 06:25 - 2022-07-31 22:04 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\RevealSound
2023-09-14 06:25 - 2022-07-05 02:35 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Softube Central
2023-09-14 06:25 - 2022-07-05 02:25 - 000000000 ___HD C:\ProgramData\{EA385AE2-F14A-4CB7-9BF1-90F8F54739B0}
2023-09-14 06:25 - 2022-07-05 02:23 - 000000000 ___HD C:\ProgramData\{C006793A-45C0-403D-BA3F-D423F85FD2B6}
2023-09-14 06:25 - 2022-07-05 02:21 - 000000000 ___HD C:\ProgramData\{F10DE1DA-6ACE-44D1-AF1C-5ED9E83CB9D0}
2023-09-14 06:25 - 2022-07-05 02:20 - 000000000 ___HD C:\ProgramData\{39CB0635-4278-4FBE-BCED-E8D225DBE582}
2023-09-14 06:25 - 2022-07-05 02:15 - 000000000 ___HD C:\ProgramData\{4871AAE0-B243-4B77-AF6C-341CDB0AF367}
2023-09-14 06:25 - 2022-07-05 02:13 - 000000000 ___HD C:\ProgramData\{72352C3F-BD34-457B-A9A0-B64EE2AF1234}
2023-09-14 06:25 - 2022-05-07 09:39 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2023-09-14 06:25 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-09-14 06:25 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-09-14 06:25 - 2022-05-07 09:38 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-09-14 06:25 - 2022-05-07 07:25 - 000000000 ____D C:\WINDOWS\system32\Pbr
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Com
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\IME
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Containers
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2023-09-14 06:25 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-09-14 06:25 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2023-09-14 06:25 - 2022-02-25 16:45 - 000000000 ___HD C:\ProgramData\{93D23A12-0318-47EF-907A-8ED6ECE6CEE6}
2023-09-14 06:25 - 2022-02-25 16:00 - 000000000 ___HD C:\ProgramData\{0727398D-58F6-4BFA-A956-468EDE88B062}
2023-09-14 06:25 - 2022-02-25 15:54 - 000000000 ___HD C:\ProgramData\{0A2B6ABD-ECFC-494A-AACE-CE888A0DC643}
2023-09-14 06:25 - 2022-02-16 08:13 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\COSMOS
2023-09-14 06:25 - 2021-12-14 23:10 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Xfer
2023-09-14 06:25 - 2021-11-08 17:54 - 000000000 ___HD C:\ProgramData\{2AB9293C-EA2A-405D-A8B6-07648DF09614}
2023-09-14 06:25 - 2021-10-26 10:35 - 000000000 ___HD C:\ProgramData\{217654F4-C0E8-4516-B08F-D727D247193F}
2023-09-14 06:25 - 2021-09-28 14:38 - 000000000 ___HD C:\ProgramData\{E4BE7BE3-F1CB-4EFD-BAE0-B416B42F4E25}
2023-09-14 06:25 - 2021-09-28 14:32 - 000000000 ___HD C:\ProgramData\{AD75BECB-4585-4F18-94EF-FDF5A1E262D8}
2023-09-14 06:25 - 2021-09-28 14:25 - 000000000 ___HD C:\ProgramData\{980CC244-9C7C-4164-8CF2-B27D844AE403}
2023-09-14 06:25 - 2021-09-28 14:05 - 000000000 ___HD C:\ProgramData\{48DD7349-38A5-400E-B713-BB5601E12147}
2023-09-14 06:25 - 2021-09-28 12:31 - 000000000 ___HD C:\ProgramData\{B4BD1487-5EAE-471D-A9F6-4A862E90504F}
2023-09-14 06:25 - 2021-09-28 11:11 - 000000000 ___HD C:\ProgramData\{92DEBC59-ADF2-4DDE-AF5B-C1D72338665C}
2023-09-14 06:25 - 2021-09-28 11:10 - 000000000 ___HD C:\ProgramData\{9AC37FA8-2DC7-42DA-BC53-92E47D40C9E4}
2023-09-14 06:25 - 2021-09-28 11:00 - 000000000 ___HD C:\ProgramData\{8D6AD9AD-111B-4A18-A026-E16C4FA327E0}
2023-09-14 06:25 - 2021-09-28 10:59 - 000000000 ___HD C:\ProgramData\{FF3948AD-A126-492D-814E-4ACDE125EF7E}
2023-09-14 06:25 - 2020-12-16 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2023-09-14 06:25 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-09-14 06:01 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\registration
2023-09-14 06:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-14 05:59 - 2023-08-04 21:33 - 000000000 ____D C:\Users\Skyren\AppData\Local\DeepL_SE
2023-09-14 05:59 - 2020-10-29 13:14 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-09-14 03:47 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-13 23:57 - 2020-10-29 00:26 - 000000000 ____D C:\Users\Skyren\AppData\Local\Packages
2023-09-13 11:27 - 2021-03-15 15:40 - 000000000 ____D C:\Users\Skyren\AppData\Local\iZotope
2023-09-11 02:26 - 2022-10-17 11:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-10 10:49 - 2020-10-29 16:14 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\obs-studio
2023-09-10 01:10 - 2022-10-17 11:38 - 000498416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-09-10 01:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-09-10 01:09 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-10 01:00 - 2021-09-11 22:02 - 000000000 ____D C:\Users\Skyren\AppData\Local\FLiNGTrainer
2023-09-10 00:58 - 2022-10-17 11:41 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-09 22:18 - 2022-10-17 11:44 - 000004150 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0490553F-0ED4-41AB-8333-78565848A959}
2023-09-09 16:48 - 2022-08-15 13:28 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2023-09-09 11:04 - 2023-08-03 12:56 - 000000000 ____D C:\Program Files\UA Connect
2023-09-09 10:55 - 2022-10-17 21:23 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-09-09 10:55 - 2022-05-07 09:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\OCR
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-09 10:55 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-09-09 10:39 - 2022-07-05 14:24 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\vital
2023-09-09 00:53 - 2021-10-03 14:36 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-08 23:06 - 2021-09-11 18:14 - 003354624 _____ C:\Users\Skyren\AppData\Roaming\emp.bin
2023-09-08 21:36 - 2021-02-20 13:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-08 02:47 - 2021-11-19 14:43 - 000000000 ____D C:\Users\Public\Documents\EMPRESS
2023-09-08 02:04 - 2021-09-11 12:07 - 000000000 ____D C:\Games
2023-09-08 00:03 - 2022-12-07 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nordic Games
2023-09-07 23:41 - 2023-03-10 05:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advent Rising [GOG.com]
2023-09-05 20:08 - 2022-02-14 19:20 - 000000000 ____D C:\ProgramData\Riot Games
2023-09-05 19:11 - 2022-01-12 17:55 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-09-05 15:34 - 2021-03-07 18:39 - 000000000 ____D C:\Users\Skyren\Documents\Vital
2023-09-03 11:18 - 2021-02-17 01:42 - 000000000 ____D C:\ProgramData\ValhallaShimmer
2023-09-03 02:43 - 2021-02-17 10:14 - 000000000 ____D C:\ProgramData\ValhallaRoomPreferences
2023-09-03 02:43 - 2021-02-17 01:42 - 000000000 ____D C:\ProgramData\ValhallaRoom
2023-09-02 00:17 - 2022-11-01 01:41 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\PerfectRoom
2023-09-01 03:18 - 2021-07-10 21:59 - 000000000 ____D C:\Users\Skyren\AppData\LocalLow\Mozilla
2023-08-31 23:00 - 2020-09-27 16:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-25 11:18 - 2020-09-27 16:38 - 000000000 ____D C:\ProgramData\Packages
2023-08-25 01:37 - 2021-03-22 20:09 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\Awesomium
2023-08-22 17:34 - 2023-02-25 11:10 - 000000000 ____D C:\Users\Skyren\AppData\Roaming\MasteringTheMix
2023-08-22 13:43 - 2022-02-14 19:20 - 000000000 ____D C:\Users\Skyren\AppData\Local\Riot Games
2023-08-22 13:37 - 2022-02-14 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games

==================== Files in the root of some directories ========

2021-09-11 18:14 - 2023-09-08 23:06 - 003354624 _____ () C:\Users\Skyren\AppData\Roaming\emp.bin
2021-10-20 14:27 - 2023-08-06 02:46 - 000000032 _____ () C:\Users\Skyren\AppData\Roaming\msregsvv.dll
2021-03-27 03:26 - 2021-03-27 05:30 - 000006108 _____ () C:\Users\Skyren\AppData\Roaming\VoiceMeeterDefault.xml
2023-02-25 11:10 - 2023-02-28 02:41 - 000000051 ___SH () C:\Users\Skyren\AppData\Local\7368ee7c5a2e9307a4d700.36580646
2023-09-16 10:58 - 2023-09-16 10:58 - 000000000 _____ () C:\Users\Skyren\AppData\Local\oobelibMkey.log
2021-10-18 15:45 - 2021-10-18 15:45 - 000000189 _____ () C:\Users\Skyren\AppData\Local\Ribssettings.ini
2022-11-21 21:28 - 2022-11-21 21:29 - 006685440 _____ () C:\Users\Skyren\AppData\Local\TempAND_WERE_BACK__2022_11_21.wav.bin
2022-11-21 21:28 - 2022-11-21 21:28 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempAND_WERE_BACK__2022_11_21.wav_playback.bin
2022-11-21 21:28 - 2022-11-21 21:28 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempAND_WERE_BACK__2022_11_21.wav_record.bin
2022-11-21 20:26 - 2022-11-21 20:28 - 017587200 _____ () C:\Users\Skyren\AppData\Local\TempKurte_se_2022_11_21.wav.bin
2022-11-21 20:26 - 2022-11-21 20:26 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempKurte_se_2022_11_21.wav_playback.bin
2022-11-21 20:26 - 2022-11-21 20:26 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempKurte_se_2022_11_21.wav_record.bin
2022-11-21 21:09 - 2022-11-21 21:09 - 005775360 _____ () C:\Users\Skyren\AppData\Local\TempLETS_CHILL__VIBEE__2022_11_21.wav.bin
2022-11-21 21:09 - 2022-11-21 21:09 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempLETS_CHILL__VIBEE__2022_11_21.wav_playback.bin
2022-11-21 21:09 - 2022-11-21 21:09 - 000000000 _____ () C:\Users\Skyren\AppData\Local\TempLETS_CHILL__VIBEE__2022_11_21.wav_record.bin
2022-11-21 21:52 - 2022-11-21 21:52 - 005303040 _____ () C:\Users\Skyren\AppData\Local\Temptaniig_bn_gj_zuudlsenguie_kk_2022_11_21.wav.bin
2022-11-21 21:52 - 2022-11-21 21:52 - 000000000 _____ () C:\Users\Skyren\AppData\Local\Temptaniig_bn_gj_zuudlsenguie_kk_2022_11_21.wav_playback.bin
2022-11-21 21:52 - 2022-11-21 21:52 - 000000000 _____ () C:\Users\Skyren\AppData\Local\Temptaniig_bn_gj_zuudlsenguie_kk_2022_11_21.wav_record.bin
2021-03-01 18:56 - 2021-03-01 18:56 - 000000424 _____ () C:\Users\Skyren\AppData\Local\UserProducts.xml
2023-09-13 01:33 - 2023-09-19 18:27 - 000016638 _____ () C:\Users\Skyren\AppData\Local\wle.log
2021-10-20 14:41 - 2023-02-22 00:35 - 001052096 _____ () C:\Users\Skyren\AppData\Local\wle.log.1

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 21 zář 2023 13:03

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-09-2023
Ran by Skyren (19-09-2023 18:53:34)
Running from C:\Users\Skyren\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.2215 (X64) (2022-10-17 09:45:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3753304850-2271881760-612817905-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3753304850-2271881760-612817905-503 - Limited - Disabled)
Guest (S-1-5-21-3753304850-2271881760-612817905-501 - Limited - Disabled)
Skyren (S-1-5-21-3753304850-2271881760-612817905-1001 - Administrator - Enabled) => C:\Users\Skyren
WDAGUtilityAccount (S-1-5-21-3753304850-2271881760-612817905-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
8DioDownloader (HKLM-x32\...\{57AA2008-6237-4B4A-B012-9FA345FD1882}) (Version: 0.0.23 - 8Dio Productions)
A.O.M Total Bundle (2022.08) 1.15.1 (HKLM\...\A.O.M Total Bundle (2022.08) 1.15.1_is1) (Version: 1.15.1 - A.O.M)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Ample Bass J version 3.5.0 (HKLM-x32\...\{CE58D695-C0CC-4CF8-9A47-A095285F65F8}_is1) (Version: 3.5.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar M version 3.5.0 (HKLM-x32\...\{8DFC907C-D57F-490A-8392-E729A463CD97}_is1) (Version: 3.5.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar SC version 3.6.0 (HKLM-x32\...\{8B78D7FE-3A3A-4A17-B7FD-9AA916773B81}_is1) (Version: 3.6.0 - Ample Sound Technology Co., Ltd.)
Antares Auto-Tune Pro (HKLM\...\Auto-Tune Pro_is1) (Version: 9.1.0 - Antares)
Apache - Native American Flute version 2.1.1 (HKLM\...\Apache - Native American Flute_is1) (Version: 2.1.1 - )
Arturia Analog Lab V (HKLM\...\Analog Lab V_is1) (Version: 5.6.3 - Arturia & Team V.R)
Arturia Software Center 2.4.5 (HKLM-x32\...\Arturia Software Center_is1) (Version: 2.4.5 - Arturia)
ASRock Restart to UEFI v1.0.6 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.6 - ASRock Inc.)
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
Audient USB Audio Driver v5.0.2 (HKLM-x32\...\Software_Audient_audientusbaudio_Setup) (Version: 5.0.2 - Audient)
AUDIO PLUGIN UNION - coreFX Suite (HKLM\...\{0130754F-560D-40D9-A0B1-9A582710E605}) (Version: 1.1.5.0 - MAGIX Software GmbH) Hidden
AUDIO PLUGIN UNION - coreFX Suite (HKLM\...\MX.{0130754F-560D-40D9-A0B1-9A582710E605}) (Version: 1.1.5.0 - MAGIX Software GmbH)
AUDIO PLUGIN UNION - coreFX Suite (VST 3 Plug-Ins) (HKLM\...\{104FD7BE-94FB-48CA-9DD5-9F4EFE231E61}) (Version: 1.1.5.0 - MAGIX Software GmbH) Hidden
AUDIO PLUGIN UNION - coreFX Suite (VST 3 Plug-Ins) (HKLM\...\MX.{104FD7BE-94FB-48CA-9DD5-9F4EFE231E61}) (Version: 1.1.5.0 - MAGIX Software GmbH)
Backmask version 1.02 (HKLM\...\{8A6411FB-7E85-4B61-9624-C624C89B9A07}_is1) (Version: 1.02 - Freakshow Industries)
Basslane version 1.0.0 (HKLM-x32\...\{8723D939-295D-4764-8D5C-8D637005CDA7}_is1) (Version: 1.0.0 - Tone Projects)
BIAS FX 2 Plugins Pack (64bit) (HKLM\...\{81FCC6D7-A21E-4D7D-B47A-4DA73E709E80}_is1) (Version: - PositiveGrid)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cableguys HalfTime 1.1.6 (HKLM\...\HalfTime_is1) (Version: 1.1.6 - Cableguys)
Cableguys ShaperBox 3 3.0.0 (HKLM\...\Cableguys ShaperBox 3 3.0.0_is1) (Version: 3.0.0 - Cableguys)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.2.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon TS8100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8100_series) (Version: 1.02 - Canon Inc.)
CapCut Web (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\e66b7d2bf17c1d1c3d0e297669a8f4d2) (Version: 1.0 - Google\Chrome)
Celemony Melodyne 5 (HKLM\...\Melodyne 5_is1) (Version: 5.1.1.03 - Celemony)
Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Chromstera Browser (HKLM\...\Chromstera Browser 1.0.0.0) (Version: 1.0.0.0 - Chromstera Premium Solutions)
Clubdeck 2.3.9 (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\559ce020-01aa-5941-b78d-3591966e5acf) (Version: 2.3.9 - TenPercent)
conduct 0.32.3 (HKLM\...\50b5b025-c707-5d1c-9f69-af1bd4fd8d58) (Version: 0.32.3 - Continuata)
Connect Pro version 1.5 (HKLM-x32\...\Connect Pro_is1) (Version: 1.5 - )
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
CUBE Samples version 0.8.4 (HKLM-x32\...\{1EEDD54E-4EDB-410C-A1CA-CFE47614065F}_is1) (Version: 0.8.4 - Lunacy Audio)
CUBE version 1.4.0 (HKLM-x32\...\{635DF184-EE52-4C09-99E6-6739D711F19F}_is1) (Version: 1.4.0 - Lunacy Audio)
dearVR MICRO version 1.0.2 (HKLM\...\{B1A8F54F-C339-4D9E-A80A-E0A8B4325F47}_is1) (Version: 1.0.2 - Dear Reality)
DeepL (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
denise Perfect Plate XL version 1.0.2 (HKLM\...\denise Perfect Plate XL_is1) (Version: 1.0.2 - )
DimensionExpander by Xfer Records (HKLM-x32\...\DimensionExpander) (Version: - )
Discord (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Disk Drill 5.2.817.0 (HKLM-x32\...\{84a26248-9412-4f7f-8cbd-fe52b92839f2}) (Version: 5.2.817.0 - CleverFiles)
Disk Drill 5.2.817.0 (x64) (HKLM\...\{F8B772D8-62DB-4132-8C22-13AEFE380D82}) (Version: 5.2.817.0 - CleverFiles) Hidden
Documentation Manager (HKLM\...\{FF48BA8B-1C56-4E08-B570-6871C226B38E}) (Version: 22.70.2.1 - Intel Corporation) Hidden
DumpsterFire version 1.01 (HKLM\...\{B2F19491-19F8-4116-966F-06B581001600}}_is1) (Version: 1.01 - Freakshow Industries)
EC300 Native (HKLM-x32\...\{B3CA55B9-C947-47B4-A0FD-87E11885097C}) (Version: 6.6.1 - McDSP)
Electrum (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Electrum) (Version: 4.1.5 - Electrum Technologies GmbH)
Endless Smile 1.0.0 (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Endless Smile) (Version: 1.0.0 - Dada Life)
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{b00e47a4-d642-402c-a060-8d959a0537db}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Enshape version 1.0 (HKLM-x32\...\{C4FC88EA-F37D-Enshape-76E240C13B6C}_is1) (Version: 1.0 - NoiseWorks)
EON-Arp version 1.0.1.0 (HKLM\...\EON-Arp_is1) (Version: 1.0.1.0 - )
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
EPSON XP-4150 Series Printer Uninstall (HKLM\...\EPSON XP-4150 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Esportal Client (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Esportal Client Installer) (Version: - Esportal)
Eventide Ensemble Bundle (HKLM\...\Eventide Ensemble Bundle_is1) (Version: 2.15.6 - Eventide)
Evolution Series World Colors Clar-Duduk (HKLM-x32\...\Evolution Series World Colors Clar-Duduk) (Version: 1.0.0.3 - Evolution Series)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2022.02.15 - FabFilter)
Fart Machine version 1.1.0 (HKLM\...\Fart Machine_is1) (Version: 1.1.0 - )
FIN-MICRO 1.2.0 (HKLM\...\dd80843a-97c3-42d3-93f3-2f2f5670ceca_is1) (Version: 1.2.0 - UJAM)
FireSonic FirePresser (HKLM\...\FireSonic FirePresser_is1) (Version: 2.7 - FireSonic)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.0.3 - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Further Trial version 1.0.0 (HKLM\...\Further Trial_is1) (Version: 1.0.0 - )
Gatelab version 1.1.2 (HKLM\...\Gatelab_is1) (Version: 1.1.2 - )
Glorious Model D Software (HKLM-x32\...\{4D18F84D-F67A-47B8-B7BB-C2832B1D6C92}_is1) (Version: 1.0.3 - Glorious PC Gaming Race LLC.)
Goodhertz All Plugins Bundle (HKLM\...\Goodhertz All Plugins Bundle_is1) (Version: 3.8.0 - Goodhertz)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 80.0.1.0 - Google LLC)
Google Password Manager (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\c1c6172cd7dbcfc5bd7e6f8045f495b3) (Version: 1.0 - Google\Chrome)
GPU Audio Inc. Modulation Bundle (HKLM\...\Modulation Bundle_is1) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\1207661193_is1) (Version: 3.1 v2 - GOG.com)
Heroes of Might and Magic V (HKLM-x32\...\1207661143_is1) (Version: 2.1 v2 - GOG.com)
iD (HKLM\...\iD) (Version: 4.3.4.0 - Audient)
IK Multimedia Authorization Manager version 1.0.26 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.26 - IK Multimedia)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{9B7D5CA0-5521-458D-88D9-AF7D9A06E753}) (Version: 11.1.072 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{A528513B-DABD-438F-92E4-7B49B8BDE5FF}) (Version: 19.0.117 - Intel Corporation)
Intel(R) Network Connections 23.5.2.0 (HKLM\...\{A19B2B3C-60C7-43AF-814D-3B95DE6374AB}) (Version: 23.5.2.0 - Intel) Hidden
Intel(R) Network Connections 23.5.2.0 (HKLM\...\PROSetDX) (Version: 23.5.2.0 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001070-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.70.1.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6da9b536-2f8d-46a4-9273-1c84169218e8}) (Version: 22.70.2.1 - Intel Corporation) Hidden
iZotope DDLY Dynamic Delay (HKLM\...\DDLY Dynamic Delay_is1) (Version: 1.0.1b - iZotope)
iZotope Iris 2 (HKLM-x32\...\iZotope Iris 2) (Version: 2.02c.455 - iZotope, Inc.)
iZotope Iris 2 Abstract Library (HKLM-x32\...\iZotope Iris 2 Abstract Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Core Library (HKLM-x32\...\iZotope Iris 2 Core Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 1 Library (HKLM-x32\...\iZotope Iris 2 Environments 1 Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 2 Library (HKLM-x32\...\iZotope Iris 2 Environments 2 Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 EuroRack Modular Library (HKLM-x32\...\iZotope Iris 2 EuroRack Modular Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Instruments Library (HKLM-x32\...\iZotope Iris 2 Instruments Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Objects Library (HKLM-x32\...\iZotope Iris 2 Objects Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 1 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 1 Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 2 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 2 Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Toys Library (HKLM-x32\...\iZotope Iris 2 Toys Library) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Voice Library (HKLM-x32\...\iZotope Iris 2 Voice Library) (Version: 1.00 - iZotope, Inc.)
iZotope RX Pro Audio Editor (HKLM\...\RX Pro Audio Editor_is1) (Version: 10.2.0 - iZotope)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2) (Version: 2.05d.322 - iZotope, Inc.)
iZotope Trash 2 Classic Textures (HKLM-x32\...\iZotope Trash 2 Classic Textures) (Version: 1.00 - iZotope, Inc.)
iZotope Trash 2 Edge (HKLM-x32\...\iZotope Trash 2 Edge) (Version: 1.00 - iZotope, Inc.)
iZotope Vocal Doubler (HKLM\...\Vocal Doubler) (Version: 1.2.0 - iZotope, Inc.)
JP-ME-1 (HKLM-x32\...\schulz.audio.JP-ME-1_is1) (Version: 1.1.1193 - schulz.audio)
JST Black Box version 1.0.0 (HKLM\...\JST Black Box_is1) (Version: 1.0.0 - )
kiloHearts Toolbox Ultimate & Slate Digital bundle (HKLM\...\Toolbox Ultimate & Slate Digital_is1) (Version: 2.0.6 - kiloHearts & Team V.R)
KNOCK (HKLM-x32\...\KNOCK_is1) (Version: 1.0.1 - Plugins That Knock)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Leapwing Audio CenterOne (HKLM\...\CenterOne_is1) (Version: 2.6.0 - Leapwing Audio)
Leapwing Audio StageOne (HKLM\...\StageOne_is1) (Version: 1.2.0 - Leapwing Audio)
Lifeline Console version 1.1.0-185 (HKLM\...\Lifeline Console_is1) (Version: 1.1.0-185 - )
LUXE version 1.1.2 (HKLM\...\LUXE_is1) (Version: 1.1.2 - Klevgrand)
Malwarebytes version 4.6.2.281 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.2.281 - Malwarebytes)
Mastering the Mix (HKLM\...\Mastering the Mix 2.0m) (Version: 2.0m - Mastering the Mix)
MediaInfo 22.09 (HKLM\...\MediaInfo) (Version: 22.09 - MediaArea.net)
Messiah (HKLM-x32\...\7_is1) (Version: 2.1.0.14 - GOG.com)
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.73.1 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Midnight 1.7 (HKLM\...\Midnight_is1) (Version: 1.7 - Focusrite)
MIKKO2 (HKLM\...\{C8D0C8DE-D768-4F18-92B3-03CC23F21CF2}) (Version: 2.0.8 - ML Sound Lab)
MISHBY version 1.01 (HKLM\...\{8437C1FD-5B4B-4DE9-90B5-0AB18C2FD0A0}}_is1) (Version: 1.01 - Freakshow Industries)
MJUC version 1.7.2.0 (HKLM\...\MJUC_is1) (Version: 1.7.2.0 - )
Momentum 1.5.1 (HKLM\...\7c0a54ba-edc6-496e-a9bc-dd4db385fb81_is1) (Version: 1.5.1 - Big Fish Audio)
Native Access 3.5.0 (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.5.0 - Native Instruments)
Native Instruments Analog Dreams (HKLM-x32\...\Native Instruments Analog Dreams) (Version: 2.0.3.2 - Native Instruments)
Native Instruments Bite (HKLM-x32\...\Native Instruments Bite) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Butch Vig Drums (HKLM-x32\...\Native Instruments Butch Vig Drums) (Version: 1.0.0.16 - Native Instruments)
Native Instruments Choral (HKLM-x32\...\Native Instruments Choral) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Cloud Supply (HKLM-x32\...\Native Instruments Cloud Supply) (Version: 1.0.1.6 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.7.3.0 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.2.2 - Native Instruments)
Native Instruments Dirt (HKLM-x32\...\Native Instruments Dirt) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Drive (HKLM-x32\...\Native Instruments Drive) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Ethereal Earth (HKLM-x32\...\Native Instruments Ethereal Earth) (Version: 2.0.2.1 - Native Instruments)
Native Instruments Flair (HKLM-x32\...\Native Instruments Flair) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Freak (HKLM-x32\...\Native Instruments Freak) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Guitar Rig 6 (HKLM-x32\...\Native Instruments Guitar Rig 6) (Version: 6.2.4.3 - Native Instruments)
Native Instruments Hybrid Keys (HKLM-x32\...\Native Instruments Hybrid Keys) (Version: 2.0.2.1 - Native Instruments)
Native Instruments India (HKLM-x32\...\Native Instruments India) (Version: 1.1.1.1 - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Kinetic Treats (HKLM-x32\...\Native Instruments Kinetic Treats) (Version: 1.1.0.4 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.2.1 - Native Instruments)
Native Instruments Lo-Fi Glow (HKLM-x32\...\Native Instruments Lo-Fi Glow) (Version: 1.1.1.1 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.11.0 - Native Instruments)
Native Instruments Massive X (HKLM-x32\...\Native Instruments Massive X) (Version: 1.4.2.254 - Native Instruments)
Native Instruments Massive X Factory Library (HKLM-x32\...\Native Instruments Massive X Factory Library) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Mechanix (HKLM-x32\...\Native Instruments Mechanix) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Middle East (HKLM-x32\...\Native Instruments Middle East) (Version: 1.1.1.2 - Native Instruments)
Native Instruments Modular Icons (HKLM-x32\...\Native Instruments Modular Icons) (Version: 1.2.2.3 - Native Instruments)
Native Instruments Moebius (HKLM-x32\...\Native Instruments Moebius) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Native Browser Preview Library (HKLM-x32\...\Native Instruments Native Browser Preview Library) (Version: 1.1.0.28 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.11.1.2 - Native Instruments)
Native Instruments Noire (HKLM-x32\...\Native Instruments Noire) (Version: 1.1.0.1 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.13.0.0 - Native Instruments)
Native Instruments Play Series Selection (HKLM-x32\...\Native Instruments Play Series Selection) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Pulse (HKLM-x32\...\Native Instruments Pulse) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.3.0.34474 - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.6.0.34474 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Rush (HKLM-x32\...\Native Instruments Rush) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Scarbee A-200 (HKLM-x32\...\Native Instruments Scarbee A-200) (Version: 1.3.1.1 - Native Instruments)
Native Instruments Scarbee Clavinet Pianet (HKLM-x32\...\Native Instruments Scarbee Clavinet Pianet) (Version: 1.3.1.1 - Native Instruments)
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.4.0.15 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Scene (HKLM-x32\...\Native Instruments Scene) (Version: 1.0.2.1 - Native Instruments)
Native Instruments Session Guitarist - Electric Sunburst (HKLM-x32\...\Native Instruments Session Guitarist - Electric Sunburst) (Version: 1.0.0.11 - Native Instruments)
Native Instruments Session Guitarist - Strummed Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Session Strings 2 (HKLM-x32\...\Native Instruments Session Strings 2) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.8 - Native Instruments)
Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Maverick (HKLM-x32\...\Native Instruments The Maverick) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.4.4.34474 - Native Instruments)
Native Instruments Twenty Five (HKLM-x32\...\Native Instruments Twenty Five) (Version: 1.0.0.18 - Native Instruments)
Native Instruments Una Corda (HKLM-x32\...\Native Instruments Una Corda) (Version: 1.0.0.13 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.5.0.3 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.4.1.4 - Native Instruments)
Native Instruments Yangqin (HKLM-x32\...\Native Instruments Yangqin) (Version: 1.0.0.12 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NoveNotes 3DX (HKLM\...\3DX_is1) (Version: 1.3.3 - NoveNotes)
NoveNotes HPL2 Processor (HKLM\...\HPL2 Processor_is1) (Version: 2.0.0 - NoveNotes)
NVIDIA Graphics Driver 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation)
Obsidian (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 1.3.5 - Obsidian)
occularScope version 1.3.1 (HKLM-x32\...\{ABA502D2-81B2-46A4-B984-5A807D5DB975}_is1) (Version: 1.3.1 - Bom Shanka Machines)
oeksound soothe2 (HKLM\...\soothe2_is1) (Version: 1.1.2 - oeksound)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OTT by Xfer Records (HKLM-x32\...\OTT) (Version: - )
Output Movement (HKLM\...\Movement_is1) (Version: 1.1.1 - Output)
Output Thermal (HKLM\...\Thermal_is1) (Version: 1.0.2 - Output)
Ozone Imager 2 (HKLM\...\Ozone Imager 2) (Version: 2.1.0 - iZotope, Inc.)
Ozone Strike Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
PACE License Support Win64 (HKLM\...\{05F2DB3D-CCAF-434b-9CD7-4B8C026CA17D}) (Version: 5.6.2.4137 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{05F2DB3D-CCAF-434b-9CD7-4B8C026CA17D}) (Version: 5.6.2.4137 - PACE Anti-Piracy, Inc.)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.2 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{1122cfaf-aa52-4ba0-af2e-1e252b647b5b}) (Version: 1.0.6.2 - Patriot Memory)
PaulXStretch version 1.6.0 (HKLM\...\PaulXStretch_is1) (Version: 1.6.0 - )
Phantom Gaming Tuning v3.0.378 (HKLM-x32\...\Phantom Gaming Tuning_is1) (Version: 3.0.378 - ASRock Inc.)
Plugin Alliance Installation Manager 1.2.4 (HKLM-x32\...\Plugin Alliance Installation Manager_is1) (Version: - Plugin Alliance)
Pocket Dimension version 1.0 (HKLM\...\{C2288D66-1B82-468A-95E6-06D400AF3FD2}}_is1) (Version: 1.0 - Freakshow Industries)
Polyverse - Wider version 2.0.0 (HKLM\...\{A7684FCF-245F-4C90-87EE-472DC3EC3868}_is1) (Version: 2.0.0 - Polyverse Music, Inc.)
PORTAL CHAOS Expansion Pack (HKLM-x32\...\{8AB162D8-E817-402D-95C5-CF23F0575366}) (Version: 1.2.1 - Output) Hidden
PORTAL CHAOS Expansion Pack (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\PORTAL CHAOS Expansion Pack 1.2.1) (Version: 1.2.1 - Output)
Portal version 1.0.1 (HKLM\...\Portal_is1) (Version: 1.0.1 - Output)
Product Portal (HKLM-x32\...\Product Portal) (Version: - iZotope, Inc.)
ProjectSAM The Free Orchestra (HKLM-x32\...\ProjectSAM The Free Orchestra) (Version: 2.0.0.1 - ProjectSAM)
PSPaudioware PSP InfiniStrip (HKLM\...\PSP InfiniStrip_is1) (Version: 1.2.2 - PSPaudioware)
Pulsar Smasher (HKLM-x32\...\9F5698D7-A1EA-4593-BB9A-E59A7437023E_is1) (Version: 1.3.9 - Pulsar Audio)
Pulse 40.3.22 (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\a8c3b778-232c-5931-894e-06d03a0f1292) (Version: 40.3.22 - Pulse)
Python 3.11.0 (64-bit) (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\{7f8381ad-2e42-4432-8de5-c7beebe1009f}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Add to Path (64-bit) (HKLM\...\{ACF8763C-83E8-4BE1-B67C-DF86C2E1240A}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Core Interpreter (64-bit) (HKLM\...\{1ED03561-12AC-4A6A-AA85-583281BF0121}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (64-bit) (HKLM\...\{74A2D2BF-BD4F-4D82-812F-EDEB21EA443F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (64-bit) (HKLM\...\{D3773C88-43C6-46CD-AE5F-627FF6C6E5D4}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (64-bit) (HKLM\...\{B28E4BED-428C-40CB-9A29-41E46263246D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (64-bit) (HKLM\...\{0D8459AB-4636-4CD5-A41B-569D7CE159B8}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (64-bit) (HKLM\...\{CB7E1801-9FB8-4763-A369-1D7F290AB24D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (64-bit) (HKLM\...\{6FBFD1F4-0412-4DBB-AA00-F71278CAB664}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (64-bit) (HKLM\...\{D4A2E83A-3BD5-4E0D-9577-7F8CA74B876B}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (64-bit) (HKLM\...\{BD29D023-6B95-47FE-B480-598840EB9A28}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{0E6EEAC9-4913-4C2F-B7D2-761B27C35D7C}) (Version: 3.11.7966.0 - Python Software Foundation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9238.1 - Realtek Semiconductor Corp.)
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
Resident Evil 4 (HKLM-x32\...\{39C909F3-BD7E-4C14-B34D-3FF2123ABFC8}_dixen18_is1) (Version: - dixen18)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
RogueKiller version 15.12.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.12.0.0 - Adlice Software)
Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite)
Serum (HKLM\...\Serum_XR_is1) (Version: 1.363 - Xfer Records)
ShaperBox 3 (HKLM\...\ShaperBox 3_is1) (Version: 3.1.1 - Cableguys)
SINE Player version 1.1.2.519 (HKLM\...\{F2C84AF9-7DD0-4126-8640-D9232FA29793}_is1) (Version: 1.1.2.519 - Orchestral Tools)
SkyNet version 0.2 (HKLM-x32\...\SkyNet_is1) (Version: 0.2 - )
Slate Digital Fresh Air (HKLM\...\{af2fe7e8-08f8-4c81-b875-ec4c7a97a204}Slate Digi~4955043A_is1) (Version: 1.0.8 - Slate Digital)
smart:comp 2 1.0.0 (HKLM\...\smart:comp 2_is1) (Version: 1.0.0 - sonible)
Softube Central 1.7.1 (HKLM\...\b89c234c-07b9-5da2-8d04-7fc5db1017f4) (Version: 1.7.1 - Softube AB)
Softube Dirty Tape (HKLM\...\Softube Dirty Tape) (Version: 2.5.52 - Softube AB)
Softube Drawmer S73 (HKLM\...\Softube Drawmer S73) (Version: 2.5.52 - Softube AB)
Softube Installer Helper (HKLM\...\Softube Installer Helper) (Version: 2.5.28 - Softube AB)
Softube Saturation Knob (HKLM\...\Softube Saturation Knob) (Version: 2.5.52 - Softube AB)
Softube TSAR-1R Reverb (HKLM\...\Softube TSAR-1R Reverb) (Version: 2.5.52 - Softube AB)
Softube Tube Delay (HKLM\...\Softube Tube Delay) (Version: 2.5.52 - Softube AB)
SonoBus version 1.5.1 (HKLM\...\SonoBus_is1) (Version: 1.5.1 - )
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
SoundeviceDigital UrbanPuncher (HKLM\...\SoundeviceDigital UrbanPuncher_is1) (Version: 1.8 - SoundeviceDigital)
Soundpaint 2.0.1 (HKLM\...\{78841126-C6F3-4136-A6AF-DB43EB9DDF9F}_is1) (Version: 2.0.1 - 8Dio)
Soundtheory Gullfoss (HKLM\...\Gullfoss_is1) (Version: 1.10.0 - Soundtheory)
Soundtoys Little Radiator 5 64 bit (HKLM\...\Little Radiator 5 64 bit_is1) (Version: - Soundtoys Inc)
Spitfire Audio version 3.4.0 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.4.0 - Spitfire Audio Holdings Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strezov Sampling The Felt Seiler Free Edition (HKLM-x32\...\Strezov Sampling The Felt Seiler Free Edition) (Version: 1.0.0.1 - Strezov Sampling)
SubLab XL 1.0.2 (HKLM\...\{19611161-9ca4-4a3b-b262-be06ca105c8e}_is1) (Version: - Future Audio Workshop)
Sugar Bytes Effectrix 1.4.4 (HKLM\...\Effectrix_is1) (Version: 1.4.4 - Sugar Bytes)
Sylenth1 v3.073 (HKLM\...\Sylenth1v3_is1) (Version: - )
Synchro Arts ReVoice Pro (HKLM\...\ReVoice Pro_is1) (Version: 4.1.1.2 - Synchro Arts)
Tape MELLO-FI 1.2.0 (HKLM-x32\...\Tape MELLO-FI_is1) (Version: 1.2.0 - Arturia)
TBProAudio bundle 2022.9 (HKLM\...\TBProAudio bundle_is1) (Version: 2022.9 - TB-Software GbR & Team V.R)
TEAM R2R R2R-WAIFU (HKLM\...\R2R-WAIFU_is1) (Version: 1.1.0 - TEAM R2R)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.44.6 - TeamViewer)
Techivation T-Compressor (HKLM-x32\...\Techivation - T-Compressor_is1) (Version: 1.0.9 - )
Things Texture version 1.0.2 (HKLM\...\{78A0AD9C-AC38-4578-A4DD-E094B0CB3658}_is1) (Version: 1.0.2 - AudioThing)
T-RackS 5 version 5.10.0 (HKLM\...\{7609F15A-5EF0-49B8-A6B4-4BBB5FFB9021}_is1) (Version: 5.10.0 - IK Multimedia)
Trackspacer version 2.5.9 (HKLM\...\Trackspacer_is1) (Version: 2.5.9 - )
Transplit version 1.0 (HKLM-x32\...\{C4FC88EA-F37D-Transplit-76E240C13B6C}_is1) (Version: 1.0 - NoiseWorks)
UA Connect 1.4.6 (HKLM\...\c62e79ae-2230-5c20-9316-dd448d27d77b) (Version: 1.4.6 - Universal Audio, Inc.)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UrsaDSP Boost (HKLM\...\Boost_is1) (Version: 1.5.5 - UrsaDSP)
Valhalla DSP Valhalla Delay (HKLM\...\Valhalla Delay_is1) (Version: 2.1.0 - Valhalla DSP)
Valhalla DSP Valhalla Plate (HKLM\...\Valhalla Plate_is1) (Version: 1.6.3.3 - Valhalla DSP)
Valhalla DSP Valhalla Room (HKLM\...\Valhalla Room_is1) (Version: 1.6.2.2 - Valhalla DSP)
Valhalla DSP Valhalla Shimmer (HKLM\...\Valhalla Shimmer_is1) (Version: 1.2.2.2 - Valhalla DSP)
Valhalla DSP Valhalla UberMod (HKLM\...\Valhalla UberMod_is1) (Version: 1.1.6.3 - Valhalla DSP)
Valhalla DSP Valhalla VintageVerb (HKLM\...\Valhalla VintageVerb_is1) (Version: 2.2.0 - Valhalla DSP)
ValhallaFreqEcho version 1.2.0 (HKLM-x32\...\{701F5756-0DA6-43F1-B7EB-64656A02BCD7}_is1) (Version: 1.2.0 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.1.6v3 (HKLM-x32\...\{424F3232-965A-4D12-BDD0-EF33B67D82E8}_is1) (Version: 1.1.6v3 - Valhalla DSP, LLC)
ValhallaSupermassive version 2.0.0 (HKLM-x32\...\{15CEF066-B68E-45E2-83D0-5704E2978D36}_is1) (Version: 2.0.0 - Valhalla DSP, LLC)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Velvet Machine 1.2.1 (HKLM\...\{E212B71B-72DC-44A6-B355-44AC51AA2E7B}_is1) (Version: 1.2.1 - Phonolyth)
Vinyl (HKLM\...\Vinyl) (Version: 1.11.0 - iZotope, Inc.)
Vital version 1.5.5 (HKLM\...\Vital_is1) (Version: 1.5.5 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VMR Complete Bundle (HKLM\...\Slate Digital VMR Complete Bundle_is1) (Version: 2.10.1.3 - Slate Digital)
Voxengo MSED (HKLM\...\Voxengo MSED_is1) (Version: 3.7 - Voxengo)
Voxengo Sound Delay (HKLM\...\Voxengo Sound Delay_is1) (Version: 1.12 - Voxengo)
Voxengo SPAN Plus (HKLM\...\Voxengo SPAN Plus_is1) (Version: 1.22 - Voxengo)
VUMTdeluxe version 2.5.2.0 (HKLM\...\VUMTdeluxe_is1) (Version: 2.5.2.0 - )
Wave Breaker version 1.0.0 (HKLM-x32\...\{742A86DB-F727-4A4A-87EF-1D7F232AE528}}_is1) (Version: 1.0.0 - Press Play)
Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 13.3.1 - Waves Audio Ltd)
Windows SDK AddOn (HKLM-x32\...\{E18618EC-D9DB-4BCE-B382-85ADA2CBB340}) (Version: 10.1.0.0 - Microsoft Corporation)
WXAudio NANI (HKLM\...\NANI_is1) (Version: 2.0.0 - WXAudio)
Xfer Records Serum 1.35b1 (HKLM\...\Xfer Records Serum 1.35b1-r4e_is1) (Version: 1.35b1 - Xfer Records)
XLN Audio RC-20 Retro Color (HKLM\...\RC-20 Retro Color_is1) (Version: 1.2.6.2 - XLN Audio)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version: - )
Xpand!2 (HKLM-x32\...\{dadbcc76-2a7e-4f53-a77a-3868c51bdd80}) (Version: 2.2.7.19000 - AIR Music Tech GmbH)
Xpand!2 Content (HKLM-x32\...\{AEB475C2-FC86-4082-87D7-352DFB075B2C}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden
Xpand!2 Factory Content (HKLM-x32\...\{C1149DC5-F5B9-455E-B6B3-B81D9B5C80A0}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden
Xpand!2 VST64 (HKLM\...\{B9802F00-659C-4C21-9BA5-0958BAC6EFEF}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden
Zemana AntiMalware version 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Zoom (HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\ZoomUMX) (Version: 5.12.9 (10650) - Zoom Video Communications, Inc.)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-09-14] (Canon Inc.)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.0.4.0_x64__ypmq2qh89vmny [2023-09-14] (Turnipsoft)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-09-14] (Instagram)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa [2023-09-16] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1940.11.196.0_x64__8xx8rvfyw5nnt [2023-09-14] (Meta) [Startup Task]
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corporation)
Microsoft.Photos.MediaEngineDLC -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corporation)
Microsoft.Windows.Photos.DLC.Main -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-14] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-09-14] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-14] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.148.0_x64__pwbj9vvecjh7j [2023-09-14] (Amazon Development Centre (London) Ltd)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.7.3.0_neutral__egxr34yet59cg [2023-09-14] (Paddy Xu) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-14] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-09-14] (Bytedance Pte. Ltd.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm [2023-09-16] (WhatsApp Inc.) [Startup Task]
WhatsApp Beta -> C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2337.4.0_x64__cv1g1gvanyjgm [2023-09-16] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3753304850-2271881760-612817905-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-219A82E605EB} -> [Creative Cloud Files] => C:\Users\Skyren\Creative Cloud Files [2022-02-02 15:50]
CustomCLSID: HKU\S-1-5-21-3753304850-2271881760-612817905-1001_Classes\CLSID\{A7F69DDF-0DDE-450E-AFBF-4E449E90E980}\localserver32 -> C:\Program Files\Image-Line\FL Studio 20\System\Tools\Bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
CustomCLSID: HKU\S-1-5-21-3753304850-2271881760-612817905-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\ProgramData\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe (DeepL SE -> DeepL SE)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-09-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-09] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__maonlnecdeecdljpahhnnlmhbmalehlm\Instagram.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm --app-url=hxxps://www.instagram.com/?utm_source=pwa_homescreen --app-launch-source=4
ShortcutWithArgument: C:\Users\Skyren\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\CapCut Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=elkjmlbfikglemnpgkkhkgmmjbljhiom
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\SoundCloud.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=eikjhbkpemdappjfcmdeeeamdpkgabmk
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CapCut Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=elkjmlbfikglemnpgkkhkgmmjbljhiom
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Instagram.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm --app-url=hxxps://www.instagram.com/?utm_source=pwa_homescreen --app-launch-source=4
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\every - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\edgar - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Skyren - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Skyren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\every (everynothing) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 21 zář 2023 13:04

==================== Loaded Modules (Whitelisted) =============

2023-02-08 14:15 - 2022-08-21 03:44 - 001160192 _____ () [File not signed] [File is in use] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-07-05 01:21 - 2019-01-25 04:01 - 000148480 _____ () [File not signed] C:\Program Files\Common Files\VST2\PurestGain64.dll
2022-07-05 14:45 - 2022-07-05 14:45 - 028767744 _____ () [File not signed] C:\Program Files\Common Files\VST3\Soundtheory\Gullfoss Master.vst3
2022-09-04 01:51 - 2019-01-02 23:00 - 010497024 _____ () [File not signed] C:\Program Files\Common Files\VST3\Zynaptiq\INTENSITY VST3.vst3
2023-01-19 18:02 - 2023-01-19 18:02 - 000128000 _____ () [File not signed] c:\program files\image-line\fl studio asio\ilwasapi2asio_x64.dll
2023-02-08 14:16 - 2022-08-19 09:38 - 175591424 _____ () [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2023-02-08 14:16 - 2022-08-19 08:11 - 000442880 _____ () [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2023-02-08 14:16 - 2022-08-19 08:10 - 006480384 _____ () [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2023-02-08 14:16 - 2022-08-19 08:07 - 004077568 _____ () [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2023-02-08 14:16 - 2022-08-19 08:10 - 000828928 _____ () [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2022-08-09 11:44 - 2022-07-27 09:31 - 000064512 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_frozenlist.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000048128 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_helpers.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000235520 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_http_parser.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000041984 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_http_writer.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000027648 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_websocket.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000046592 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\multidict\_multidict.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000076288 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\psutil\_psutil_windows.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000040448 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\tinyaes.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000011776 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\websockets\speedups.cp39-win_amd64.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000134144 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\win32api.pyd
2022-08-09 11:44 - 2022-07-27 09:31 - 000080384 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\yarl\_quoting_c.cp39-win_amd64.pyd
2022-08-25 19:39 - 2023-09-14 11:28 - 000163840 _____ () [File not signed] C:\Users\Skyren\AppData\Roaming\vibranceGUI\vibranceDLL.dll
2022-08-09 17:59 - 2022-08-09 17:59 - 006687440 _____ (A.O.M. Corporation -> ) [File not signed] C:\Program Files\Common Files\VST3\A.O.M\Sakura_Dither.vst3
2021-06-01 21:13 - 2021-06-01 21:13 - 007236608 _____ (AnalogObsession) [File not signed] C:\Program Files\Common Files\VST3\FETISH.vst3\Contents\x86_64-win\FETISH.vst3
2021-09-13 13:41 - 2021-09-13 13:41 - 008577024 _____ (AnalogObsession) [File not signed] C:\Program Files\Common Files\VST3\STEQ.vst3\Contents\x86_64-win\STEQ.vst3
2022-08-09 17:54 - 2022-08-09 17:54 - 074174464 _____ (Antares Audio Technologies) [File not signed] C:\Program Files\Common Files\VST3\Antares\Auto-Tune.vst3
2022-08-09 17:54 - 2022-08-09 17:54 - 007038976 _____ (Antares) [File not signed] C:\Program Files\Common Files\VST3\Antares\Auto-Key.vst3
2020-11-01 22:46 - 2017-12-18 06:00 - 000485376 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMDD.DLL
2022-07-04 22:32 - 2022-07-04 22:32 - 008118272 _____ (Eventide) [File not signed] C:\Program Files\Common Files\VST3\Eventide\SP2016 Reverb.vst3
2022-07-04 22:35 - 2022-07-04 22:35 - 002624000 _____ (FabFilter) [File not signed] C:\Program Files\Common Files\VST3\FabFilter\FabFilter Pro-C 2.vst3
2022-07-04 22:35 - 2022-07-04 22:35 - 002737664 _____ (FabFilter) [File not signed] C:\Program Files\Common Files\VST3\FabFilter\FabFilter Pro-L 2.vst3
2022-07-04 22:35 - 2022-07-04 22:35 - 003364352 _____ (FabFilter) [File not signed] C:\Program Files\Common Files\VST3\FabFilter\FabFilter Saturn 2.vst3
2022-08-05 13:20 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-11-16 09:55 - 2022-11-16 09:55 - 000607032 _____ (Image Line -> ) [File not signed] C:\Program Files\Image-Line\FL Studio 21\Shared\freetype_x64.dll
2022-11-19 06:38 - 2022-11-19 06:38 - 094041088 _____ (iZotope, Inc.) [File not signed] C:\Program Files\Common Files\VST3\iZotope\iZRX10RepairAssistant.dll
2022-11-19 06:38 - 2022-11-19 06:38 - 002630144 _____ (iZotope, Inc.) [File not signed] C:\Program Files\Common Files\VST3\iZotope\RX 10 Repair Assistant.vst3
2022-10-04 14:10 - 2022-10-04 14:10 - 002610688 _____ (iZotope, Inc.) [File not signed] C:\Program Files\Common Files\VST3\iZotope\Vocal Doubler.vst3
2023-07-17 00:44 - 2023-02-27 18:48 - 054672384 _____ (Lunacy Audio) [File not signed] C:\Program Files\Common Files\VST3\CUBE x64.vst3
2020-10-30 21:30 - 2020-10-30 21:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-10-30 21:30 - 2020-10-30 21:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2022-07-06 17:46 - 2022-07-06 17:46 - 010404352 _____ (SoundToys) [File not signed] C:\Program Files\Common Files\VST2\Soundtoys\LittleRadiator.dll
2022-08-09 18:00 - 2020-01-23 00:00 - 000115712 _____ (TEAM R2R) [File not signed] C:\WINDOWS\SYSTEM32\R2RCMEMU.dll
2022-08-09 18:00 - 2020-01-23 00:00 - 000005632 _____ (TEAM R2R) [File not signed] C:\WINDOWS\SYSTEM32\R2RWUPIEMU.dll
2023-02-08 14:16 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\ProgramData\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-07-05 14:57 - 2022-07-05 14:57 - 004877824 _____ (Valhalla DSP, LLC) [File not signed] C:\Program Files\Common Files\VST3\Valhalla DSP\ValhallaDelay.vst3
2022-07-05 14:55 - 2022-07-05 14:55 - 004973568 _____ (Valhalla DSP, LLC) [File not signed] C:\Program Files\Common Files\VST3\Valhalla DSP\ValhallaVintageVerb.vst3
2021-02-01 19:08 - 2021-02-01 18:40 - 003683840 _____ (Visual Space) [File not signed] C:\Program Files\Common Files\VST3\RiviumAI.vst3
2022-09-06 22:21 - 2022-03-28 08:16 - 001722880 _____ (Waves Audio Ltd.) [File not signed] C:\ProgramData\Waves
Audio\Modules\WavesLicenseEngine.bundle\Contents\Win64\WavesLicenseEngine.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Skyren\Cookies:fnqu0yWZrY4IlHaJBCka [2570]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-09-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-09-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-10-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-15] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-11-27 22:20 - 000001111 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
127.0.0.1 focusrite.count.ly

2021-04-15 19:37 - 2021-11-04 05:43 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;c:\Program Files (x86)\Acustica\Framework\;c:\Program Files\Acustica\Framework\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Wi-Fi: SoftEther Lightweight Network Protocol -> SeLow (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WavesLocalServer.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "UAPerfMon"
HKLM\...\StartupApproved\Run32: => "UATrayIcon"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "Ozone Strike Pro Driver"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "Facebook.MessengerDesktop"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "SandboxiePlus_AutoRun"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\...\StartupApproved\Run: => "electron.app.UA Connect"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{510B6381-F089-406E-B784-C068B6F1C6D6}C:\games\epic games\fallguys\fallguys_client_game.exe] => (Allow) C:\games\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [TCP Query User{2A2C1CE4-00CA-48D9-8867-3DE68B56F473}C:\games\epic games\fallguys\fallguys_client_game.exe] => (Allow) C:\games\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{4E2F61BB-0475-4630-8E32-DB6D87121B30}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [TCP Query User{58F88216-AD80-40C4-934C-0D0CC627C7B9}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [UDP Query User{08E64F28-6ECB-4905-9AD0-A2E3E0BD1C7D}C:\program files\cheat engine 7.4\cheatengine-x86_64-sse4-avx2.exe] => (Allow) C:\program files\cheat engine 7.4\cheatengine-x86_64-sse4-avx2.exe (Cheat Engine -> Cheat Engine)
FirewallRules: [TCP Query User{0181B742-A2AD-4B3F-9E02-9CC4019947B2}C:\program files\cheat engine 7.4\cheatengine-x86_64-sse4-avx2.exe] => (Allow) C:\program files\cheat engine 7.4\cheatengine-x86_64-sse4-avx2.exe (Cheat Engine -> Cheat Engine)
FirewallRules: [UDP Query User{D698D8E0-20F8-429C-9669-FF4DC63F7501}C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{92A8E453-4DD2-43C9-BA2C-94FAF7E29F1A}C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D71E41F6-424F-49C4-A4BB-47196FD3422A}C:\program files\synchro arts\revoice pro\revoicepro.exe] => (Allow) C:\program files\synchro arts\revoice pro\revoicepro.exe (Synchro Arts Ltd) [File not signed]
FirewallRules: [TCP Query User{1A534326-D7E3-45EA-8A1D-8551CD45E4F9}C:\program files\synchro arts\revoice pro\revoicepro.exe] => (Allow) C:\program files\synchro arts\revoice pro\revoicepro.exe (Synchro Arts Ltd) [File not signed]
FirewallRules: [UDP Query User{A8CE41A7-0BA6-4305-B389-261713FA1140}C:\games\control ultimate edition\control_dx12.exe] => (Allow) C:\games\control ultimate edition\control_dx12.exe => No File
FirewallRules: [TCP Query User{EC20EFEF-ADA8-4BE8-AE9F-26E991AB6277}C:\games\control ultimate edition\control_dx12.exe] => (Allow) C:\games\control ultimate edition\control_dx12.exe => No File
FirewallRules: [UDP Query User{75FE5695-FBF9-4E03-B4DF-406DF4EFB23F}C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe] => (Allow) C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe (Waves Inc -> Waves Audio Ltd.)
FirewallRules: [TCP Query User{C75C968A-3162-4FF5-9E46-A8CCE5BBFB84}C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe] => (Allow) C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe (Waves Inc -> Waves Audio Ltd.)
FirewallRules: [UDP Query User{10FAA28C-0707-4D83-B419-201E13349D69}C:\program files\sonobus\sonobus.exe] => (Allow) C:\program files\sonobus\sonobus.exe (Sonosaurus LLC -> Sonosaurus)
FirewallRules: [TCP Query User{1BC66E81-6A30-4E38-B421-BF3F01D778F6}C:\program files\sonobus\sonobus.exe] => (Allow) C:\program files\sonobus\sonobus.exe (Sonosaurus LLC -> Sonosaurus)
FirewallRules: [UDP Query User{A381FA62-C799-462F-9E8F-0B5530C00F7E}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{5C44D7C7-98BF-4379-B513-4A7BDAF0B2DA}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{E47E6C1D-000A-4A7B-B5AE-1C1C28DD3E42}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [TCP Query User{461958CD-F435-44E4-AE98-6861513BCFD9}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [UDP Query User{2F9D11C5-76DE-4D9F-A062-2B240F9D0A0F}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{5B78D303-3778-420A-B713-810DEFC6BBB7}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{7CCF652A-936C-438B-AEEA-90859D535A97}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{59093695-472D-4E67-A082-34A90274B5E4}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{4025772A-AB6B-415A-B0B0-50E0B6313199}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{30DE0962-5734-4E2F-AA14-15E44EE88040}C:\games\riot games\riot client\riotclientservices.exe] => (Allow) C:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{5308E786-64D6-4432-85FA-44714A56D115}C:\games\riot games\riot client\riotclientservices.exe] => (Allow) C:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{6D8E980D-8C10-48E3-B544-1E6D769AE6A6}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0A7BE5B5-24B4-4271-8421-66E07DE383F9}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{17F7969C-D483-4559-9499-96CD0C946EA2}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [TCP Query User{6A629B17-4015-41DA-B733-F577A701E341}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [UDP Query User{B582D3F1-FB1D-47A8-A2EE-C48352CD6239}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [TCP Query User{75FF6F8E-A30E-46CA-9CA3-93B9AF332492}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [{8A8C1C37-167F-47A1-932C-9A0691B588E1}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [{DFF7A1E5-E84B-4673-92BC-0B1C2B51403E}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [UDP Query User{DA84954D-6784-4A35-A19D-7AFE05B36E91}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{890DCE5A-CA5C-4E1B-A31E-77462EA0729B}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{0077A242-E75F-41AE-AC2D-83BE2C0D0E64}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [TCP Query User{27F3CDFA-5231-4455-908C-8A9A4E578421}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [{94C78BE5-5A68-44AE-859F-2088C32841A9}] => (Allow) C:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{798620A2-FCAB-4493-86FD-0AD25FA54F2B}] => (Allow) C:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{8BB677A9-EF1E-4421-B1E4-7AAA584A67B8}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{44D206DB-9CA6-4DE3-80DC-A476D642759B}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{471CEEA1-EED8-4B69-A13F-A97CF6D75C0E}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{35333121-41F9-43BE-AA92-2260AD345028}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{2E52DB59-75F8-40F3-808D-B2964A34B124}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{C7DCF85E-2695-4540-A69D-7D7055EDB45A}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{564F2661-7386-474A-A479-9777C62143FA}C:\program files\native instruments\kontakt\kontakt.exe] => (Allow) C:\program files\native instruments\kontakt\kontakt.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [TCP Query User{3D6416EB-6709-49BF-B760-143FBE6CB29D}C:\program files\native instruments\kontakt\kontakt.exe] => (Allow) C:\program files\native instruments\kontakt\kontakt.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [{0E8F3577-BE88-4CDD-92C1-CCA18E69CE93}] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [{75AC666E-3CB4-4071-BE57-89C688504BB2}] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{D6F3BDA9-CC66-49E2-AEB6-C80C1C4D24E7}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{EEB3B3A9-DD4A-4328-98A6-F67AC0DFAC72}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [{24869E34-9A48-4A9F-9031-6EA6945A3758}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD9D4F91-536F-4EF3-A32A-2440E60E0A19}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0505A6B9-C2EF-4941-987B-FCC4A03411D9}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{F7233393-B483-440B-9727-62710E2FFDAD}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [TCP Query User{EE89C335-9FA0-47FA-86C1-F00B8D57B66A}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{8015464E-80A9-462C-816D-EAE71FFDA025}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [{55CC5AF7-E0DE-46E4-9559-B50DF5B5A3DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D97FC95A-E410-4D62-B558-450F13CB84A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AEEDF940-B9B8-4776-B0CC-CF01F3EEA827}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B633BBB-362D-4D8A-B27D-D3B8492D6C12}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{966BA7C7-372B-41B7-830A-C0C8A1F9EAFD}C:\program files\image-line\fl studio 20\fl64.exe] => (Allow) C:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [UDP Query User{35F4E7A4-5042-473E-8FC3-516650E99999}C:\program files\image-line\fl studio 20\fl64.exe] => (Allow) C:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [TCP Query User{E2121004-3492-4D4D-8B1F-7C212897F3BA}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [UDP Query User{E9D6F079-D006-45EE-A32D-D4253810B2BE}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [TCP Query User{55C72285-0604-46AD-8391-AED3E2F10569}C:\program files\image-line\fl studio 20\fl64.exe] => (Allow) C:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [UDP Query User{5D03905D-10B0-4C12-8CD6-71466F55C30E}C:\program files\image-line\fl studio 20\fl64.exe] => (Allow) C:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line)
FirewallRules: [TCP Query User{2C96EF12-C12C-4EC4-BE32-78DEF78FE51D}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [UDP Query User{5777C160-0200-4D18-868A-0107B0DCD42B}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [TCP Query User{DEA9461B-D5BE-480C-B220-1DC68CBE01DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FF7BA786-30AB-4FFE-B5FB-88544F439F3A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{8DE64771-0E02-4385-A2EF-3F9FAF44F31D}C:\program files\image-line\fl studio 20\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files\image-line\fl studio 20\system\tools\bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
FirewallRules: [UDP Query User{2AF65998-7D7D-4BDD-B9D1-7A91E9B1193E}C:\program files\image-line\fl studio 20\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files\image-line\fl studio 20\system\tools\bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
FirewallRules: [TCP Query User{2CECF466-D8F4-4A2C-A33E-52956F9BD8B1}C:\games\resident evil village\re8.exe] => (Allow) C:\games\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{B106B333-9B24-4B3C-992B-8F02B2D23EF4}C:\games\resident evil village\re8.exe] => (Allow) C:\games\resident evil village\re8.exe => No File
FirewallRules: [{FCACB3B7-DC8A-412C-BCEF-08F9B8048365}] => (Allow) C:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FDF68556-6A67-4EB3-B12A-79B0E45DF22A}] => (Allow) C:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{758A3860-CE6C-4B15-A0D2-D4A0F8ACCCE3}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AAEAAA25-FE86-4A6B-9876-985F48CD72F2}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{55BBBF5A-ED6D-42A6-AB0A-9E5E6EC669B4}] => (Allow) C:\Users\Skyren\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A3AE23B1-DB04-4BA3-9D36-41D017014E5F}] => (Allow) C:\Users\Skyren\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EDA102B1-9925-4F62-9985-473CD6715C27}] => (Allow) C:\Users\Skyren\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{BF66CFE3-1BBA-4BEA-BEC9-503FBF06F67F}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{5C43DBC2-941C-4983-86C9-91B69EF2842E}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{84F54173-D753-40AB-AFF8-440114859392}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [UDP Query User{C373238E-C149-4DF9-B3C6-569FC4161C48}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [TCP Query User{180ADD47-3032-4365-95C9-54862B83AD0E}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [UDP Query User{8285945E-5957-45D6-9F44-1141DE6EC272}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [{F2142B95-9336-40B8-9D52-E5EE9415A444}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{05957D51-0DF1-4D79-911F-B55534A33CB2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{78D1A8C9-20FC-41BE-8ECE-ECC991955EE6}C:\program files\image-line\fl studio 21\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files\image-line\fl studio 21\system\tools\bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
FirewallRules: [UDP Query User{1AA9C7EC-B4D7-4814-8A2B-8027E2C3BE98}C:\program files\image-line\fl studio 21\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files\image-line\fl studio 21\system\tools\bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
FirewallRules: [TCP Query User{A30DDF96-3BE6-40AB-BB2B-15DD7E490904}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [UDP Query User{CE168F5E-CCE1-4171-AEAE-E963314D7C76}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [TCP Query User{C7DCDF44-E650-43C4-89E1-85969790FE57}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [UDP Query User{7AA1A340-335E-45EF-A2C9-9DBAF587FACB}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [TCP Query User{DDF1F86E-F98E-4E64-B31B-AE9CC84C047A}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [UDP Query User{76250EE7-4404-42BB-8876-02FFE25C3BAD}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [{AB0315C7-8980-41C9-A302-A26CC8D35167}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F03A2FDC-34F9-4B5E-A4E1-616B90EF0084}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{958D7A0A-C0C5-4E28-9F65-A9ABAD33F24E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C16DA18-8ECD-44E8-8195-2A8AB9B684FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4CA900F-DA2C-484F-BF66-D5CDE6B2CCC5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{94FCFF27-614E-4173-9338-3FCF74977F60}C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{757C19CB-75EC-4F41-BAC5-8DCF2048D0AF}C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{562454BF-09D9-493B-A612-5462075C423C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{9E23AF1A-9CA9-4ADE-8AD8-5002EDE4550A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{98D71D0A-0ED6-41A6-9CF3-140DF09BA2A0}C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe] => (Allow) C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe (Universal Audio, Inc. -> Universal Audio)
FirewallRules: [UDP Query User{75964126-0FF2-441B-8B0A-AA8216398026}C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe] => (Allow) C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe (Universal Audio, Inc. -> Universal Audio)
FirewallRules: [TCP Query User{3BC3C31D-CB24-4B72-A1BA-BB2449EAA323}C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe] => (Allow) C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe (Waves Inc -> Waves Audio Ltd.)
FirewallRules: [UDP Query User{7378AD15-D0EC-4F58-B955-B63EAD4E4EDE}C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe] => (Allow) C:\programdata\waves audio\waveslocalserver\waveslocalserver.bundle\contents\win64\waveslocalserver.exe (Waves Inc -> Waves Audio Ltd.)
FirewallRules: [{6B052240-5BD1-4302-BB1B-DE59BB2463F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7C7D798-7250-4E0F-8098-1E911F8782CD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E668B5F7-E056-4576-A337-A55AB4C6D5E5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AAE4D61-2218-477C-BD68-F77C5ED53CC8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E2ED6C6-8EBC-43DE-8EA2-950B559F229A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A7AA55F4-F5F7-4DC0-A29B-78D44D4F2162}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{8C73516C-54E9-4D6D-B232-D815B80E4BF5}C:\games\riot games\riot client\riotclientservices.exe] => (Allow) C:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E8B246BB-AC1F-4BFD-B5D7-2A6B6858DCCC}C:\games\riot games\riot client\riotclientservices.exe] => (Allow) C:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{9023BFC6-696B-4EB9-B7BC-BE91BFD3AE48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5BF12783-8C0F-40C6-9EDF-341C1EC14555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1B2DA81A-ACB6-4DF7-A9C6-E0485822EDD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{482ACBFA-3B85-4ED6-BF3E-8EF67A04608F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3DD63B99-AC39-493A-BD33-DB62C8397AEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{424A5941-1EC2-41B9-9084-BFD785EAE8AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C7C9E22E-A60D-4FA9-9AB9-514D321AC83C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B10A327-5E1A-42D0-BA8E-CDF3C058ABD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2826C7A3-6AEB-4EC2-8808-9784B2649DA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D4B3A322-3E5B-423E-94C6-736485F777FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{B4F06175-3532-4591-B5DA-94F1AC1A3CAD}C:\games\resident evil 4\re4.exe] => (Allow) C:\games\resident evil 4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{685552D6-C79B-45D7-AFE1-0DF2855EC791}C:\games\resident evil 4\re4.exe] => (Allow) C:\games\resident evil 4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{BE8764A4-EC39-4502-A6D0-301257E2996E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C02C758A-6FBF-4676-8986-DD11C802ADD0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D48BB03-FE72-41CA-B958-17A9C07702B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6755AE32-A972-47FF-94BC-24FA8D24F147}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3653C3E1-21CE-477F-9461-EC13AAB9F201}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CD3EC974-E18B-4817-812D-D656EE047D21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C876A075-54E7-411A-AEE7-DBFE316A5D09}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{39CAF921-ED34-48DC-A884-2B4F8A9654B3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BAE54762-663D-49E0-A0D7-5D5EDB410A9F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8FB64271-E2E2-4BA2-86BB-E1D49339D480}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{83507716-C686-4993-8BAE-7FB83E8786D1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C4B4B225-22DC-474D-BBA4-6E4E44069533}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{0CE6E508-7DED-4BF8-9C15-47E227E6FEA3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{34A0CD96-DA97-489A-9DEF-A50548C83FC4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-09-2023 23:01:33 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Skyren.local already in use; will try Skyren-2.local instead

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Skyren.local. Addr 192.168.2.61

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.61:5353 16 Skyren.local. AAAA 2003:00F3:3F02:C1FD:6DB0:AAE0:9313:2344

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Skyren.local. AAAA FE80:0000:0000:0000:7CA6:503B:BCD1:9560

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.61:5353 16 Skyren.local. AAAA 2003:00F3:3F02:C1FD:6DB0:AAE0:9313:2344

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Skyren.local. Addr 192.168.2.61

Error: (09/19/2023 06:25:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.61:5353 16 Skyren.local. AAAA 2003:00F3:3F02:C1FD:6DB0:AAE0:9313:2344

Error: (09/17/2023 11:53:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Skyren.local. AAAA FE80:0000:0000:0000:7CA6:503B:BCD1:9560


System errors:
=============
Error: (09/16/2023 12:21:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NBDXK71NK08-5319275A.51895FA4EA97F.

Error: (09/16/2023 12:21:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (09/16/2023 12:17:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (09/15/2023 08:27:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Windows Malicious Software Removal Tool x64 - v5.117 (KB890830).

Error: (09/14/2023 06:44:25 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/14/2023 06:27:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Nal Service service failed to start due to the following error:
A certificate was explicitly revoked by its issuer.

Error: (09/14/2023 06:27:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:46:19 AM on ‎9/‎12/‎2023 was unexpected.

Error: (09/14/2023 03:35:12 AM) (Source: DCOM) (EventID: 10010) (User: SKYREN)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2023-09-19 11:02:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-16 00:17:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-09 11:57:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-08 23:18:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-08 03:57:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2023-09-14 06:27:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

CodeIntegrity:
===============
Date: 2023-09-14 06:39:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-14 06:30:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-09-14 06:27:57
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2023-09-14 06:27:57
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys is blocked from loading as the driver has been revoked by Microsoft.

Date: 2023-09-14 06:27:48
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2023-09-14 06:27:48
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.

Date: 2023-09-14 06:27:48
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\GLCKIO2.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2023-09-14 06:27:48
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\GLCKIO2.sys is blocked from loading as the driver has been revoked by Microsoft.

Date: 2023-09-14 06:26:58
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ks.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.70 10/19/2022
Motherboard: ASRock X570 Phantom Gaming-ITX/TB3
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 32692.48 MB
Available physical RAM: 19480.04 MB
Total Virtual: 34740.48 MB
Available Virtual: 17128.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.04 GB) (Free:44.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
Drive d: (256 GB Libraries) (Fixed) (Total:232.88 GB) (Free:61.09 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive e: (128 GB Libraries) (Fixed) (Total:111.79 GB) (Free:0.31 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:18.87 GB) (Model: Samsung SSD 850 EVO 250GB) FAT32
Drive h: (256 GB USB) (Removable) (Total:229.12 GB) (Free:50.93 GB) exFAT
Drive i: (32 GB USB) (Removable) (Total:29.86 GB) (Free:10.82 GB) FAT32

\\?\Volume{444c724c-aa48-467d-b6f4-48dc963705a9}\ () (Fixed) (Total:0.6 GB) (Free:0.04 GB) NTFS
\\?\Volume{518d2348-cad4-4cf7-b22f-972d66973ac6}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: A547FBCD)

Partition: GPT.

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 856B2E89)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 229.1 GB) (Disk ID: D45A6D8F)
Partition 1: (Active) - (Size=229.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (Size: 29.9 GB) (Disk ID: 7853455C)
Partition 1: (Not Active) - (Size=29.9 GB) - (Type=FAT32)

==================== End of Addition.txt =======================
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43119
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod jaro3 » 21 zář 2023 16:12

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {AEE78F62-2209-4CBD-BD71-1CD91767EF6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {34C737EC-4E24-40F0-869A-D6811D337A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E2C268C9-C998-4DE9-B441-833A20EC7438} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {485A1017-BE6C-4C78-9DB6-F64B806E3D63} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Edge Extension: (Tragulidae) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk [2023-09-14] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>
S3 AAErrorPort; C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S3 PRProt; \??\C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\1223673\active64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Skyren\AppData\Roaming\emp.bin
C:\Users\Skyren\AppData\Local\7368ee7c5a2e9307a4d700.36580646
AlternateDataStreams: C:\Users\Skyren\Cookies:fnqu0yWZrY4IlHaJBCka [2570]
FirewallRules: [UDP Query User{4E2F61BB-0475-4630-8E32-DB6D87121B30}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [TCP Query User{58F88216-AD80-40C4-934C-0D0CC627C7B9}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [UDP Query User{A381FA62-C799-462F-9E8F-0B5530C00F7E}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{5C44D7C7-98BF-4379-B513-4A7BDAF0B2DA}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{E47E6C1D-000A-4A7B-B5AE-1C1C28DD3E42}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [TCP Query User{461958CD-F435-44E4-AE98-6861513BCFD9}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [UDP Query User{2F9D11C5-76DE-4D9F-A062-2B240F9D0A0F}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{5B78D303-3778-420A-B713-810DEFC6BBB7}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{7CCF652A-936C-438B-AEEA-90859D535A97}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{59093695-472D-4E67-A082-34A90274B5E4}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{4025772A-AB6B-415A-B0B0-50E0B6313199}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{6D8E980D-8C10-48E3-B544-1E6D769AE6A6}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0A7BE5B5-24B4-4271-8421-66E07DE383F9}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{17F7969C-D483-4559-9499-96CD0C946EA2}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [TCP Query User{6A629B17-4015-41DA-B733-F577A701E341}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [UDP Query User{B582D3F1-FB1D-47A8-A2EE-C48352CD6239}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [TCP Query User{75FF6F8E-A30E-46CA-9CA3-93B9AF332492}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [{8A8C1C37-167F-47A1-932C-9A0691B588E1}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [{DFF7A1E5-E84B-4673-92BC-0B1C2B51403E}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [UDP Query User{DA84954D-6784-4A35-A19D-7AFE05B36E91}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{890DCE5A-CA5C-4E1B-A31E-77462EA0729B}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{0077A242-E75F-41AE-AC2D-83BE2C0D0E64}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [TCP Query User{27F3CDFA-5231-4455-908C-8A9A4E578421}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [UDP Query User{8BB677A9-EF1E-4421-B1E4-7AAA584A67B8}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{44D206DB-9CA6-4DE3-80DC-A476D642759B}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{471CEEA1-EED8-4B69-A13F-A97CF6D75C0E}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{35333121-41F9-43BE-AA92-2260AD345028}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{2E52DB59-75F8-40F3-808D-B2964A34B124}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{C7DCF85E-2695-4540-A69D-7D7055EDB45A}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [{75AC666E-3CB4-4071-BE57-89C688504BB2}] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{D6F3BDA9-CC66-49E2-AEB6-C80C1C4D24E7}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{EEB3B3A9-DD4A-4328-98A6-F67AC0DFAC72}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{0505A6B9-C2EF-4941-987B-FCC4A03411D9}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{F7233393-B483-440B-9727-62710E2FFDAD}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [TCP Query User{EE89C335-9FA0-47FA-86C1-F00B8D57B66A}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{8015464E-80A9-462C-816D-EAE71FFDA025}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [TCP Query User{E2121004-3492-4D4D-8B1F-7C212897F3BA}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [UDP Query User{E9D6F079-D006-45EE-A32D-D4253810B2BE}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [TCP Query User{2C96EF12-C12C-4EC4-BE32-78DEF78FE51D}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [UDP Query User{5777C160-0200-4D18-868A-0107B0DCD42B}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [TCP Query User{BF66CFE3-1BBA-4BEA-BEC9-503FBF06F67F}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{5C43DBC2-941C-4983-86C9-91B69EF2842E}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{84F54173-D753-40AB-AFF8-440114859392}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [UDP Query User{C373238E-C149-4DF9-B3C6-569FC4161C48}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [TCP Query User{180ADD47-3032-4365-95C9-54862B83AD0E}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [UDP Query User{8285945E-5957-45D6-9F44-1141DE6EC272}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [TCP Query User{A30DDF96-3BE6-40AB-BB2B-15DD7E490904}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [UDP Query User{CE168F5E-CCE1-4171-AEAE-E963314D7C76}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [TCP Query User{C7DCDF44-E650-43C4-89E1-85969790FE57}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [UDP Query User{7AA1A340-335E-45EF-A2C9-9DBAF587FACB}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [TCP Query User{DDF1F86E-F98E-4E64-B31B-AE9CC84C047A}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [UDP Query User{76250EE7-4404-42BB-8876-02FFE25C3BAD}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [{6B052240-5BD1-4302-BB1B-DE59BB2463F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A7AA55F4-F5F7-4DC0-A29B-78D44D4F2162}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:465.04 GB) (Free:44.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

C:\ProgramData\{2AB9293C-EA2A-405D-A8B6-07648DF09614}
C:\ProgramData\{217654F4-C0E8-4516-B08F-D727D247193F}
C:\ProgramData\{E4BE7BE3-F1CB-4EFD-BAE0-B416B42F4E25}
C:\ProgramData\{AD75BECB-4585-4F18-94EF-FDF5A1E262D8}
C:\ProgramData\{980CC244-9C7C-4164-8CF2-B27D844AE403}
C:\ProgramData\{48DD7349-38A5-400E-B713-BB5601E12147}
C:\ProgramData\{B4BD1487-5EAE-471D-A9F6-4A862E90504F}
C:\ProgramData\{92DEBC59-ADF2-4DDE-AF5B-C1D72338665C}
C:\ProgramData\{9AC37FA8-2DC7-42DA-BC53-92E47D40C9E4}
C:\ProgramData\{8D6AD9AD-111B-4A18-A026-E16C4FA327E0}
C:\ProgramData\{FF3948AD-A126-492D-814E-4ACDE125EF7E}
Podívej se do těchto složek, i do dalších podobných, zda-li tam není nějaký spustitelný soubor.

Napiš co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 22 zář 2023 00:48

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023
Ran by Skyren (21-09-2023 23:50:44) Run:1
Running from C:\Users\Skyren\Downloads
Loaded Profiles: Skyren
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {AEE78F62-2209-4CBD-BD71-1CD91767EF6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {34C737EC-4E24-40F0-869A-D6811D337A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E2C268C9-C998-4DE9-B441-833A20EC7438} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {485A1017-BE6C-4C78-9DB6-F64B806E3D63} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Edge Extension: (Tragulidae) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk [2023-09-14] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-3753304850-2271881760-612817905-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [podhjnnhgdkkalgkfnnoncpkbplcbadk] - C:\\Users\\Skyren\\AppData\\Local\\apps.crx <not found>
S3 AAErrorPort; C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S3 PRProt; \??\C:\Users\Skyren\AppData\Local\Temp\ActiveAnticheat\1223673\active64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Skyren\AppData\Roaming\emp.bin
C:\Users\Skyren\AppData\Local\7368ee7c5a2e9307a4d700.36580646
AlternateDataStreams: C:\Users\Skyren\Cookies:fnqu0yWZrY4IlHaJBCka [2570]
FirewallRules: [UDP Query User{4E2F61BB-0475-4630-8E32-DB6D87121B30}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [TCP Query User{58F88216-AD80-40C4-934C-0D0CC627C7B9}C:\games\valheim.v0.210.6\valheim.exe] => (Allow) C:\games\valheim.v0.210.6\valheim.exe => No File
FirewallRules: [UDP Query User{A381FA62-C799-462F-9E8F-0B5530C00F7E}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{5C44D7C7-98BF-4379-B513-4A7BDAF0B2DA}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{E47E6C1D-000A-4A7B-B5AE-1C1C28DD3E42}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [TCP Query User{461958CD-F435-44E4-AE98-6861513BCFD9}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe] => (Allow) C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe => No File
FirewallRules: [UDP Query User{2F9D11C5-76DE-4D9F-A062-2B240F9D0A0F}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{5B78D303-3778-420A-B713-810DEFC6BBB7}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{7CCF652A-936C-438B-AEEA-90859D535A97}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{59093695-472D-4E67-A082-34A90274B5E4}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{4025772A-AB6B-415A-B0B0-50E0B6313199}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{6D8E980D-8C10-48E3-B544-1E6D769AE6A6}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0A7BE5B5-24B4-4271-8421-66E07DE383F9}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{17F7969C-D483-4559-9499-96CD0C946EA2}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [TCP Query User{6A629B17-4015-41DA-B733-F577A701E341}C:\games\halo.infinite\halo infinite\haloinfinite.exe] => (Allow) C:\games\halo.infinite\halo infinite\haloinfinite.exe => No File
FirewallRules: [UDP Query User{B582D3F1-FB1D-47A8-A2EE-C48352CD6239}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [TCP Query User{75FF6F8E-A30E-46CA-9CA3-93B9AF332492}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [{8A8C1C37-167F-47A1-932C-9A0691B588E1}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [{DFF7A1E5-E84B-4673-92BC-0B1C2B51403E}] => (Allow) C:\Games\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => No File
FirewallRules: [UDP Query User{DA84954D-6784-4A35-A19D-7AFE05B36E91}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{890DCE5A-CA5C-4E1B-A31E-77462EA0729B}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{0077A242-E75F-41AE-AC2D-83BE2C0D0E64}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [TCP Query User{27F3CDFA-5231-4455-908C-8A9A4E578421}C:\games\gtfo\gtfo.exe] => (Allow) C:\games\gtfo\gtfo.exe => No File
FirewallRules: [UDP Query User{8BB677A9-EF1E-4421-B1E4-7AAA584A67B8}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{44D206DB-9CA6-4DE3-80DC-A476D642759B}C:\games\forza horizon 5\forzahorizon5.exe] => (Allow) C:\games\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{471CEEA1-EED8-4B69-A13F-A97CF6D75C0E}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{35333121-41F9-43BE-AA92-2260AD345028}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{2E52DB59-75F8-40F3-808D-B2964A34B124}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{C7DCF85E-2695-4540-A69D-7D7055EDB45A}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [{75AC666E-3CB4-4071-BE57-89C688504BB2}] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [UDP Query User{D6F3BDA9-CC66-49E2-AEB6-C80C1C4D24E7}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{EEB3B3A9-DD4A-4328-98A6-F67AC0DFAC72}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File
FirewallRules: [TCP Query User{0505A6B9-C2EF-4941-987B-FCC4A03411D9}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{F7233393-B483-440B-9727-62710E2FFDAD}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [TCP Query User{EE89C335-9FA0-47FA-86C1-F00B8D57B66A}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [UDP Query User{8015464E-80A9-462C-816D-EAE71FFDA025}C:\program files (x86)\universal audio\powered plugins\console.exe] => (Allow) C:\program files (x86)\universal audio\powered plugins\console.exe => No File
FirewallRules: [TCP Query User{E2121004-3492-4D4D-8B1F-7C212897F3BA}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [UDP Query User{E9D6F079-D006-45EE-A32D-D4253810B2BE}C:\program files\steinberg\cubase 10.5\cubase10.5.exe] => (Allow) C:\program files\steinberg\cubase 10.5\cubase10.5.exe => No File
FirewallRules: [TCP Query User{2C96EF12-C12C-4EC4-BE32-78DEF78FE51D}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [UDP Query User{5777C160-0200-4D18-868A-0107B0DCD42B}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe => No File
FirewallRules: [TCP Query User{BF66CFE3-1BBA-4BEA-BEC9-503FBF06F67F}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{5C43DBC2-941C-4983-86C9-91B69EF2842E}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{84F54173-D753-40AB-AFF8-440114859392}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [UDP Query User{C373238E-C149-4DF9-B3C6-569FC4161C48}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe] => (Allow) C:\games\the jackbox party pack 9\the jackbox party pack 9.exe => No File
FirewallRules: [TCP Query User{180ADD47-3032-4365-95C9-54862B83AD0E}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [UDP Query User{8285945E-5957-45D6-9F44-1141DE6EC272}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe] => (Allow) C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe => No File
FirewallRules: [TCP Query User{A30DDF96-3BE6-40AB-BB2B-15DD7E490904}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [UDP Query User{CE168F5E-CCE1-4171-AEAE-E963314D7C76}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe] => (Allow) C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe => No File
FirewallRules: [TCP Query User{C7DCDF44-E650-43C4-89E1-85969790FE57}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [UDP Query User{7AA1A340-335E-45EF-A2C9-9DBAF587FACB}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe] => (Allow) C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe => No File
FirewallRules: [TCP Query User{DDF1F86E-F98E-4E64-B31B-AE9CC84C047A}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [UDP Query User{76250EE7-4404-42BB-8876-02FFE25C3BAD}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe] => (Allow) C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe => No File
FirewallRules: [{6B052240-5BD1-4302-BB1B-DE59BB2463F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A7AA55F4-F5F7-4DC0-A29B-78D44D4F2162}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully

"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEE78F62-2209-4CBD-BD71-1CD91767EF6C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEE78F62-2209-4CBD-BD71-1CD91767EF6C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34C737EC-4E24-40F0-869A-D6811D337A0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34C737EC-4E24-40F0-869A-D6811D337A0C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2C268C9-C998-4DE9-B441-833A20EC7438}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2C268C9-C998-4DE9-B441-833A20EC7438}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{485A1017-BE6C-4C78-9DB6-F64B806E3D63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{485A1017-BE6C-4C78-9DB6-F64B806E3D63}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Edge Extension: (Tragulidae) - C:\Users\Skyren\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk [2023-09-14] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk => removed successfully
HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf => removed successfully
HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf => removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11 => removed successfully
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.16 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf => removed successfully
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\S-1-5-21-3753304850-2271881760-612817905-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\podhjnnhgdkkalgkfnnoncpkbplcbadk => removed successfully
HKLM\System\CurrentControlSet\Services\AAErrorPort => removed successfully
AAErrorPort => service removed successfully
HKLM\System\CurrentControlSet\Services\PRProt => removed successfully
PRProt => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Skyren\AppData\Roaming\emp.bin => moved successfully
C:\Users\Skyren\AppData\Local\7368ee7c5a2e9307a4d700.36580646 => moved successfully
C:\Users\Skyren\Cookies => ":fnqu0yWZrY4IlHaJBCka" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4E2F61BB-0475-4630-8E32-DB6D87121B30}C:\games\valheim.v0.210.6\valheim.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{58F88216-AD80-40C4-934C-0D0CC627C7B9}C:\games\valheim.v0.210.6\valheim.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A381FA62-C799-462F-9E8F-0B5530C00F7E}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5C44D7C7-98BF-4379-B513-4A7BDAF0B2DA}C:\users\skyren\appdata\local\discord\app-1.0.9005\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E47E6C1D-000A-4A7B-B5AE-1C1C28DD3E42}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{461958CD-F435-44E4-AE98-6861513BCFD9}C:\games\vampire.survivors.v0.5.0f\vampiresurvivors.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2F9D11C5-76DE-4D9F-A062-2B240F9D0A0F}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B78D303-3778-420A-B713-810DEFC6BBB7}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7CCF652A-936C-438B-AEEA-90859D535A97}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{59093695-472D-4E67-A082-34A90274B5E4}C:\users\skyren\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4025772A-AB6B-415A-B0B0-50E0B6313199}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D8E980D-8C10-48E3-B544-1E6D769AE6A6}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A7BE5B5-24B4-4271-8421-66E07DE383F9}C:\users\skyren\downloads\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17F7969C-D483-4559-9499-96CD0C946EA2}C:\games\halo.infinite\halo infinite\haloinfinite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6A629B17-4015-41DA-B733-F577A701E341}C:\games\halo.infinite\halo infinite\haloinfinite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B582D3F1-FB1D-47A8-A2EE-C48352CD6239}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{75FF6F8E-A30E-46CA-9CA3-93B9AF332492}C:\games\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A8C1C37-167F-47A1-932C-9A0691B588E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFF7A1E5-E84B-4673-92BC-0B1C2B51403E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA84954D-6784-4A35-A19D-7AFE05B36E91}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{890DCE5A-CA5C-4E1B-A31E-77462EA0729B}C:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0077A242-E75F-41AE-AC2D-83BE2C0D0E64}C:\games\gtfo\gtfo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27F3CDFA-5231-4455-908C-8A9A4E578421}C:\games\gtfo\gtfo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8BB677A9-EF1E-4421-B1E4-7AAA584A67B8}C:\games\forza horizon 5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{44D206DB-9CA6-4DE3-80DC-A476D642759B}C:\games\forza horizon 5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{471CEEA1-EED8-4B69-A13F-A97CF6D75C0E}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35333121-41F9-43BE-AA92-2260AD345028}C:\program files\windowsapps\facebook.317180b0bb486_1300.7.115.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E52DB59-75F8-40F3-808D-B2964A34B124}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7DCF85E-2695-4540-A69D-7D7055EDB45A}C:\program files\windowsapps\facebook.317180b0bb486_1280.10.74.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75AC666E-3CB4-4071-BE57-89C688504BB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D6F3BDA9-CC66-49E2-AEB6-C80C1C4D24E7}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EEB3B3A9-DD4A-4328-98A6-F67AC0DFAC72}C:\program files\windowsapps\facebook.317180b0bb486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\archon\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0505A6B9-C2EF-4941-987B-FCC4A03411D9}C:\program files (x86)\universal audio\powered plugins\console.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7233393-B483-440B-9727-62710E2FFDAD}C:\program files (x86)\universal audio\powered plugins\console.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE89C335-9FA0-47FA-86C1-F00B8D57B66A}C:\program files (x86)\universal audio\powered plugins\console.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8015464E-80A9-462C-816D-EAE71FFDA025}C:\program files (x86)\universal audio\powered plugins\console.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E2121004-3492-4D4D-8B1F-7C212897F3BA}C:\program files\steinberg\cubase 10.5\cubase10.5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9D6F079-D006-45EE-A32D-D4253810B2BE}C:\program files\steinberg\cubase 10.5\cubase10.5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2C96EF12-C12C-4EC4-BE32-78DEF78FE51D}C:\program files\bitcoin\bitcoin-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5777C160-0200-4D18-868A-0107B0DCD42B}C:\program files\bitcoin\bitcoin-qt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BF66CFE3-1BBA-4BEA-BEC9-503FBF06F67F}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C43DBC2-941C-4983-86C9-91B69EF2842E}C:\games\steam\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{84F54173-D753-40AB-AFF8-440114859392}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C373238E-C149-4DF9-B3C6-569FC4161C48}C:\games\the jackbox party pack 9\the jackbox party pack 9.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{180ADD47-3032-4365-95C9-54862B83AD0E}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8285945E-5957-45D6-9F44-1141DE6EC272}C:\games\marvels.guardians.of.the.galaxy.deluxe.edition.v2022.02.11\bin\gotg.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A30DDF96-3BE6-40AB-BB2B-15DD7E490904}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE168F5E-CCE1-4171-AEAE-E963314D7C76}C:\games\bendy.and.the.dark.revival.v1.0.2.0255\bendy and the dark revival.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7DCDF44-E650-43C4-89E1-85969790FE57}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7AA1A340-335E-45EF-A2C9-9DBAF587FACB}C:\games\motorcycle.mechanic.simulator.2021.v1.0.41.14\mms21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DDF1F86E-F98E-4E64-B31B-AE9CC84C047A}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76250EE7-4404-42BB-8876-02FFE25C3BAD}C:\games\sons.of.the.forest.v32498\sonsoftheforest.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B052240-5BD1-4302-BB1B-DE59BB2463F0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7AA55F4-F5F7-4DC0-A29B-78D44D4F2162}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29790545 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 602290169 B
Windows/system/drivers => 6889375 B
Edge => 0 B
Chrome => 1765376562 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 662290 B
NetworkService => 670534 B
Skyren => 21598890 B

RecycleBin => 719538 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:55:11 ====
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
Skyren
Level 2.5
Level 2.5
Příspěvky: 297
Registrován: červen 15
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod Skyren » 22 zář 2023 00:58

Nyní mám 131 GB volného místa.

C:\ProgramData\{2AB9293C-EA2A-405D-A8B6-07648DF09614}
C:\ProgramData\{217654F4-C0E8-4516-B08F-D727D247193F}
C:\ProgramData\{E4BE7BE3-F1CB-4EFD-BAE0-B416B42F4E25}
C:\ProgramData\{AD75BECB-4585-4F18-94EF-FDF5A1E262D8}
C:\ProgramData\{980CC244-9C7C-4164-8CF2-B27D844AE403}
C:\ProgramData\{48DD7349-38A5-400E-B713-BB5601E12147}
C:\ProgramData\{B4BD1487-5EAE-471D-A9F6-4A862E90504F}
C:\ProgramData\{92DEBC59-ADF2-4DDE-AF5B-C1D72338665C}
C:\ProgramData\{9AC37FA8-2DC7-42DA-BC53-92E47D40C9E4}
C:\ProgramData\{8D6AD9AD-111B-4A18-A026-E16C4FA327E0}
C:\ProgramData\{FF3948AD-A126-492D-814E-4ACDE125EF7E}

V těchto všech složkách jsou pouze instalátory nástrojů k Native Instruments.

Problémy nejsou, ale stále mě zajíma, zda jde nahodit zpět ten Google Chrome. :|
nVidia MSI GeForce 9600 GT, 512MB

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43119
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Dekuji za kontrolu

Příspěvekod jaro3 » 22 zář 2023 14:50

A myslíš že to skutečně způsobil zoek? Jaká je teplota toho disku?
Podívej se zda tam máš nějaký bod obnovy před zoekem. Nebo zopakovat tu syntaxi v programu zoek.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů